Merge branch 'master' of git+ssh://git.overlays.gentoo.org/proj/releng

releases/2008.0/scripts/livecd.sh

@@ -38,7 +38,6 @@ echo "#####################################################" >> /etc/fstab
 
 # fstab tweaks
 echo "tmpfs	/		tmpfs	defaults	0 0" >> /etc/fstab
-echo "tmpfs	/lib/firmware	tmpfs	defaults	0 0" >> /etc/fstab
 echo "tmpfs	/usr/portage	tmpfs	defaults	0 0" >> /etc/fstab
 #echo "tmpfs	/boot		tmpfs	defaults	0 0" >> /etc/fstab
 

releases/weekly/scripts/livecd.sh

@@ -38,7 +38,6 @@ echo "#####################################################" >> /etc/fstab
 
 # fstab tweaks
 echo "tmpfs	/		tmpfs	defaults	0 0" >> /etc/fstab
-echo "tmpfs	/lib/firmware	tmpfs	defaults	0 0" >> /etc/fstab
 echo "tmpfs	/usr/portage	tmpfs	defaults	0 0" >> /etc/fstab
 #echo "tmpfs	/boot		tmpfs	defaults	0 0" >> /etc/fstab
 

releases/weekly/specs/amd64/hardened/admincd-stage1.spec

@@ -62,6 +62,7 @@ livecd/packages:
 	app-editors/mg
 	app-editors/vim
 	app-emacs/ebuild-mode
+	app-emulation/xen-tools
 	app-misc/colordiff
 	app-misc/mc
 	app-misc/pax-utils

releases/weekly/specs/x86/hardened/admincd-stage1.spec

@@ -62,6 +62,7 @@ livecd/packages:
 	app-editors/mg
 	app-editors/vim
 	app-emacs/ebuild-mode
+	app-emulation/xen-tools
 	app-misc/colordiff
 	app-misc/mc
 	app-misc/pax-utils

tools-musl/.gitignore

@@ -1,2 +1,2 @@
-stage*
-*.log
+*log
+*err

tools-musl/clean.sh

@@ -0,0 +1,6 @@
+#!/bin/bash
+
+# This just removes the temporary conf err and log
+# files generated during a run
+
+rm -f *conf *err *log

tools-musl/portage.amd64.hardened/bashrc

@@ -0,0 +1,15 @@
+post_src_install() {
+	[[ $PN != musl ]] && return 0
+
+	local LDSO_ARCH=$(basename "${D}"/lib/ld-musl-*.so.1)
+	mkdir "${D}"/usr/etc
+	cat > "${D}"/usr/etc/${LDSO_ARCH%so.1}path <<EOF
+/lib
+/usr/lib
+/usr/local/lib
+/usr/lib/opengl/xorg-x11/lib
+/usr/lib/gcc/${CHOST}/4.7.3
+/usr/${CHOST}/lib
+/usr/games/lib
+EOF
+}

tools-musl/portage.amd64.hardened/env/libintl.conf

@@ -0,0 +1,2 @@
+CFLAGS="-Wl,-lintl"
+LDFLAGS="-lintl"

tools-musl/portage.amd64.hardened/package.env

@@ -1,4 +1,6 @@
-dev-vcs/git libintl.conf
+dev-libs/glib libintl.conf
+dev-libs/libelf libintl.conf
+sys-apps/attr libintl.conf
 sys-apps/kbd libintl.conf
 sys-apps/man-db parallel.conf
 sys-apps/net-tools libintl.conf

tools-musl/portage.amd64.hardened/package.keywords

@@ -0,0 +1,2 @@
+=sys-libs/musl-1.1.2 ~*
+=sys-apps/getent-0 ~*

tools-musl/portage.amd64.hardened/package.unmask

@@ -0,0 +1 @@
+=dev-libs/openssl-1.0.1g-r99::hardened-dev

tools-musl/portage.amd64.hardened/package.use

@@ -0,0 +1 @@
+sys-libs/musl nls

tools-musl/portage.amd64.vanilla/bashrc

@@ -0,0 +1,15 @@
+post_src_install() {
+	[[ $PN != musl ]] && return 0
+
+	local LDSO_ARCH=$(basename "${D}"/lib/ld-musl-*.so.1)
+	mkdir "${D}"/usr/etc
+	cat > "${D}"/usr/etc/${LDSO_ARCH%so.1}path <<EOF
+/lib
+/usr/lib
+/usr/local/lib
+/usr/lib/opengl/xorg-x11/lib
+/usr/lib/gcc/${CHOST}/4.7.3
+/usr/${CHOST}/lib
+/usr/games/lib
+EOF
+}

tools-musl/portage.amd64.vanilla/env/libintl.conf

@@ -0,0 +1,2 @@
+CFLAGS="-Wl,-lintl"
+LDFLAGS="-lintl"

tools-musl/portage.amd64.vanilla/package.env

@@ -0,0 +1,9 @@
+dev-libs/glib libintl.conf
+dev-libs/libelf libintl.conf
+sys-apps/attr libintl.conf
+sys-apps/kbd libintl.conf
+sys-apps/man-db parallel.conf
+sys-apps/net-tools libintl.conf
+sys-fs/e2fsprogs libintl.conf
+sys-fs/eudev libintl.conf
+sys-process/procps libintl.conf

tools-musl/portage.amd64.vanilla/package.keywords

@@ -0,0 +1,2 @@
+=sys-libs/musl-1.1.2 ~*
+=sys-apps/getent-0 ~*

tools-musl/portage.amd64.vanilla/package.mask

@@ -0,0 +1,3 @@
+>sys-devel/gcc-4.7.3-r99
+sys-apps/systemd
+sys-fs/udev

tools-musl/portage.amd64.vanilla/package.unmask

@@ -0,0 +1 @@
+=dev-libs/openssl-1.0.1g-r99::hardened-dev

tools-musl/portage.amd64.vanilla/package.use

@@ -0,0 +1 @@
+sys-libs/musl nls

tools-musl/portage.amd64.vanilla/profile/use.mask

@@ -0,0 +1 @@
+hardened

tools-musl/portage.armv7a.hardened/bashrc

@@ -0,0 +1,15 @@
+post_src_install() {
+	[[ $PN != musl ]] && return 0
+
+	local LDSO_ARCH=$(basename "${D}"/lib/ld-musl-*.so.1)
+	mkdir "${D}"/usr/etc
+	cat > "${D}"/usr/etc/${LDSO_ARCH%so.1}path <<EOF
+/lib
+/usr/lib
+/usr/local/lib
+/usr/lib/opengl/xorg-x11/lib
+/usr/lib/gcc/${CHOST}/4.7.3
+/usr/${CHOST}/lib
+/usr/games/lib
+EOF
+}

