kerframil at gmail
Sep 30, 2009, 3:47 AM
Post #11 of 12
(1300 views)
Permalink
|
2009/9/30 Ed W <lists [at] wildgooses>:
> Gordon Malm wrote:
>>
>> It is my estimation that flag was disabled by mistake on the
>> hardened/linux/${arch} profiles. I have re-enabled it. Should be fixed on
>> your next sync.
>>
>>
>
>
> Quick question and slightly OT
>
> How do others setup their own "profile"?
>
> I'm thinking that I try to sync a base /etc/make.conf across quite a few
> machines and whilst each machine slightly customises this, it would be
> really nice to have a master set of USE defaults and package.use /
> package.keywords options
>
> I presume one needs to simply setup the profile somewhere outside of the
> /portage directory and then reference it? Any thing else needed other than
> a "parent" file pointing back at the real base profile?
>
> Any other tips from others who do something like this?
Personally, I believe that gentoo has suffered from global USE flag
bloat for a long time. It is unfortunate that aligning the hardened
profile with the (nowadays complex) de-facto profile stack brings that
problem over into the hardened camp as a side effect. If I had a penny
for every obscure bug, block and obtuse manifestation of breakage for
which I have assisted users with that can be attributed to the system
complexity and fragility that results, I would probably be happily in
retirement by now. What's more, packages still make sadly limited and,
at times, questionable use of the pkginternal feature (IUSE="+gtk" in
net-analyzer/wireshark being an example that I find particularly
grating).
Essentially, I see it as an unholy mess and have long since given up
hope that there will ever be anything resembling a coherent and
carefully considered policy. So, being confident as to my preferences
and wishing to keep this policy area under my direct control, I have
long since eschewed the profile-sourced defaults. Here's an example of
how I go about it from one of my servers:
USE_ORDER="env:pkg:conf:pkginternal"
USE_CORE="cracklib hardened nptl pam pic readline ncurses unicode urandom zlib"
USE="${USE_CORE} mmx mmxext sse sse2 sse3 sse4.1 pcre"
The trick here is to drop "profile" from USE_ORDER (it is there by
default). The 'core' flags there are essentially a slightly reduced
version of those defined in the now deprecated profile. Frankly, even
these constitute too many global flags for my taste, but there are
some there which - after much deliberation - I determined should
remain. This has rather more to do with the manner in which certain
ebuilds work and the assumptions made on the part of their developers
rather than what I deem as being 'safe'.
Aside from that, I employ package.use extensively and often use
comments to make it perfectly clear as to why a given flag has been
switched on or off.
Regarding "nls", as someone who requires only English language
support, I find it to be almost useless. I say almost because, while
it is not necessarily required, I would say that it is a reasonable
default for php (some php applications require it). Why php still
fails to make use of pkginternal is something I continue to find
baffling.
Cheers,
--Kerin
|
