[gentoo-dev] profiles/arch/amd64/no-multilib cleanup WAS: [PATCH 1/8] profiles/hardened: Include base amd64-multilib profile in subprofile

[Michael Haubenwallner]

On 01/21/2017 11:59 PM, Michał Górny wrote:
> Include arch/amd64/no-multilib in the hardened no-multilib amd64
> variant. Confirmed with profile-dumper that it does not currently change
> anything.
> ---
>  profiles/hardened/linux/amd64/no-multilib/parent | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/profiles/hardened/linux/amd64/no-multilib/parent 
> b/profiles/hardened/linux/amd64/no-multilib/parent
> index 8305c3556463..0defac31415d 100644
> --- a/profiles/hardened/linux/amd64/no-multilib/parent
> +++ b/profiles/hardened/linux/amd64/no-multilib/parent
> @@ -1,2 +1,3 @@
> +../../../../arch/amd64/no-multilib
>  ..
> 

As hardened/linux/amd64 does inherit arch/amd64, this way arch/amd64
always overrides arch/amd64/no-multilib, rendering the latter useless.

Instead, profiles/hardened/linux/amd64/no-multilib/parent should read:
 ..
 ../../../../arch/amd64/no-multilib

Beyond that:
While arch/amd64/no-multilib of course _is_ an override to arch/amd64,
question is whether it also should _perform_ the override by itself.

Currently it does perform the override, causing lots of subsequent profiles
to end up with arch/amd64 inherited multiple times - most prominent is the
default/linux/amd64/13.0/no-multilib profile.

So removing arch/amd64/no-multilib/parent would simplify things here.

Thoughts?
/haubi/

From 9457fd8eb330a94a15bb91decec522fe1c027986 Mon Sep 17 00:00:00 2001
From: Michael Haubenwallner <ha...@gentoo.org>
Date: Thu, 2 Mar 2017 13:52:58 +0100
Subject: [PATCH] profiles/hardened/linux/amd64/no-multilib: inherit
 arch/amd64/no-multilib late

Whether  arch/amd64/no-multilib  does _inherit_  arch/amd64
or not,  arch/amd64/no-multilib  does _extend_   arch/amd64 anyway.

So inheriting  arch/amd64/no-multilib  before  arch/amd64  always will
    reset the  arch/amd64/no-multilib  to the  arch/amd64  values.
---
 profiles/hardened/linux/amd64/no-multilib/parent | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/profiles/hardened/linux/amd64/no-multilib/parent 
b/profiles/hardened/linux/amd64/no-multilib/parent
index 2909df6..9bf59c5 100644
--- a/profiles/hardened/linux/amd64/no-multilib/parent
+++ b/profiles/hardened/linux/amd64/no-multilib/parent
@@ -1,2 +1,2 @@
-../../../../arch/amd64/no-multilib
 ..
+../../../../arch/amd64/no-multilib
-- 
2.10.2


From 3f8eb7869937d6da2f79b0a6eeb448f6eedea7b3 Mon Sep 17 00:00:00 2001
From: Michael Haubenwallner <ha...@gentoo.org>
Date: Thu, 2 Mar 2017 14:45:16 +0100
Subject: [PATCH] profiles/arch/amd64/no-multilib: do not inherit arch/amd64

While arch/amd64/no-multilib of course _is_ an override to arch/amd64,
is should not _perform_ the override by itself, as that causes lots of
subsequent profiles to end up with arch/amd64 inherited multiple times,
most prominent is the default/linux/amd64/13.0/no-multilib profile.
---
 profiles/arch/amd64/no-multilib/parent | 1 -
 1 file changed, 1 deletion(-)
 delete mode 100644 profiles/arch/amd64/no-multilib/parent

diff --git a/profiles/arch/amd64/no-multilib/parent 
b/profiles/arch/amd64/no-multilib/parent
deleted file mode 100644
index f3229c5..00000000
--- a/profiles/arch/amd64/no-multilib/parent
+++ /dev/null
@@ -1 +0,0 @@
-..
-- 
2.10.2