tools-musl/portage.armv7a.hardened/env/libintl.conf

@@ -0,0 +1,2 @@
+CFLAGS="-Wl,-lintl"
+LDFLAGS="-lintl"

tools-musl/portage.armv7a.hardened/env/parallel.conf

@@ -0,0 +1 @@
+MAKEOPTS=-j1

tools-musl/portage.armv7a.hardened/package.env

@@ -0,0 +1,9 @@
+dev-libs/glib libintl.conf
+dev-libs/libelf libintl.conf
+sys-apps/attr libintl.conf
+sys-apps/kbd libintl.conf
+sys-apps/man-db parallel.conf
+sys-apps/net-tools libintl.conf
+sys-fs/e2fsprogs libintl.conf
+sys-fs/eudev libintl.conf
+sys-process/procps libintl.conf

tools-musl/portage.armv7a.hardened/package.keywords

@@ -0,0 +1,2 @@
+=sys-libs/musl-1.1.2 ~*
+=sys-apps/getent-0 ~*

tools-musl/portage.armv7a.hardened/package.mask

@@ -0,0 +1,3 @@
+>sys-devel/gcc-4.7.3-r99
+sys-apps/systemd
+sys-fs/udev

tools-musl/portage.armv7a.hardened/package.unmask

@@ -0,0 +1 @@
+=dev-libs/openssl-1.0.1g-r99::hardened-dev

tools-musl/portage.armv7a.hardened/package.use

@@ -0,0 +1 @@
+sys-libs/musl nls

tools-musl/portage.armv7a.vanilla/bashrc

@@ -0,0 +1,15 @@
+post_src_install() {
+	[[ $PN != musl ]] && return 0
+
+	local LDSO_ARCH=$(basename "${D}"/lib/ld-musl-*.so.1)
+	mkdir "${D}"/usr/etc
+	cat > "${D}"/usr/etc/${LDSO_ARCH%so.1}path <<EOF
+/lib
+/usr/lib
+/usr/local/lib
+/usr/lib/opengl/xorg-x11/lib
+/usr/lib/gcc/${CHOST}/4.7.3
+/usr/${CHOST}/lib
+/usr/games/lib
+EOF
+}

tools-musl/portage.armv7a.vanilla/env/libintl.conf

@@ -0,0 +1,2 @@
+CFLAGS="-Wl,-lintl"
+LDFLAGS="-lintl"

tools-musl/portage.armv7a.vanilla/env/parallel.conf

@@ -0,0 +1 @@
+MAKEOPTS=-j1

tools-musl/portage.armv7a.vanilla/package.env

@@ -0,0 +1,9 @@
+dev-libs/glib libintl.conf
+dev-libs/libelf libintl.conf
+sys-apps/attr libintl.conf
+sys-apps/kbd libintl.conf
+sys-apps/man-db parallel.conf
+sys-apps/net-tools libintl.conf
+sys-fs/e2fsprogs libintl.conf
+sys-fs/eudev libintl.conf
+sys-process/procps libintl.conf

tools-musl/portage.armv7a.vanilla/package.keywords

@@ -0,0 +1,2 @@
+=sys-libs/musl-1.1.2 ~*
+=sys-apps/getent-0 ~*

tools-musl/portage.armv7a.vanilla/package.mask

@@ -0,0 +1,3 @@
+>sys-devel/gcc-4.7.3-r99
+sys-apps/systemd
+sys-fs/udev

tools-musl/portage.armv7a.vanilla/package.unmask

@@ -0,0 +1 @@
+=dev-libs/openssl-1.0.1g-r99::hardened-dev

tools-musl/portage.armv7a.vanilla/package.use

@@ -0,0 +1 @@
+sys-libs/musl nls

tools-musl/portage.armv7a.vanilla/profile/use.mask

@@ -0,0 +1 @@
+hardened

tools-musl/portage.i686.hardened/bashrc

@@ -0,0 +1,15 @@
+post_src_install() {
+	[[ $PN != musl ]] && return 0
+
+	local LDSO_ARCH=$(basename "${D}"/lib/ld-musl-*.so.1)
+	mkdir "${D}"/usr/etc
+	cat > "${D}"/usr/etc/${LDSO_ARCH%so.1}path <<EOF
+/lib
+/usr/lib
+/usr/local/lib
+/usr/lib/opengl/xorg-x11/lib
+/usr/lib/gcc/${CHOST}/4.7.3
+/usr/${CHOST}/lib
+/usr/games/lib
+EOF
+}

tools-musl/portage.i686.hardened/env/libintl.conf

@@ -0,0 +1,2 @@
+CFLAGS="-Wl,-lintl"
+LDFLAGS="-lintl"

tools-musl/portage.i686.hardened/env/parallel.conf

@@ -0,0 +1 @@
+MAKEOPTS=-j1

tools-musl/portage.i686.hardened/package.env

@@ -0,0 +1,9 @@
+dev-libs/glib libintl.conf
+dev-libs/libelf libintl.conf
+sys-apps/attr libintl.conf
+sys-apps/kbd libintl.conf
+sys-apps/man-db parallel.conf
+sys-apps/net-tools libintl.conf
+sys-fs/e2fsprogs libintl.conf
+sys-fs/eudev libintl.conf
+sys-process/procps libintl.conf

tools-musl/portage.i686.hardened/package.keywords

@@ -0,0 +1,2 @@
+=sys-libs/musl-1.1.2 ~*
+=sys-apps/getent-0 ~*

tools-musl/portage.i686.hardened/package.mask

@@ -0,0 +1,3 @@
+>sys-devel/gcc-4.7.3-r99
+sys-apps/systemd
+sys-fs/udev

tools-musl/portage.i686.hardened/package.unmask

@@ -0,0 +1 @@
+=dev-libs/openssl-1.0.1g-r99::hardened-dev

tools-musl/portage.i686.hardened/package.use

@@ -0,0 +1 @@
+sys-libs/musl nls

tools-musl/portage.i686.vanilla/bashrc

@@ -0,0 +1,15 @@
+post_src_install() {
+	[[ $PN != musl ]] && return 0
+
+	local LDSO_ARCH=$(basename "${D}"/lib/ld-musl-*.so.1)
+	mkdir "${D}"/usr/etc
+	cat > "${D}"/usr/etc/${LDSO_ARCH%so.1}path <<EOF
+/lib
+/usr/lib
+/usr/local/lib
+/usr/lib/opengl/xorg-x11/lib
+/usr/lib/gcc/${CHOST}/4.7.3
+/usr/${CHOST}/lib
+/usr/games/lib
+EOF
+}

