Alan McKinnon <alan.mckinnon <at> gmail.com> writes:
> There's nothing magic about a profile. All it does is set a bunch of > variables and possibly specify some extra apps to be merged. It's a > convenience, and there's nothing to stop you from finding out what those > variables are and adding them to USE yourself, and adding the packages > to world yourself. Agreed. Better to set (configure for) a flag twice than not at all.... > For hardened, there is no hardened desktop profile. Apparently that was > a world of pain for the devs. Adding desktop software to a hardened > system is easy, hardening a desktop system is harder. So I'd say chose a > hardened profile, then add X to USE and merge your choice of WM/DE Sure, I'd go the full blown SeLinux route if I want/needed each app secured. Maybe SVEN will start with SeLinux config opens for each app that needs it? Or a ansible_after_the_install_file ? Too much for me to contemplate for now. Pentoo is coming along quite nicely.... What I'm really looking for is a sane approach to flags on a myriad of systems that I plan to install, manage and dynamically modify via ansible. Ansible_fever is taking control over my thoughts and actions.... I'm going to start a new thread as this line of thinking has me looking for a logical way to sanely manage a myriad of gentoo systems flags for a large variety of (gentoo) systems. Save your ideas, a new thread is being formulated with some other issues mixed in.... > [1] When wayland becomes a first-class Linux citizen, this will likely > change Yep, but that's being avoided by me for now, as I think that puppy (Weyland) is going to a difficult roll out to say the least.... thx, James
