Re: [gentoo-dev] Packages up for grabs
On 21/06/2017 00:13, Daniel Campbell wrote: > On 06/20/2017 05:53 AM, Pacho Ramos wrote: >> This packages are now up for grabs: >> dev-ml/fort >> media-libs/embree >> x11-wm/i3 >> >> > I use i3-gaps these days, but if no-one else is willing, I'll take up i3 > since it's close enough to i3-gaps to be considered mostly the same. > Dual maintainership is preferred. > I'm a long time i3 aficionado and still use it, would be glad to help co-maintaining it. signature.asc Description: OpenPGP digital signature
Re: [gentoo-dev] Last rites: ruby21-only packages
On 23/06/17 08:45, Hans de Graaff wrote: > # Hans de Graaff (23 Jun 2017) > # Mask ruby21-only packages for removal in 30 days > > # ruby21-only, no maintainer > www-apps/redmine Really? I find it hard to believe that a common package like redmine is ruby-21 only?! http://www.redmine.org/projects/redmine/wiki/redmineinstall#Ruby-interpreter seems to agree. I could proxy this in the event no-one steps forward, as I quite like the front-end. Might need a bit of a hand on the R-on-R stuff if it was available somewhere ... ! Best regards, Michael. signature.asc Description: OpenPGP digital signature
Re: [gentoo-dev] The status of grsecurity upstream and hardened-sources downstream
On Fri, 23 Jun 2017 12:28:27 -0400 "Anthony G. Basile" wrote: > Hardened Gentoo has two sides to it, kernel hardening (done via > hardened-sources) and toolchain/executable hardening. The two are > interrelated but independent enough that toolchain hardening can > continue on its own. The hardened kernel, however, provided PaX > protection for executables and this will be lost. We did a lot of > work to properly maintain PaX markings in our package management > system and there was no part of Gentoo that wasn't touched by issues > stemming from PaX support. Good luck to them at providing a complete userland ecosystem for using pax protection. Good luck at getting people accept and review their often crashing asm patches at upstream projects that won't even be able to test their benefits. Maybe we should start a business for this ? :) http://static.sstic.org/videos2015/SSTIC_2015-06-03_P08_CLIP.mp4 (This is for Patrice) We'll need to decide what to do with things like USE=pic. For media packages this is not something you usually want to enable as you can bear the 10Mb relocations at startup to have 10% or more performance improvement when reading your 2hours long movie. Alexis.
Re: [gentoo-dev] Last rites: ruby21-only packages
Hello. I submitted proxy-maintainer request some time ago for redmine: https://bugs.gentoo.org/show_bug.cgi?id=590646 And here PR for new 3.3.3: https://github.com/gentoo/gentoo/pull/4550 2017-06-24 14:23 GMT+05:00 M. J. Everitt : > On 23/06/17 08:45, Hans de Graaff wrote: > > # Hans de Graaff (23 Jun 2017) > > # Mask ruby21-only packages for removal in 30 days > > > > # ruby21-only, no maintainer > > www-apps/redmine > Really? I find it hard to believe that a common package like redmine is > ruby-21 only?! > > http://www.redmine.org/projects/redmine/wiki/redmineinstall#Ruby- > interpreter > seems to agree. > > I could proxy this in the event no-one steps forward, as I quite like > the front-end. > > Might need a bit of a hand on the R-on-R stuff if it was available > somewhere ... ! > > Best regards, > > Michael. > > -- >From Siberia with Love!
Re: [gentoo-dev] The status of grsecurity upstream and hardened-sources downstream
On 6/24/17 6:04 AM, Alexis Ballier wrote: > On Fri, 23 Jun 2017 12:28:27 -0400 > "Anthony G. Basile" wrote: > >> Hardened Gentoo has two sides to it, kernel hardening (done via >> hardened-sources) and toolchain/executable hardening. The two are >> interrelated but independent enough that toolchain hardening can >> continue on its own. The hardened kernel, however, provided PaX >> protection for executables and this will be lost. We did a lot of >> work to properly maintain PaX markings in our package management >> system and there was no part of Gentoo that wasn't touched by issues >> stemming from PaX support. > > > Good luck to them at providing a complete userland ecosystem for using > pax protection. Good luck at getting people accept and review their > often crashing asm patches at upstream projects that won't even be able > to test their benefits. > > Maybe we should start a business for this ? :) > http://static.sstic.org/videos2015/SSTIC_2015-06-03_P08_CLIP.mp4 > (This is for Patrice) Correct. Zorry, myself and others on the hardened team did a lot to make userland play nice with the hardened-kernel. It represents most of my effort in Gentoo. > > > > We'll need to decide what to do with things like USE=pic. For media > packages this is not something you usually want to enable as you can > bear the 10Mb relocations at startup to have 10% or more performance > improvement when reading your 2hours long movie. It will be a mess going forward. We will necessarily have to start dropping pax related stuff, if for no other reason than we can't support making a package work under pax if we have no pax enabled kernel to test on. Once this is gone, such bugs will float upstream to pipacs and spender. "Good luck" is right. > > > Alexis. > -- Anthony G. Basile, Ph.D. Gentoo Linux Developer [Hardened] E-Mail: bluen...@gentoo.org GnuPG FP : 1FED FAD9 D82C 52A5 3BAB DC79 9384 FA6E F52D 4BBA GnuPG ID : F52D4BBA