tools-musl/portage.i686.vanilla/env/libintl.conf

@@ -0,0 +1,2 @@
+CFLAGS="-Wl,-lintl"
+LDFLAGS="-lintl"

tools-musl/portage.i686.vanilla/env/parallel.conf

@@ -0,0 +1 @@
+MAKEOPTS=-j1

tools-musl/portage.i686.vanilla/package.env

@@ -0,0 +1,9 @@
+dev-libs/glib libintl.conf
+dev-libs/libelf libintl.conf
+sys-apps/attr libintl.conf
+sys-apps/kbd libintl.conf
+sys-apps/man-db parallel.conf
+sys-apps/net-tools libintl.conf
+sys-fs/e2fsprogs libintl.conf
+sys-fs/eudev libintl.conf
+sys-process/procps libintl.conf

tools-musl/portage.i686.vanilla/package.keywords

@@ -0,0 +1,2 @@
+=sys-libs/musl-1.1.2 ~*
+=sys-apps/getent-0 ~*

tools-musl/portage.i686.vanilla/package.mask

@@ -0,0 +1,3 @@
+>sys-devel/gcc-4.7.3-r99
+sys-apps/systemd
+sys-fs/udev

tools-musl/portage.i686.vanilla/package.unmask

@@ -0,0 +1 @@
+=dev-libs/openssl-1.0.1g-r99::hardened-dev

tools-musl/portage.i686.vanilla/package.use

@@ -0,0 +1 @@
+sys-libs/musl nls

tools-musl/portage.i686.vanilla/profile/use.mask

@@ -0,0 +1 @@
+hardened

tools-musl/portage/env/libintl.conf

@@ -1 +0,0 @@
-LDFLAGS=-lintl

tools-musl/portage/make.conf

@@ -1,16 +0,0 @@
-CHOST=MY_CHOST
-CFLAGS="-Os -pipe -fomit-frame-pointerMY_CFLAGS"
-CXXFLAGS="${CFLAGS}"
-
-USE="-hardened -fortran -mudflap"
-USE="${USE} -xattr python zlib"
-
-MAKEOPTS="-j9"
-
-INSTALL_MASK="charset.alias"
-PORTDIR="/usr/portage"
-
-source /var/lib/layman/make.conf
-
-GENTOO_MIRRORS="ftp://192.168.3.1/pub/gentoo"
-SYNC="rsync://192.168.3.1/portage"

tools-musl/portage/package.accept_keywords

@@ -1,4 +0,0 @@
-=sys-apps/getent-0 ~amd64 ~arm ~x86
-=sys-libs/musl-1.1.0 ~amd64 ~arm ~x86
-=app-text/openjade-1.3.2-r6 ~amd64 ~arm ~x86
-=sys-fs/eudev-1.6 ~amd64 ~arm ~x86

tools-musl/portage/package.use

@@ -1,3 +0,0 @@
-app-editors/vim -python
-dev-vcs/git -gpg
-sys-apps/busybox -* savedconfig

tools-musl/portage/repos.conf/gentoo.conf

@@ -1,7 +0,0 @@
-[DEFAULT]
-main-repo = gentoo
-
-[gentoo]
-location = /usr/portage
-sync-type = rsync
-sync-uri = rsync://192.168.3.1/portage

tools-musl/run-armv7a.sh

@@ -0,0 +1,124 @@
+#!/bin/bash
+
+source /etc/catalyst/catalyst.conf
+
+mydate=`date +%Y%m%d`
+
+prepare_confs() {
+  local arch=$1
+  local flavor=$2
+
+  for s in 1 2 3; do
+
+    local cstage=stage${s}
+    local p=$(( s - 1 ))
+    [[ $p == 0 ]] && p=3
+    local pstage=stage${p}
+    local tarch="${arch%_hardfp}"
+    local parch="arm/${tarch}"
+    local float
+
+    [[ "${arch}" == "${tarch}" ]] \
+      && float="softfp" \
+      || float="hardfloat"
+
+    cat stage-all.conf.template | \
+      sed -e "s:\(^version_stamp.*$\):\1-${mydate}:" \
+        -e "s:CSTAGE:${cstage}:g" \
+        -e "s:PSTAGE:${pstage}:g" \
+        -e "s:SARCH:${arch}:g" \
+        -e "s:PARCH:${parch}:g" \
+        -e "s:TARCH:${tarch}:g" \
+        -e "s:gentoo-linux-musl:${float}-linux-musleabi:" \
+        -e "s:FLAVOR:${flavor}:g" \
+        -e "s:MYCATALYST:$(pwd):g" \
+        >  stage${s}-${arch}-musl-${flavor}.conf
+
+    sed -i "/^portage_confdir/s:_hardfp::" \
+      stage${s}-${arch}-musl-${flavor}.conf
+
+  done
+
+  sed -i "/^chost/d" stage3-${arch}-musl-${flavor}.conf
+}
+
+banner() {
+cat << EOF | tee -a zzz.log > stage$1-$2-musl-$3.log
+
+************************************************************************
+*    stage$1-$2-musl-$3
+************************************************************************"
+
+EOF
+}
+
+
+do_stages() {
+  local arch=$1
+  local flavor=$2
+
+  for s in 1 2 3; do
+    local tgpath="${storedir}/builds/${flavor}/${arch}"
+    local target="stage${s}-${arch}-musl-${flavor}-${mydate}.tar.bz2"
+    local tglink="stage${s}-${arch}-musl-${flavor}.tar.bz2"
+
+    if [[ ! -f "${tgpath}/${tglink}" ]]; then
+       touch stage${s}-${arch}-musl-${flavor}.log
+       echo "!!! ${target} at ${tgpath} doesn't exit" \
+         | tee -a zzz.log \
+         > stage${s}-${arch}-musl-${flavor}.err
+       return 1
+    fi
+
+    banner ${s} ${arch} ${flavor}
+    catalyst -f stage${s}-${arch}-musl-${flavor}.conf \
+      | tee -a zzz.log \
+      > stage${s}-${arch}-musl-${flavor}.log \
+      2> stage${s}-${arch}-musl-${flavor}.err
+
+    if [[ -f "${tgpath}/${target}" ]]; then
+      rm -f "${tgpath}/${tglink}"
+      ln -s ${target} "${tgpath}/${tglink}"
+    else
+      echo "!!! ${target} was not generated" \
+        | tee -a zzz.log \
+        >stage${s}-${arch}-musl-${flavor}.err
+      return 1
+    fi
+  done
+
+  return 0
+}
+
+
+#
+# approximate timings:
+#
+# catalyst -s current   3 minutes
+# catalyst -f stage1  130 minutes
+#
+
+main() {
+  >zzz.log
+
+  catalyst -s current | tee -a zzz.log >snapshot.log 2>snapshot.err
+
+  for arch in armv7a_hardfp; do
+    for flavor in hardened vanilla; do
+      prepare_confs ${arch} ${flavor}
+    done
+  done
+  
+  for arch in armv7a_hardfp; do
+    for flavor in hardened vanilla; do
+      do_stages ${arch} ${flavor}
+      ret=$?
+      if [[ $? == 1 ]]; then
+         echo "FAILURE at ${arch} ${flavor} " | tee zzz.log
+         return 1
+      fi
+    done
+  done
+}
+
+main $1 &

tools-musl/run.sh

@@ -1,127 +1,127 @@
 #!/bin/bash
 
-TEST_ARCH=$(file -b /usr/lib/libc.so | sed -e 's/^.*shared object, //' -e 's/,.*$//')
+source /etc/catalyst/catalyst.conf
 
