cvechecker 3.3 released

I just uploaded a new release of cvechecker to the project files. The release is a (long overdue) bugfix release, but includes two small enhancements: support standard input for the binary list (so you can pipe the output of one command to cvechecker) and the introduction of the CVECHECKER_CONFFILE variable …

more ...


Umounting IPv6 NFS(v4) mounts

I had issues umounting my NFSv4 shares on an IPv6-only network. When trying to umount the share, it said that it couldn't find the mount in /proc/mounts:

~# umount /mnt/nfs/portage
/mnt/nfs/portage was not found in /proc/mounts

The solution: copy /proc/mounts to /etc/mtab, and …

more ...



Using CUSTOM_BUILDOPT in refpolicy for USE flag-alike functionality?

As you are probably aware, Gentoo uses the reference policy as its base for SELinux policies. Yes, we do customize it and not everything is already pushed upstream (for instance, our approach to use xdg_*_home_t customizable types to further restrict user application access has been sent up for comments …

more ...

Today was a productive day

Fixed 14 bugs today, with a few more pending (those for packages only get marked as FIXED if it is moved to the stable state). One of the changes is the GRUB2 support in the Gentoo Handbook (yes, finally, sorry about that). That opens up the road for the stabilization …

more ...