On 12/18/2014 07:09 PM, Anthony G. Basile wrote: > Hi fellow hardened devs: > > I'm sorry for missing the meeting but things came up and the day got > hectic. It is an important meeting because we were to discuss: > > 1) what we want with toolchain.eclass - There is a move to get rid of > the eclas because it is "messy". This is probably a bad thing in > general and especially for hardened so we should discuss the pros and > cons and what we want. > > 2) what to do about tar and POSIX capabilities in the context of > building stage3's. Utilities like ping that used to be setuid to root > are now just using posix caps. But preserving xattrs with tar is > tricky. Since we dealt with this for the user.pax.* xattr namespace > jmbsvicetto asked us to look at security.capability. However, the issue > may now be mute because I just got a message from him that > > tar --xattrs --xattrs-include=security.capability > --xattrs-include=user.* --acls -xjpvf > > works to get us all the xattr goodies we need for hardened and gentoo in > general. > > > We should try to discuss 1 soon-ish before Cthulu awakens and madness > reigns in gentoo. > regarding 1: a refactoring is in order probably, but what are the specific complaints?
regarding 2: The thing we need to ask is if we want to ask users to run that to extract stage3 tarballs, instead of -xf and the like. -- -- Matthew Thode (prometheanfire)