-if [[ "${TEST_ARCH}" == "Intel 80386" ]]; then
-	MY_ARCH="i686"
-	MY_CHOST="i686-gentoo-linux-musl"
-	MY_CFLAGS=""
-	MY_PROF="x86"
-	MY_PATH="i386"
-elif [[ "${TEST_ARCH}" == "x86-64" ]]; then
-	MY_ARCH="amd64"
-	MY_CHOST="x86_64-gentoo-linux-musl"
-	MY_CFLAGS=""
-	MY_PROF="amd64"
-	MY_PATH="x86_64"
-elif [[ "${TEST_ARCH}" == "ARM" ]]; then
-	# Need better logic for alternative subarches and hard/softfloat
-	MY_ARCH="armv7a_hardfp"
-	MY_CHOST="armv7a-hardfloat-linux-musleabi"
-	MY_CFLAGS=" -march=armv7-a -mfpu=vfpv3-d16 -mfloat-abi=hard"
-	MY_PROF="arm/armv7a"
-	MY_PATH="armhf"
-elif [[ "${TEST_ARCH}" == "MIPS" ]]; then
-	MY_ARCH="MIPS"
-	MY_CHOST="mipsel-gentoo-linux-musl"
-	MY_CFLAGS=""
-	MY_PROF="mips/mipsel"
-	MY_PATH="mipsel"
-else
-	echo "Unsupported arch $TEST_ARCH"
-	exit
-fi
+mydate=`date +%Y%m%d`
 
-ROOTFS="stage4-${MY_ARCH}-musl-vanilla"
-PWD="$(pwd)"
-
-prepare_etc () {
-	mkdir -p "${ROOTFS}"/etc
-	if [[ "${MY_ARCH}" == "MIPS" ]]; then
-		cp -a "${PWD}"/portage.mips/ "${ROOTFS}"/etc/portage
-	else
-		cp -a "${PWD}"/portage/ "${ROOTFS}"/etc/
-	fi
-	sed -i "s/MY_CHOST/${MY_CHOST}/" "${ROOTFS}"/etc/portage/make.conf
-	sed -i "s/MY_CFLAGS/${MY_CFLAGS}/" "${ROOTFS}"/etc/portage/make.conf
-	ln -sf ../../usr/portage/profiles/hardened/linux/musl/"${MY_PROF}" "${ROOTFS}"/etc/portage/make.profile
+undo_grsec() {
+  [[ -d /proc/sys/kernel/grsecurity ]] || return
+  for i in /proc/sys/kernel/grsecurity/chroot_* ; do
+    echo 0 > $i
+  done
 }
 
-prepare_usr_etc() {
-	mkdir -p "${ROOTFS}"/usr/etc
+prepare_confs() {
+  local arch=$1
+  local flavor=$2
 
-	cat <<-EOF > "${ROOTFS}"/usr/etc/ld-musl-${MY_PATH}.path
-	/lib
-	/usr/lib
-	/usr/lib/gcc/${MY_CHOST}/4.7.3
-	/usr/${MY_CHOST}/lib
-	EOF
+  for s in 1 2 3; do
 
-	# mips-muls needs some tlc upstream
-	if [[ "${MY_ARCH}" == "MIPS" ]]; then
-		ln -sf ld-musl-${MY_PATH}.path "${ROOTFS}"/etc/ld-musl.path
-	else
-		ln -sf ld-musl-${MY_PATH}.path "${ROOTFS}"/usr/etc/ld-musl.path
-	fi
+    local cstage=stage${s}
+    local p=$(( s - 1 ))
+    [[ $p == 0 ]] && p=3
+    local pstage=stage${p}
+
+    local parch="${arch}"
+    [[ "${arch}" == "i686" ]] && parch="x86"
+
+    local tarch="${arch}"
+    [[ "${arch}" == "amd64" ]] && tarch="x86_64"
+
+    cat stage-all.conf.template | \
+      sed -e "s:\(^version_stamp.*$\):\1-${mydate}:" \
+        -e "s:CSTAGE:${cstage}:g" \
+        -e "s:PSTAGE:${pstage}:g" \
+        -e "s:SARCH:${arch}:g" \
+        -e "s:PARCH:${parch}:g" \
+        -e "s:TARCH:${tarch}:g" \
+        -e "s:FLAVOR:${flavor}:g" \
+        -e "s:MYCATALYST:$(pwd):g" \
+        >  stage${s}-${arch}-musl-${flavor}.conf
+  done
+
+  sed -i "/^chost/d" stage3-${arch}-musl-${flavor}.conf
 }
 
-prepare_overlay() {
-	# This is intensely ugly, but for now ...
-	mkdir -p "${ROOTFS}"/var/lib/layman/
-	cp -a /var/lib/layman/* "${ROOTFS}"/var/lib/layman/
+banner() {
+cat << EOF | tee -a zzz.log > stage$1-$2-musl-$3.log
+
+************************************************************************
+*    stage$1-$2-musl-$3
+************************************************************************"
+
+EOF
 }
 
