From a6b5aa6dc4cced83ce14cb731dc5e76daa81e1ad Mon Sep 17 00:00:00 2001
From: Krzesimir Nowak <knowak@microsoft.com>
Date: Thu, 24 Apr 2025 10:18:14 +0200
Subject: [PATCH] overlay profiles: Drop enabling caps and audit USE flags for
 specific packages

selinux profile enables the USE flags for all of them.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
---
 .../profiles/coreos/targets/generic/package.use             | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/targets/generic/package.use b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/targets/generic/package.use
index 57d28f782d..ab02def80b 100644
--- a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/targets/generic/package.use
+++ b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/targets/generic/package.use
@@ -10,21 +10,19 @@ app-editors/vim-core	minimal
 # Install our modifications and compatibility symlinks for ssh and ntp
 #
 # Install a SELinux policy directory symlink
-coreos-base/misc-files audit ntp openssh policycoreutils
+coreos-base/misc-files ntp openssh policycoreutils
 
 dev-lang/python		gdbm
 dev-libs/dbus-glib	tools
 dev-libs/elfutils	-utils
 dev-libs/openssl	pkcs11
 net-misc/dhcp	        -server
-net-misc/ntp            caps
 sys-apps/smartmontools	-daemon -update-drivedb -systemd
 sys-block/parted        device-mapper
 sys-fs/lvm2		-readline thin lvm
-sys-libs/pam		audit
 
 # enable journal gateway, bootctl and container features
-sys-apps/systemd audit elfutils gnuefi http importd iptables
+sys-apps/systemd elfutils gnuefi http importd iptables
 
 # epoll is needed for systemd-journal-remote to work. coreos/bugs#919
 net-libs/libmicrohttpd epoll