diff --git a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/arm64/package.use.force b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/arm64/package.use.force index cc901cedad..72862a71e9 100644 --- a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/arm64/package.use.force +++ b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/arm64/package.use.force @@ -1,5 +1,3 @@ -sys-apps/systemd -introspection - # Matt Turner (2020-03-28) # wget is the default FETCHCOMMAND, and most distfiles are distributed via # HTTPS. Bug #611072 diff --git a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/arm64/package.use.mask b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/arm64/package.use.mask index 97d928a576..91f11200ab 100644 --- a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/arm64/package.use.mask +++ b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/arm64/package.use.mask @@ -1,5 +1,2 @@ # This fails from -Werror=implicit-fallthrough, and it's disabled in the SDK. sys-devel/gcc sanitize - -# Undo Gentoo masking all this on arm64. -sys-apps/systemd -cryptsetup -http -policykit -qrcode -xkb diff --git a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.use b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.use index 3336776b96..59f209a20e 100644 --- a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.use +++ b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.use @@ -28,8 +28,10 @@ net-analyzer/nmap ncat -system-lua # removes mta dependencies app-admin/sudo -sendmail -# use lzma which is the default on non-gentoo systems, avoid pulling in gnutls -sys-apps/systemd build curl gcrypt idn libidn2 lzma -ssl +# use lzma which is the default on non-gentoo systems, use gnuefi for +# bootctl, enable selinux, disable hybrid cgroup as we use the unified +# mode now +sys-apps/systemd build curl idn lzma gnuefi selinux -cgroup-hybrid net-libs/libmicrohttpd -ssl # disable kernel config detection and module building @@ -85,7 +87,6 @@ sys-fs/btrfs-progs -zstd # Enable SELinux for all targets coreos-base/coreos selinux sys-apps/dbus selinux -sys-apps/systemd selinux # Enable SELinux for coreutils sys-apps/coreutils selinux @@ -127,9 +128,6 @@ net-firewall/iptables nftables # Install `perl` with a minimal set of dependencies dev-lang/perl minimal -# Disable cgroup-hybrid as we use the unified mode -sys-apps/systemd -cgroup-hybrid - # Remove support for GObject introspection sys-auth/polkit -introspection