-emerge_system() {
-	ROOT="${ROOTFS}" emerge --keep-going --with-bdeps=y -uvq @system
-	FEATURES="-sandbox" ROOT="${ROOTFS}" emerge --keep-going --with-bdeps=y -uvq sandbox
+
+do_stages() {
+  local arch=$1
+  local flavor=$2
+
+  for s in 1 2 3; do
+    local tgpath="${storedir}/builds/${flavor}/${arch}"
+    local target="stage${s}-${arch}-musl-${flavor}-${mydate}.tar.bz2"
+    local tglink="stage${s}-${arch}-musl-${flavor}.tar.bz2"
+
+    if [[ ! -f "${tgpath}/${tglink}" ]]; then
+       touch stage${s}-${arch}-musl-${flavor}.log
+       echo "!!! ${tglink} at ${tgpath} doesn't exist" \
+         | tee -a zzz.log \
+         > stage${s}-${arch}-musl-${flavor}.err
+       return 1
+    fi
+
+    banner ${s} ${arch} ${flavor}
+    catalyst -f stage${s}-${arch}-musl-${flavor}.conf \
+      | tee -a zzz.log \
+      > stage${s}-${arch}-musl-${flavor}.log \
+      2> stage${s}-${arch}-musl-${flavor}.err
+
+    if [[ -f "${tgpath}/${target}" ]]; then
+      rm -f "${tgpath}/${tglink}"
+      ln -s ${target} "${tgpath}/${tglink}"
+    else
+      echo "!!! ${target} was not generated" \
+        | tee -a zzz.log \
+        >stage${s}-${arch}-musl-${flavor}.err
+      return 1
+    fi
+  done
+
+  return 0
 }
 
-mk_top_level_dirs() {
-	mkdir "${ROOTFS}"/{boot,dev,home,media,mnt,opt,proc,root,sys}
+
+#
+# approximate timings:
+#
+# catalyst -s current	3 minutes
+# catalyst -f stage1  130 minutes
+#
+
+main() {
+  >zzz.log
+
+  undo_grsec
+
+  catalyst -s current | tee -a zzz.log >snapshot.log 2>snapshot.err
+
+  for arch in amd64 i686; do
+    for flavor in vanilla hardened; do
+      prepare_confs ${arch} ${flavor}
+    done
+  done
+  
+  for arch in amd64 i686; do
+    for flavor in vanilla hardened; do
+      do_stages ${arch} ${flavor}
+      ret=$?
+      if [[ $? == 1 ]]; then
+         echo "FAILURE at ${arch} ${flavor}" | tee zzz.log
+         return 1
+      fi
+    done
+  done
 }
 
-setup_configs() {
-	sed -i '/^SYNC/d' "${ROOTFS}"/etc/portage/make.conf
-	sed -i '/^GENTOO_MIRRORS/d' "${ROOTFS}"/etc/portage/make.conf
-	sed -i 's/^MAKEOPTS/#MAKEOPTS/' "${ROOTFS}"/etc/portage/make.conf
-
-	# There are some issue with python3, so let's select python2
-	# which so far is option 1 in elesect python.
-	chroot "${ROOTFS}" eselect python set 1
-}
-
-bundle_it() {
-	local DATE=$(date +%Y%m%d)
-	local NAME="${ROOTFS}"-"${DATE}".tar.bz2
-	local DIGESTS="${NAME}".DIGESTS
-
-	cd "${ROOTFS}"
-	tar -j -c -f ../"${NAME}" .
-
-	cd ..
-	>"${DIGESTS}"
-
-	echo "# MD5 HASH" >> "${DIGESTS}"
-	md5sum "${NAME}" >> "${DIGESTS}"
-
-	echo "# SHA1 HASH" >> "${DIGESTS}"
-	sha1sum "${NAME}" >> "${DIGESTS}"
-
-	echo "# SHA512 HASH" >> "${DIGESTS}"
-	sha512sum "${NAME}" >> "${DIGESTS}"
-
-	echo "# WHIRLPOOL HASH" >> "${DIGESTS}"
-	whirlpooldeep "${NAME}" >> "${DIGESTS}"
-}
-
-main (){
-	prepare_etc
-	prepare_usr_etc
-	prepare_overlay
-	emerge_system
-	mk_top_level_dirs
-	setup_configs
-	bundle_it
-}
-
-main > zzz.log 2>&1 &
+main $1 &

tools-musl/stage-all.conf.template

@@ -0,0 +1,12 @@
+subarch: SARCH
+target: CSTAGE
+version_stamp: musl-FLAVOR
+rel_type: FLAVOR/SARCH
+profile: hardened/linux/musl/PARCH
+snapshot: current
+source_subpath: FLAVOR/SARCH/PSTAGE-SARCH-musl-FLAVOR
+chost: TARCH-gentoo-linux-musl
+cflags: -O2 -pipe -fomit-frame-pointer
+cxxflags: -O2 -pipe -fomit-frame-pointer
+portage_confdir: MYCATALYST/portage.SARCH.FLAVOR
+portage_overlay: /var/lib/layman/hardened-development

