From 0b80585ff1f625555a87e43f833ae2d2c4aae47f Mon Sep 17 00:00:00 2001 From: Alexander Miroshnichenko Date: Wed, 23 Oct 2024 15:53:14 +0300 Subject: [PATCH] add musl systemd profiles --- .../linux/amd64/23.0/musl/hardened/eapi | 1 + .../linux/amd64/23.0/musl/hardened/parent | 1 + .../amd64/23.0/musl/hardened/selinux/eapi | 1 + .../amd64/23.0/musl/hardened/selinux/parent | 2 + .../23.0/musl/hardened/selinux/systemd/eapi | 1 + .../hardened/selinux/systemd/package.unmask | 47 +++++++++++++++++++ .../hardened/selinux/systemd/package.use.mask | 11 +++++ .../23.0/musl/hardened/selinux/systemd/parent | 3 ++ .../musl/hardened/selinux/systemd/use.mask | 1 + .../amd64/23.0/musl/hardened/systemd/eapi | 1 + .../23.0/musl/hardened/systemd/package.unmask | 13 +++++ .../amd64/23.0/musl/hardened/systemd/parent | 3 ++ .../amd64/23.0/musl/hardened/systemd/use.mask | 1 + profiles/profiles.desc | 2 + 14 files changed, 88 insertions(+) create mode 100644 profiles/default/linux/amd64/23.0/musl/hardened/eapi create mode 100644 profiles/default/linux/amd64/23.0/musl/hardened/parent create mode 100644 profiles/default/linux/amd64/23.0/musl/hardened/selinux/eapi create mode 100644 profiles/default/linux/amd64/23.0/musl/hardened/selinux/parent create mode 100644 profiles/default/linux/amd64/23.0/musl/hardened/selinux/systemd/eapi create mode 100644 profiles/default/linux/amd64/23.0/musl/hardened/selinux/systemd/package.unmask create mode 100644 profiles/default/linux/amd64/23.0/musl/hardened/selinux/systemd/package.use.mask create mode 100644 profiles/default/linux/amd64/23.0/musl/hardened/selinux/systemd/parent create mode 100644 profiles/default/linux/amd64/23.0/musl/hardened/selinux/systemd/use.mask create mode 100644 profiles/default/linux/amd64/23.0/musl/hardened/systemd/eapi create mode 100644 profiles/default/linux/amd64/23.0/musl/hardened/systemd/package.unmask create mode 100644 profiles/default/linux/amd64/23.0/musl/hardened/systemd/parent create mode 100644 profiles/default/linux/amd64/23.0/musl/hardened/systemd/use.mask create mode 100644 profiles/profiles.desc diff --git a/profiles/default/linux/amd64/23.0/musl/hardened/eapi b/profiles/default/linux/amd64/23.0/musl/hardened/eapi new file mode 100644 index 0000000..7ed6ff8 --- /dev/null +++ b/profiles/default/linux/amd64/23.0/musl/hardened/eapi @@ -0,0 +1 @@ +5 diff --git a/profiles/default/linux/amd64/23.0/musl/hardened/parent b/profiles/default/linux/amd64/23.0/musl/hardened/parent new file mode 100644 index 0000000..290a895 --- /dev/null +++ b/profiles/default/linux/amd64/23.0/musl/hardened/parent @@ -0,0 +1 @@ +gentoo:default/linux/amd64/23.0/musl/hardened diff --git a/profiles/default/linux/amd64/23.0/musl/hardened/selinux/eapi b/profiles/default/linux/amd64/23.0/musl/hardened/selinux/eapi new file mode 100644 index 0000000..7ed6ff8 --- /dev/null +++ b/profiles/default/linux/amd64/23.0/musl/hardened/selinux/eapi @@ -0,0 +1 @@ +5 diff --git a/profiles/default/linux/amd64/23.0/musl/hardened/selinux/parent b/profiles/default/linux/amd64/23.0/musl/hardened/selinux/parent new file mode 100644 index 0000000..718f97d --- /dev/null +++ b/profiles/default/linux/amd64/23.0/musl/hardened/selinux/parent @@ -0,0 +1,2 @@ +.. +gentoo:features/selinux diff --git a/profiles/default/linux/amd64/23.0/musl/hardened/selinux/systemd/eapi b/profiles/default/linux/amd64/23.0/musl/hardened/selinux/systemd/eapi new file mode 100644 index 0000000..7ed6ff8 --- /dev/null +++ b/profiles/default/linux/amd64/23.0/musl/hardened/selinux/systemd/eapi @@ -0,0 +1 @@ +5 diff --git a/profiles/default/linux/amd64/23.0/musl/hardened/selinux/systemd/package.unmask b/profiles/default/linux/amd64/23.0/musl/hardened/selinux/systemd/package.unmask new file mode 100644 index 0000000..724a3db --- /dev/null +++ b/profiles/default/linux/amd64/23.0/musl/hardened/selinux/systemd/package.unmask @@ -0,0 +1,47 @@ +>=app-admin/abrt-2.10 +app-admin/calamares +app-admin/gnome-abrt +app-admin/mkosi +app-admin/systemdgenie +app-eselect/eselect-gnome-shell-extensions +app-office/wps-office +dev-java/openjdk-bin +>=dev-libs/libreport-2.9 +dev-python/python-systemd +games-util/gamemode +gnome-base/gdm +gnome-base/gnome +gnome-base/gnome-applets +gnome-base/gnome-extra-apps +gnome-base/gnome-flashback +gnome-base/gnome-light +gnome-base/gnome-panel +gnome-base/gnome-shell +gnome-extra/chrome-gnome-shell +gnome-extra/gnome-logs +gnome-extra/gnome-shell-extension-appindicator +gnome-extra/gnome-shell-extension-applications-overview-tooltip +gnome-extra/gnome-shell-extension-bing-wallpaper +gnome-extra/gnome-shell-extension-bluetooth-quick-connect +gnome-extra/gnome-shell-extension-control-blur-effect-on-lock-screen +gnome-extra/gnome-shell-extension-dash-to-panel +gnome-extra/gnome-shell-extension-desktop-icons +gnome-extra/gnome-shell-extension-gsconnect +gnome-extra/gnome-shell-extensions +gnome-extra/gnome-shell-extensions-topicons-plus +gnome-extra/gnome-shell-frippery +gnome-extra/gnome-tweaks +gnome-extra/gnome-user-share +gnome-extra/office-runner +gnome-extra/pch-session +net-firewall/firewalld +sys-apps/dbus-broker +sys-apps/gentoo-systemd-integration +sys-apps/systemd +sys-apps/systemd-readahead +sys-block/wait-for-dri-devices-rules +sys-kernel/installkernel-systemd-boot +sys-process/systemd-cron +www-misc/profile-sync-daemon +>=www-misc/profile-sync-daemon-6 +x11-themes/zukitwo-shell diff --git a/profiles/default/linux/amd64/23.0/musl/hardened/selinux/systemd/package.use.mask b/profiles/default/linux/amd64/23.0/musl/hardened/selinux/systemd/package.use.mask new file mode 100644 index 0000000..2330842 --- /dev/null +++ b/profiles/default/linux/amd64/23.0/musl/hardened/selinux/systemd/package.use.mask @@ -0,0 +1,11 @@ +app-emulation/libvirt -firewalld +gnome-base/gdm -wayland +net-firewall/fwknop -firewalld +www-servers/uwsgi -uwsgi_plugins_systemd_logger +>=x11-wm/mutter-3.22 -wayland +x11-misc/xscreensaver -gdm +x11-misc/gpaste -gnome +x11-terms/gnome-terminal -gnome-shell +x11-themes/arc-theme -gnome-shell +x11-themes/zukitwo -gnome-shell +net-wireless/bluez -user-session diff --git a/profiles/default/linux/amd64/23.0/musl/hardened/selinux/systemd/parent b/profiles/default/linux/amd64/23.0/musl/hardened/selinux/systemd/parent new file mode 100644 index 0000000..8206f4c --- /dev/null +++ b/profiles/default/linux/amd64/23.0/musl/hardened/selinux/systemd/parent @@ -0,0 +1,3 @@ +.. +gentoo:targets/systemd +gentoo:features/merged-usr diff --git a/profiles/default/linux/amd64/23.0/musl/hardened/selinux/systemd/use.mask b/profiles/default/linux/amd64/23.0/musl/hardened/selinux/systemd/use.mask new file mode 100644 index 0000000..00e571a --- /dev/null +++ b/profiles/default/linux/amd64/23.0/musl/hardened/selinux/systemd/use.mask @@ -0,0 +1 @@ +-systemd diff --git a/profiles/default/linux/amd64/23.0/musl/hardened/systemd/eapi b/profiles/default/linux/amd64/23.0/musl/hardened/systemd/eapi new file mode 100644 index 0000000..7ed6ff8 --- /dev/null +++ b/profiles/default/linux/amd64/23.0/musl/hardened/systemd/eapi @@ -0,0 +1 @@ +5 diff --git a/profiles/default/linux/amd64/23.0/musl/hardened/systemd/package.unmask b/profiles/default/linux/amd64/23.0/musl/hardened/systemd/package.unmask new file mode 100644 index 0000000..0725a02 --- /dev/null +++ b/profiles/default/linux/amd64/23.0/musl/hardened/systemd/package.unmask @@ -0,0 +1,13 @@ +app-admin/mkosi +app-admin/systemdgenie +dev-java/openjdk-bin +dev-python/python-systemd +gnome-extra/gnome-logs +gnome-extra/office-runner +sys-apps/dbus-broker +sys-apps/gentoo-systemd-integration +sys-apps/systemd +sys-apps/systemd-readahead +sys-block/wait-for-dri-devices-rules +sys-process/systemd-cron +>=www-misc/profile-sync-daemon-6 diff --git a/profiles/default/linux/amd64/23.0/musl/hardened/systemd/parent b/profiles/default/linux/amd64/23.0/musl/hardened/systemd/parent new file mode 100644 index 0000000..8206f4c --- /dev/null +++ b/profiles/default/linux/amd64/23.0/musl/hardened/systemd/parent @@ -0,0 +1,3 @@ +.. +gentoo:targets/systemd +gentoo:features/merged-usr diff --git a/profiles/default/linux/amd64/23.0/musl/hardened/systemd/use.mask b/profiles/default/linux/amd64/23.0/musl/hardened/systemd/use.mask new file mode 100644 index 0000000..00e571a --- /dev/null +++ b/profiles/default/linux/amd64/23.0/musl/hardened/systemd/use.mask @@ -0,0 +1 @@ +-systemd diff --git a/profiles/profiles.desc b/profiles/profiles.desc new file mode 100644 index 0000000..ed5c908 --- /dev/null +++ b/profiles/profiles.desc @@ -0,0 +1,2 @@ +amd64 default/linux/amd64/23.0/musl/hardened/systemd exp +amd64 default/linux/amd64/23.0/musl/hardened/selinux/systemd exp