blob: fa751e53e6b57d6212f0260d41783327e7a75dff (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
|
# Copyright 2007 Gentoo Foundation.
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/profiles/hardened/package.mask,v 1.32 2007/07/07 16:13:17 kaiowas Exp $
# Mask off gcc-4 for all hardened arches until SSP is sorted out (i.e.
# backport for gcc-4.0 and 4.0/4.1 rigged for SSP support in the C
# library). After that, may still need to be masked on x86 as some
# PIC assembler that worked pre-4 fails post-4, e.g. bug #104966).
# If you want to play with it, unmask in /etc/portage/package.unmask
# but be prepared to rebuild anything you build with gcc-4, later.
# 2006-01-11 kevquinn
=sys-devel/gcc-4*
# Mask off glibc-2.4 until the approach for SSP compatibilty is
# resolved in a way that doesn't break running systems, and we
# have a sensible upgrade path. Advise having a static busybox
# around if you try it in a live system.
# 2006-03-13 kevquinn
=sys-libs/glibc-2.4*
# These packages do more harm than good w/ hardened.
# users must now the opensource xorg nv driver with nvidia cards.
# By placing Driver "nv" in xorg.conf
# 2006-06-29 solar
x11-drivers/nvidia-drivers
x11-drivers/nvidia-legacy-drivers
media-video/nvidia-settings
# Shouldn't be merging these SELinux packages on this profile
# but this keeps repoman happy since they require >=glibc-2.4
# 20061009 pebenito
>=sys-libs/libselinux-1.30.29
>=sys-libs/libsemanage-1.6.17
>=sys-apps/policycoreutils-1.30.30
>=sys-apps/checkpolicy-1.30.12
sec-policy/selinux-acpi
>=sec-policy/selinux-apache-20060101
>=sec-policy/selinux-arpwatch-20060101
>=sec-policy/selinux-asterisk-20060101
>=sec-policy/selinux-audio-entropyd-20060101
sec-policy/selinux-avahi
>=sec-policy/selinux-base-policy-20060101
>=sec-policy/selinux-bind-20060101
sec-policy/selinux-bluez
>=sec-policy/selinux-clamav-20060101
>=sec-policy/selinux-clockspeed-20060101
>=sec-policy/selinux-courier-imap-20060101
sec-policy/selinux-cups
>=sec-policy/selinux-cyrus-sasl-20060101
>=sec-policy/selinux-daemontools-20060101
>=sec-policy/selinux-dante-20060101
sec-policy/selinux-dbus
sec-policy/selinux-desktop
>=sec-policy/selinux-dhcp-20060101
>=sec-policy/selinux-distcc-20060101
>=sec-policy/selinux-djbdns-20060101
>=sec-policy/selinux-ftpd-20060101
sec-policy/selinux-games
>=sec-policy/selinux-gnupg-20060101
>=sec-policy/selinux-gpm-20060101
sec-policy/selinux-hal
sec-policy/selinux-inetd
>=sec-policy/selinux-ipsec-tools-20060101
>=sec-policy/selinux-jabber-server-20060101
>=sec-policy/selinux-kerberos-20060101
>=sec-policy/selinux-logrotate-20060101
sec-policy/selinux-lpd
>=sec-policy/selinux-lvm-20060101
>=sec-policy/selinux-mdadm-20060101
sec-policy/selinux-munin
>=sec-policy/selinux-mysql-20060101
>=sec-policy/selinux-nfs-20060101
>=sec-policy/selinux-ntop-20060101
>=sec-policy/selinux-ntp-20060101
>=sec-policy/selinux-openldap-20060101
>=sec-policy/selinux-openvpn-20060101
sec-policy/selinux-pcmcia
>=sec-policy/selinux-portmap-20060101
>=sec-policy/selinux-postfix-20060101
>=sec-policy/selinux-postgresql-20060101
sec-policy/selinux-ppp
>=sec-policy/selinux-privoxy-20060101
>=sec-policy/selinux-procmail-20060101
>=sec-policy/selinux-publicfile-20060101
sec-policy/selinux-pyzor
>=sec-policy/selinux-qmail-20060101
sec-policy/selinux-razor
>=sec-policy/selinux-samba-20060101
>=sec-policy/selinux-screen-20060101
>=sec-policy/selinux-snmpd-20060101
>=sec-policy/selinux-snort-20060101
>=sec-policy/selinux-spamassassin-20060101
>=sec-policy/selinux-squid-20060101
>=sec-policy/selinux-stunnel-20060101
>=sec-policy/selinux-sudo-20060101
sec-policy/selinux-tcpd
>=sec-policy/selinux-tftpd-20060101
>=sec-policy/selinux-ucspi-tcp-20060101
>=sec-policy/selinux-wireshark-20060101
|
GitWeb