tools-musl/stage4/portage.mips/env/parallel.conf

@@ -0,0 +1 @@
+MAKEOPTS=-j1

tools-musl/stage4/run.sh

@@ -0,0 +1,127 @@
+#!/bin/bash
+
+TEST_ARCH=$(file -b /usr/lib/libc.so | sed -e 's/^.*shared object, //' -e 's/,.*$//')
+
+if [[ "${TEST_ARCH}" == "Intel 80386" ]]; then
+	MY_ARCH="i686"
+	MY_CHOST="i686-gentoo-linux-musl"
+	MY_CFLAGS=""
+	MY_PROF="x86"
+	MY_PATH="i386"
+elif [[ "${TEST_ARCH}" == "x86-64" ]]; then
+	MY_ARCH="amd64"
+	MY_CHOST="x86_64-gentoo-linux-musl"
+	MY_CFLAGS=""
+	MY_PROF="amd64"
+	MY_PATH="x86_64"
+elif [[ "${TEST_ARCH}" == "ARM" ]]; then
+	# Need better logic for alternative subarches and hard/softfloat
+	MY_ARCH="armv7a_hardfp"
+	MY_CHOST="armv7a-hardfloat-linux-musleabi"
+	MY_CFLAGS=" -march=armv7-a -mfpu=vfpv3-d16 -mfloat-abi=hard"
+	MY_PROF="arm/armv7a"
+	MY_PATH="armhf"
+elif [[ "${TEST_ARCH}" == "MIPS" ]]; then
+	MY_ARCH="MIPS"
+	MY_CHOST="mipsel-gentoo-linux-musl"
+	MY_CFLAGS=""
+	MY_PROF="mips/mipsel"
+	MY_PATH="mipsel"
+else
+	echo "Unsupported arch $TEST_ARCH"
+	exit
+fi
+
+ROOTFS="stage4-${MY_ARCH}-musl-vanilla"
+PWD="$(pwd)"
+
+prepare_etc () {
+	mkdir -p "${ROOTFS}"/etc
+	if [[ "${MY_ARCH}" == "MIPS" ]]; then
+		cp -a "${PWD}"/portage.mips/ "${ROOTFS}"/etc/portage
+	else
+		cp -a "${PWD}"/portage/ "${ROOTFS}"/etc/
+	fi
+	sed -i "s/MY_CHOST/${MY_CHOST}/" "${ROOTFS}"/etc/portage/make.conf
+	sed -i "s/MY_CFLAGS/${MY_CFLAGS}/" "${ROOTFS}"/etc/portage/make.conf
+	ln -sf ../../usr/portage/profiles/hardened/linux/musl/"${MY_PROF}" "${ROOTFS}"/etc/portage/make.profile
+}
+
+prepare_usr_etc() {
+	mkdir -p "${ROOTFS}"/usr/etc
+
+	cat <<-EOF > "${ROOTFS}"/usr/etc/ld-musl-${MY_PATH}.path
+	/lib
+	/usr/lib
+	/usr/lib/gcc/${MY_CHOST}/4.7.3
+	/usr/${MY_CHOST}/lib
+	EOF
+
+	# mips-muls needs some tlc upstream
+	if [[ "${MY_ARCH}" == "MIPS" ]]; then
+		ln -sf ld-musl-${MY_PATH}.path "${ROOTFS}"/etc/ld-musl.path
+	else
+		ln -sf ld-musl-${MY_PATH}.path "${ROOTFS}"/usr/etc/ld-musl.path
+	fi
+}
+
+prepare_overlay() {
+	# This is intensely ugly, but for now ...
+	mkdir -p "${ROOTFS}"/var/lib/layman/
+	cp -a /var/lib/layman/* "${ROOTFS}"/var/lib/layman/
+}
+
+emerge_system() {
+	ROOT="${ROOTFS}" emerge --keep-going --with-bdeps=y -uvq @system
+	FEATURES="-sandbox" ROOT="${ROOTFS}" emerge --keep-going --with-bdeps=y -uvq sandbox
+}
+
+mk_top_level_dirs() {
+	mkdir "${ROOTFS}"/{boot,dev,home,media,mnt,opt,proc,root,sys}
+}
+
+setup_configs() {
+	sed -i '/^SYNC/d' "${ROOTFS}"/etc/portage/make.conf
+	sed -i '/^GENTOO_MIRRORS/d' "${ROOTFS}"/etc/portage/make.conf
+	sed -i 's/^MAKEOPTS/#MAKEOPTS/' "${ROOTFS}"/etc/portage/make.conf
+
+	# There are some issue with python3, so let's select python2
+	# which so far is option 1 in elesect python.
+	chroot "${ROOTFS}" eselect python set 1
+}
+
+bundle_it() {
+	local DATE=$(date +%Y%m%d)
+	local NAME="${ROOTFS}"-"${DATE}".tar.bz2
+	local DIGESTS="${NAME}".DIGESTS
+
+	cd "${ROOTFS}"
+	tar -j -c -f ../"${NAME}" .
+
+	cd ..
+	>"${DIGESTS}"
+
+	echo "# MD5 HASH" >> "${DIGESTS}"
+	md5sum "${NAME}" >> "${DIGESTS}"
+
+	echo "# SHA1 HASH" >> "${DIGESTS}"
+	sha1sum "${NAME}" >> "${DIGESTS}"
+
+	echo "# SHA512 HASH" >> "${DIGESTS}"
+	sha512sum "${NAME}" >> "${DIGESTS}"
+
+	echo "# WHIRLPOOL HASH" >> "${DIGESTS}"
+	whirlpooldeep "${NAME}" >> "${DIGESTS}"
+}
+
+main (){
+	prepare_etc
+	prepare_usr_etc
+	prepare_overlay
+	emerge_system
+	mk_top_level_dirs
+	setup_configs
+	bundle_it
+}
+
+main > zzz.log 2>&1 &

tools-uclibc/desktop/portage/env/gnome-doc-utils.conf

@@ -0,0 +1 @@
+MAKEOPTS="-j1"

tools-uclibc/desktop/portage/make.conf.2

@@ -27,7 +27,7 @@ USE_MPLAYER="bidi bl bluray bs2b cddb cdparanoia cpudetection fbcon ftp ggi joys
 USE_BROWSE="curl webkit -libproxy"
 USE_WORD="latex math openxml pdf spell thesaurus wmf wordperfect"
 USE_GAMES="artworkextra"
-USE_XFCE4="session thunar"
+USE_XFCE4="-upower session thunar"
 
 USE_MISC="bash-completion extras lpsol natspec unlock-notify utils uuid vim-syntax watchdog"
 

tools-uclibc/desktop/portage/make.conf.3

@@ -27,7 +27,7 @@ USE_MPLAYER="bidi bl bluray bs2b cddb cdparanoia cpudetection fbcon ftp ggi joys
 USE_BROWSE="curl webkit -libproxy"
 USE_WORD="latex math openxml pdf spell thesaurus wmf wordperfect"
 USE_GAMES="artworkextra"
-USE_XFCE4="session thunar"
+USE_XFCE4="-upower session thunar"
 
 USE_MISC="bash-completion extras lpsol natspec unlock-notify utils uuid vim-syntax watchdog"
 

tools-uclibc/desktop/portage/package.accept_keywords/alsa-plugins

@@ -0,0 +1 @@
+=media-plugins/alsa-plugins-1.0.27-r2 ~amd64

tools-uclibc/desktop/portage/package.accept_keywords/boost

@@ -1,2 +0,0 @@
-=dev-libs/boost-1.52.0-r6 ~amd64
-=dev-util/boost-build-1.52.0-r1 ~amd64

tools-uclibc/desktop/portage/package.accept_keywords/elfix

@@ -1,2 +0,0 @@
-=dev-python/pypax-0.8.3 ~amd64
-=sys-apps/elfix-0.8.3 ~amd64

tools-uclibc/desktop/portage/package.accept_keywords/nettle

@@ -1 +0,0 @@
-=dev-libs/nettle-2.7 ~amd64

tools-uclibc/desktop/portage/package.accept_keywords/uclibc

@@ -0,0 +1 @@
+=sys-libs/uclibc-0.9.33.9999 ~amd64

tools-uclibc/desktop/portage/package.accept_keywords/xorg-cf-files

@@ -1 +0,0 @@
-=x11-misc/xorg-cf-files-1.0.4-r1 ~amd64

tools-uclibc/desktop/portage/package.env

@@ -1,4 +1,5 @@
 app-crypt/pinentry pinentry.conf
+app-text/gnome-doc-utils gnome-doc-utils.conf
 dev-libs/pakchois pakchois.conf
 dev-python/pygobject pygobject.conf
 dev-util/cmake cmake.conf

