From e349d36ba679ba6a9cd7a9381c3fe76bc20918eb Mon Sep 17 00:00:00 2001 From: Krzesimir Nowak Date: Mon, 24 Jan 2022 16:47:12 +0100 Subject: [PATCH] profiles: Update systemd use flags - Consolidate them (so enabling selinux and disabling hybrid cgroups was moved). - Remove outdated masks (arm64 does not mask any use flags any more) and use flags (ssl was replaced in favor of +openssl and gnutls, introspection is gone). - Add gnuefi (for bootctl, earlier it was built if we requested general efi support, now it's built when support also for gnu-efi is requested). --- .../profiles/coreos/arm64/package.use.force | 2 -- .../profiles/coreos/arm64/package.use.mask | 3 --- .../coreos-overlay/profiles/coreos/base/package.use | 10 ++++------ 3 files changed, 4 insertions(+), 11 deletions(-) diff --git a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/arm64/package.use.force b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/arm64/package.use.force index cc901cedad..72862a71e9 100644 --- a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/arm64/package.use.force +++ b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/arm64/package.use.force @@ -1,5 +1,3 @@ -sys-apps/systemd -introspection - # Matt Turner (2020-03-28) # wget is the default FETCHCOMMAND, and most distfiles are distributed via # HTTPS. Bug #611072 diff --git a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/arm64/package.use.mask b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/arm64/package.use.mask index 97d928a576..91f11200ab 100644 --- a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/arm64/package.use.mask +++ b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/arm64/package.use.mask @@ -1,5 +1,2 @@ # This fails from -Werror=implicit-fallthrough, and it's disabled in the SDK. sys-devel/gcc sanitize - -# Undo Gentoo masking all this on arm64. -sys-apps/systemd -cryptsetup -http -policykit -qrcode -xkb diff --git a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.use b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.use index 3336776b96..59f209a20e 100644 --- a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.use +++ b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.use @@ -28,8 +28,10 @@ net-analyzer/nmap ncat -system-lua # removes mta dependencies app-admin/sudo -sendmail -# use lzma which is the default on non-gentoo systems, avoid pulling in gnutls -sys-apps/systemd build curl gcrypt idn libidn2 lzma -ssl +# use lzma which is the default on non-gentoo systems, use gnuefi for +# bootctl, enable selinux, disable hybrid cgroup as we use the unified +# mode now +sys-apps/systemd build curl idn lzma gnuefi selinux -cgroup-hybrid net-libs/libmicrohttpd -ssl # disable kernel config detection and module building @@ -85,7 +87,6 @@ sys-fs/btrfs-progs -zstd # Enable SELinux for all targets coreos-base/coreos selinux sys-apps/dbus selinux -sys-apps/systemd selinux # Enable SELinux for coreutils sys-apps/coreutils selinux @@ -127,9 +128,6 @@ net-firewall/iptables nftables # Install `perl` with a minimal set of dependencies dev-lang/perl minimal -# Disable cgroup-hybrid as we use the unified mode -sys-apps/systemd -cgroup-hybrid - # Remove support for GObject introspection sys-auth/polkit -introspection