tools-uclibc/desktop/portage/package.mask/webkit-gtk

@@ -1 +0,0 @@
->net-libs/webkit-gtk-1.8.3-r300

tools-uclibc/desktop/portage/package.unmask/alsa-plugins

@@ -0,0 +1 @@
+=media-plugins/alsa-plugins-1.0.27-r2

tools-uclibc/desktop/portage/patches/sys-libs/uclibc/99-libc-add-isfdtype.patch

@@ -0,0 +1,65 @@
+From f22cca4722fa66e424562e69f4afa2bca0af871d Mon Sep 17 00:00:00 2001
+From: "Anthony G. Basile" <blueness@gentoo.org>
+Date: Sun, 28 Jul 2013 09:08:34 -0400
+Subject: [PATCH] libc: add isfdtype()
+
+isfdtype(int fd, int fdtype) check whether a file descriptor fd is
+of type fdtype, where the types are defined in stat(2).  It is
+supported in glibc and BSD, and used by utilities such as acpid.
+
+Signed-off-by: Anthony G. Basile <blueness@gentoo.org>
+Signed-off-by: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com>
+---
+ libc/misc/file/isfdtype.c | 40 ++++++++++++++++++++++++++++++++++++++++
+ 1 file changed, 40 insertions(+)
+ create mode 100644 libc/misc/file/isfdtype.c
+
+diff --git a/libc/misc/file/isfdtype.c b/libc/misc/file/isfdtype.c
+new file mode 100644
+index 0000000..4d9199b
+--- /dev/null
++++ libc/misc/file/isfdtype.c
+@@ -0,0 +1,40 @@
++/* Determine whether descriptor has given property.
++   Copyright (C) 1996-2013 Free Software Foundation, Inc.
++   This file is part of the GNU C Library.
++
++   The GNU C Library is free software; you can redistribute it and/or
++   modify it under the terms of the GNU Lesser General Public
++   License as published by the Free Software Foundation; either
++   version 2.1 of the License, or (at your option) any later version.
++
++   The GNU C Library is distributed in the hope that it will be useful,
++   but WITHOUT ANY WARRANTY; without even the implied warranty of
++   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
++   Lesser General Public License for more details.
++
++   You should have received a copy of the GNU Lesser General Public
++   License along with the GNU C Library; if not, see
++   <http://www.gnu.org/licenses/>.  */
++
++#include <errno.h>
++#include <sys/stat.h>
++#include <sys/socket.h>
++#include <sys/types.h>
++#ifdef __UCLIBC_HAS_LFS__
++# include <_lfs_64.h>
++#else
++# define stat64 stat
++# define fstat64 fstat
++#endif
++
++int
++isfdtype (int fildes, int fdtype)
++{
++  struct stat64 st;
++  int save_error = errno;
++  int result = fstat64 (fildes, &st);
++  __set_errno (save_error);
++  if (result)
++	  return result;
++  return (st.st_mode & S_IFMT) == (mode_t) fdtype;
++}
+-- 
+1.8.3.2.733.gf8abaeb
+

tools-uclibc/desktop/resolv.conf

@@ -1,4 +1,4 @@
 # Add your own name server here.
 # This is only for the build. It
 # will be removed in the final image.
-nameserver 67.151.215.230
+nameserver 192.168.100.7

tools-uclibc/desktop/run.sh

@@ -39,10 +39,10 @@ populate_etc() {
 	rm -f "${ROOTFS}"/etc/portage/make.conf.catalyst
 	cp -f portage/make.conf.1 "${ROOTFS}"/etc/portage/make.conf
 
-	for d in env package.accept_keywords package.mask package.use profile repos.conf; do
+	rm -rf "${ROOTFS}"/etc/portage/patches
+	for d in env package.accept_keywords package.env package.mask package.unmask package.use patches profile repos.conf; do
 		[[ -a portage/"${d}" ]] && cp -af portage/${d} "${ROOTFS}"/etc/portage
 	done
-	cp -af portage/package.env "${ROOTFS}"/etc/portage
 }
 
 rebuild_toolchain() {

tools-uclibc/livecd-stage1-amd64-uclibc-hardened.conf.template

@@ -1,11 +0,0 @@
-subarch: amd64
-target: livecd-stage1
-version_stamp: uclibc-hardened
-rel_type: hardened/amd64
-profile: hardened/linux/uclibc/amd64
-snapshot: current
-source_subpath: hardened/amd64/stage3-amd64-uclibc-hardened
-
-livecd/use: mmx sse sse2 mbox -unicode
-
-livecd/packages: app-admin/sudo app-admin/syslog-ng app-cdr/cdrtools app-editors/vim app-portage/epm app-portage/gentoolkit app-portage/layman app-text/tree dev-libs/libevent dev-util/strace dev-vcs/git mail-client/mailx mail-mta/postfix net-analyzer/iftop net-firewall/iptables net-ftp/lftp net-mail/dovecot net-misc/dhcp net-misc/dhcpcd net-misc/openntpd net-misc/openssh sys-apps/haveged sys-apps/hwsetup sys-apps/iproute2 sys-apps/less sys-apps/pciutils sys-boot/grub-static sys-devel/gettext sys-fs/squashfs-tools sys-fs/udev sys-kernel/genkernel sys-libs/argp-standalone sys-libs/e2fsprogs-libs sys-process/fcron sys-process/lsof

tools-uclibc/livecd-stage1-i686-uclibc-hardened.conf.template

@@ -1,11 +0,0 @@
-subarch: i686
-target: livecd-stage1
-version_stamp: uclibc-hardened
-rel_type: hardened/i686
-profile: hardened/linux/uclibc/x86
-snapshot: current
-source_subpath: hardened/i686/stage3-i686-uclibc-hardened
-
-livecd/use: mmx sse sse2 mbox -unicode
-
-livecd/packages: app-admin/sudo app-admin/syslog-ng app-cdr/cdrtools app-editors/vim app-portage/epm app-portage/gentoolkit app-portage/layman app-text/tree dev-libs/libevent dev-util/strace dev-vcs/git mail-client/mailx mail-mta/postfix net-analyzer/iftop net-firewall/iptables net-ftp/lftp net-mail/dovecot net-misc/dhcp net-misc/dhcpcd net-misc/openntpd net-misc/openssh sys-apps/haveged sys-apps/hwsetup sys-apps/iproute2 sys-apps/less sys-apps/pciutils sys-boot/grub-static sys-devel/gettext sys-fs/squashfs-tools sys-fs/udev sys-kernel/genkernel sys-libs/argp-standalone sys-libs/e2fsprogs-libs sys-process/fcron sys-process/lsof

tools-uclibc/livecd-stage1_template.spec

@@ -1,11 +0,0 @@
-subarch: amd64
-target: livecd-stage1
-version_stamp: uclibc-hardened-20121016
-rel_type: hardened/amd64
-profile: hardened/linux/uclibc/amd64
-snapshot: current
-source_subpath: hardened/amd64/stage3-amd64-uclibc-hardened
-
-livecd/use: mmx sse sse2 mbox -unicode
-
-livecd/packages: app-admin/sudo app-admin/syslog-ng app-cdr/cdrtools app-editors/nano app-editors/vim app-portage/epm app-portage/gentoolkit app-portage/layman app-text/tree dev-lang/python dev-libs/libevent dev-libs/libiconv dev-util/strace dev-vcs/git mail-client/mailx mail-mta/postfix net-analyzer/iftop net-firewall/iptables net-ftp/lftp net-mail/dovecot net-misc/dhcp net-misc/dhcpcd net-misc/openntpd sys-apps/haveged sys-apps/iproute2 sys-apps/less sys-apps/pciutils sys-boot/grub-static sys-devel/gettext sys-fs/squashfs-tools sys-fs/udev sys-kernel/genkernel sys-kernel/linux-headers sys-libs/argp-standalone sys-libs/e2fsprogs-libs sys-libs/readline sys-process/fcron sys-process/lsof virtual/libiconv

tools-uclibc/livecd-stage2-amd64-uclibc-hardened.conf.template

@@ -1,45 +0,0 @@
-subarch: amd64
-target: livecd-stage2
-version_stamp: uclibc-hardened
-rel_type: hardened/amd64
-profile: hardened/linux/uclibc/amd64
-snapshot: current
-source_subpath: hardened/amd64/livecd-stage1-amd64-uclibc-hardened
-
-
-livecd/fstype: squashfs
-livecd/fsops:
-livecd/cdtar: /usr/lib/catalyst/livecd/cdtar/isolinux-3.72-cdtar.tar.bz2
-livecd/iso: installcd-amd64-uclibc-hardened-20121031.iso
-livecd/fsscript:
-livecd/splash_theme:
-livecd/bootargs:
-livecd/gk_mainargs:
-livecd/linuxrc:
-livecd/type: generic-livecd
-livecd/readme:
-livecd/motd:
-livecd/modblacklist:
-livecd/rcadd:
-livecd/rcdel:
-livecd/overlay:
-livecd/root_overlay:
-livecd/xinitrc:
-livecd/xdm:
-livecd/xsession:
-livecd/users: gentoo
-livecd/volid:
-
-boot/kernel: gentoo
-boot/kernel/gentoo/sources: hardened-sources
-boot/kernel/gentoo/config: hardened-amd64.config
-boot/kernel/gentoo/gk_kernargs:
-boot/kernel/gentoo/use:
-boot/kernel/gentoo/extraversion:
-boot/kernel/gentoo/packages:
-
-livecd/unmerge:
-
-livecd/empty: /var/tmp /var/cache /var/db /var/empty /var/log /var/spool /var/state /tmp /usr/portage /usr/src /etc/cron.daily /etc/cron.hourly /etc/cron.monthly /etc/cron.weekly /etc/logrotate.d /etc/rsync /usr/local 
-
-livecd/rm:

tools-uclibc/livecd-stage2-i686-uclibc-hardened.conf.template

@@ -1,45 +0,0 @@
-subarch: i686 
-target: livecd-stage2
-version_stamp: uclibc-hardened
-rel_type: hardened/i686
-profile: hardened/linux/uclibc/x86
-snapshot: current
-source_subpath: hardened/i686/livecd-stage1-i686-uclibc-hardened
-
-
-livecd/fstype: squashfs
-livecd/fsops:
-livecd/cdtar: /usr/lib/catalyst/livecd/cdtar/isolinux-3.72-cdtar.tar.bz2
-livecd/iso: installcd-i686-uclibc-hardened-20121031.iso
-livecd/fsscript:
-livecd/splash_theme:
-livecd/bootargs:
-livecd/gk_mainargs:
-livecd/linuxrc:
-livecd/type: generic-livecd
-livecd/readme:
-livecd/motd:
-livecd/modblacklist:
-livecd/rcadd:
-livecd/rcdel:
-livecd/overlay:
-livecd/root_overlay:
-livecd/xinitrc:
-livecd/xdm:
-livecd/xsession:
-livecd/users: gentoo
-livecd/volid:
-
-boot/kernel: gentoo
-boot/kernel/gentoo/sources: hardened-sources
-boot/kernel/gentoo/config: hardened-i686.config
-boot/kernel/gentoo/gk_kernargs:
-boot/kernel/gentoo/use:
-boot/kernel/gentoo/extraversion:
-boot/kernel/gentoo/packages:
-
-livecd/unmerge:
-
-livecd/empty: /var/tmp /var/cache /var/db /var/empty /var/log /var/spool /var/state /tmp /usr/portage /usr/src /etc/cron.daily /etc/cron.hourly /etc/cron.monthly /etc/cron.weekly /etc/logrotate.d /etc/rsync /usr/local 
-
-livecd/rm:

tools-uclibc/livecd-stage2_template.spec

@@ -1,45 +0,0 @@
-subarch: amd64
-target: livecd-stage2
-version_stamp: uclibc-hardened-20121016
-rel_type: hardened/amd64
-profile: hardened/linux/uclibc/amd64
-snapshot: current
-source_subpath: hardened/amd64/livecd-stage2-amd64-uclibc-hardened
-
-
-livecd/fstype: squashfs
-livecd/fsops:
-livecd/cdtar: /usr/lib/catalyst/livecd/cdtar/isolinux-3.72-cdtar.tar.bz2
-livecd/iso: installcd-amd64-uclibc-minimal.iso
-livecd/fsscript:
-livecd/splash_theme:
-livecd/bootargs:
-livecd/gk_mainargs:
-livecd/linuxrc:
-livecd/type: generic-livecd
-livecd/readme:
-livecd/motd:
-livecd/modblacklist:
-livecd/rcadd:
-livecd/rcdel:
-livecd/overlay:
-livecd/root_overlay:
-livecd/xinitrc:
-livecd/xdm:
-livecd/xsession:
-livecd/users: gentoo
-livecd/volid:
-
-boot/kernel: gentoo
-#boot/kernel/gentoo/sources: hardened-sources
-boot/kernel/gentoo/config: /tmp/hardened.config
-boot/kernel/gentoo/gk_kernargs:
-boot/kernel/gentoo/use:
-boot/kernel/gentoo/extraversion:
-boot/kernel/gentoo/packages:
-
-livecd/unmerge:
-
-livecd/empty: /var/tmp /var/cache /var/db /var/empty /var/lock /var/log /var/run /var/spool /var/state /tmp /usr/portage /usr/src /etc/cron.daily /etc/cron.hourly /etc/cron.monthly /etc/cron.weekly /etc/logrotate.d /etc/rsync /usr/local 
-
-livecd/rm: