Huge initial 2008.0 profile commit. This will need to be adjusted synced with the current masks and such in the tree, but this will work for people doing beta installs. Enjoy.

68 files changed, 485 insertions, 0 deletions

diff --git a/profiles/hardened/linux/amd64/2008.0/desktop/parent b/profiles/hardened/linux/amd64/2008.0/desktop/parent
new file mode 100644
index 000000000000..ad6c5e126fbb
--- /dev/null
+++ b/profiles/hardened/linux/amd64/2008.0/desktop/parent
@@ -0,0 +1,2 @@
+..
+../../../../../targets/desktop
diff --git a/profiles/hardened/linux/amd64/2008.0/developer/parent b/profiles/hardened/linux/amd64/2008.0/developer/parent
new file mode 100644
index 000000000000..4c893748ce71
--- /dev/null
+++ b/profiles/hardened/linux/amd64/2008.0/developer/parent
@@ -0,0 +1,2 @@
+..
+../../../../../targets/developer
diff --git a/profiles/hardened/linux/amd64/2008.0/make.defaults b/profiles/hardened/linux/amd64/2008.0/make.defaults
new file mode 100644
index 000000000000..faed7bb73f6f
--- /dev/null
+++ b/profiles/hardened/linux/amd64/2008.0/make.defaults
@@ -0,0 +1,9 @@
+# Copyright 1999-2008 Gentoo Foundation.
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/profiles/hardened/linux/amd64/2008.0/make.defaults,v 1.1 2008/04/01 17:41:11 wolf31o2 Exp $
+
+# STAGE1_USE does not stack
+STAGE1_USE="hardened multilib nptl nptlonly pic"
+
+USE="-nls -unicode"
+
diff --git a/profiles/hardened/linux/amd64/2008.0/no-multilib/make.defaults b/profiles/hardened/linux/amd64/2008.0/no-multilib/make.defaults
new file mode 100644
index 000000000000..b4d6e38047f7
--- /dev/null
+++ b/profiles/hardened/linux/amd64/2008.0/no-multilib/make.defaults
@@ -0,0 +1,10 @@
+# Copyright 1999-2008 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/profiles/hardened/linux/amd64/2008.0/no-multilib/make.defaults,v 1.1 2008/04/01 17:41:13 wolf31o2 Exp $
+
+ARCH="amd64"
+ACCEPT_KEYWORDS="${ARCH}"
+
+MULTILIB_ABIS="amd64"
+
+STAGE1_USE="hardened nptl nptlonly pic"
diff --git a/profiles/hardened/linux/amd64/2008.0/no-multilib/parent b/profiles/hardened/linux/amd64/2008.0/no-multilib/parent
new file mode 100644
index 000000000000..52bcba73e7a5
--- /dev/null
+++ b/profiles/hardened/linux/amd64/2008.0/no-multilib/parent
@@ -0,0 +1,2 @@
+..
+../../../../../features/64bit-native
diff --git a/profiles/hardened/linux/amd64/2008.0/parent b/profiles/hardened/linux/amd64/2008.0/parent
new file mode 100644
index 000000000000..3c71bf2b8ea0
--- /dev/null
+++ b/profiles/hardened/linux/amd64/2008.0/parent
@@ -0,0 +1,2 @@
+..
+../../../../releases/2008.0
diff --git a/profiles/hardened/linux/amd64/2008.0/server/parent b/profiles/hardened/linux/amd64/2008.0/server/parent
new file mode 100644
index 000000000000..c39901657c87
--- /dev/null
+++ b/profiles/hardened/linux/amd64/2008.0/server/parent
@@ -0,0 +1,2 @@
+..
+../../../../../targets/server
diff --git a/profiles/hardened/linux/amd64/make.defaults b/profiles/hardened/linux/amd64/make.defaults
new file mode 100644
index 000000000000..7ca23249aacf
--- /dev/null
+++ b/profiles/hardened/linux/amd64/make.defaults
@@ -0,0 +1,8 @@
+# Copyright 1999-2008 Gentoo Foundation.
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/profiles/hardened/linux/amd64/make.defaults,v 1.1 2008/04/01 17:41:11 wolf31o2 Exp $
+
+USE="justify"
+
+CFLAGS="-mtune=k8 -O2 -pipe -fforce-addr"
+CXXFLAGS="${CFLAGS}"
diff --git a/profiles/hardened/linux/amd64/package.use.mask b/profiles/hardened/linux/amd64/package.use.mask
new file mode 100644
index 000000000000..3fcf67462c38
--- /dev/null
+++ b/profiles/hardened/linux/amd64/package.use.mask
@@ -0,0 +1,10 @@
+# 2007/03/17 - Petteri Räty <betelgeuse@gentoo.org>
+# (Proxying for Diego Pettenò <flameeyes@gmail.com>)
+# ASIHPI driver is supported on 64-bit systems for newer versions
+<media-sound/alsa-driver-1.0.14_rc3 alsa_cards_asihpi
+
+# missing the necessary linux-headers dep
+>=net-fs/netatalk-2.0.3-r3 xfs
+
+# Mask X USE flag on app-editors/jove; bug 202690
+app-editors/jove X
diff --git a/profiles/hardened/linux/amd64/parent b/profiles/hardened/linux/amd64/parent
new file mode 100644
index 000000000000..158dd88c5c69
--- /dev/null
+++ b/profiles/hardened/linux/amd64/parent
@@ -0,0 +1,3 @@
+../../../base
+..
+../../../arch/amd64
diff --git a/profiles/hardened/linux/amd64/use.mask b/profiles/hardened/linux/amd64/use.mask
new file mode 100644
index 000000000000..a243d27fa129
--- /dev/null
+++ b/profiles/hardened/linux/amd64/use.mask
@@ -0,0 +1,8 @@
+# Copyright 1999-2004 Gentoo Foundation.
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/profiles/hardened/linux/amd64/use.mask,v 1.1 2008/04/01 17:41:11 wolf31o2 Exp $
+
+# nvidia-drivers are masked, this has to be too
+video_cards_nvidia
+nvidia
+
diff --git a/profiles/hardened/linux/ia64/2008.0/desktop/parent b/profiles/hardened/linux/ia64/2008.0/desktop/parent
new file mode 100644
index 000000000000..ad6c5e126fbb
--- /dev/null
+++ b/profiles/hardened/linux/ia64/2008.0/desktop/parent
@@ -0,0 +1,2 @@
+..
+../../../../../targets/desktop
diff --git a/profiles/hardened/linux/ia64/2008.0/developer/parent b/profiles/hardened/linux/ia64/2008.0/developer/parent
new file mode 100644
index 000000000000..4c893748ce71
--- /dev/null
+++ b/profiles/hardened/linux/ia64/2008.0/developer/parent
@@ -0,0 +1,2 @@
+..
+../../../../../targets/developer
diff --git a/profiles/hardened/linux/ia64/2008.0/make.defaults b/profiles/hardened/linux/ia64/2008.0/make.defaults
new file mode 100644
index 000000000000..80e92282d0f1
--- /dev/null
+++ b/profiles/hardened/linux/ia64/2008.0/make.defaults
@@ -0,0 +1,9 @@
+# Copyright 1999-2008 Gentoo Foundation.
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/profiles/hardened/linux/ia64/2008.0/make.defaults,v 1.1 2008/04/01 17:41:15 wolf31o2 Exp $
+
+# STAGE1_USE does not stack
+STAGE1_USE="hardened nptl nptlonly pic"
+
+USE="-nls -unicode"
+
diff --git a/profiles/hardened/linux/ia64/2008.0/parent b/profiles/hardened/linux/ia64/2008.0/parent
new file mode 100644
index 000000000000..3c71bf2b8ea0
--- /dev/null
+++ b/profiles/hardened/linux/ia64/2008.0/parent
@@ -0,0 +1,2 @@
+..
+../../../../releases/2008.0
diff --git a/profiles/hardened/linux/ia64/2008.0/server/parent b/profiles/hardened/linux/ia64/2008.0/server/parent
new file mode 100644
index 000000000000..c39901657c87
--- /dev/null
+++ b/profiles/hardened/linux/ia64/2008.0/server/parent
@@ -0,0 +1,2 @@
+..
+../../../../../targets/server
diff --git a/profiles/hardened/linux/ia64/parent b/profiles/hardened/linux/ia64/parent
new file mode 100644
index 000000000000..10d6c4b38690
--- /dev/null
+++ b/profiles/hardened/linux/ia64/parent
@@ -0,0 +1,3 @@
+../../../base
+..
+../../../arch/ia64
diff --git a/profiles/hardened/linux/make.defaults b/profiles/hardened/linux/make.defaults
new file mode 100644
index 000000000000..1b1ce2ef68ce
--- /dev/null
+++ b/profiles/hardened/linux/make.defaults
@@ -0,0 +1,7 @@
+# Copyright 1999-2008 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/profiles/hardened/linux/make.defaults,v 1.1 2008/04/01 17:41:10 wolf31o2 Exp $
+
+STAGE1_USE="hardened nptl nptlonly pic"
+
+USE="hardened pic urandom -fortran -iconv"
diff --git a/profiles/hardened/linux/package.mask b/profiles/hardened/linux/package.mask
new file mode 100644
index 000000000000..eccc86d59983
--- /dev/null
+++ b/profiles/hardened/linux/package.mask
@@ -0,0 +1,102 @@
+# Copyright 2007 Gentoo Foundation.
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/profiles/hardened/linux/package.mask,v 1.1 2008/04/01 17:41:10 wolf31o2 Exp $
+
+# >=acml-3.6 depends on gcc-4*
+>=sci-libs/acml-3.6
+
+# Fails on hardened, bug 187120
+=dev-lang/php-5.2.3-r3
+
+# The following packages need =gcc-4*
+=net-im/skype-1.4.0*
+
+# gcc-4* still isn't ready.
+=sys-devel/gcc-4*
+
+# Mask off glibc-2.4 until the approach for SSP compatibilty is
+# resolved in a way that doesn't break running systems, and we
+# have a sensible upgrade path.  Advise having a static busybox
+# around if you try it in a live system.
+# 2006-03-13 kevquinn
+=sys-libs/glibc-2.4*
+
+# These packages do more harm than good w/ hardened.
+# users must now the opensource xorg nv driver with nvidia cards.
+# By placing Driver "nv" in xorg.conf
+# 2006-06-29 solar
+x11-drivers/nvidia-drivers
+media-video/nvidia-settings
+
+# Shouldn't be merging these SELinux packages on this profile
+# but this keeps repoman happy since they require >=glibc-2.4
+# 20061009 pebenito
+>=sys-libs/libselinux-1.30.29
+>=sys-libs/libsemanage-1.6.17
+>=sys-apps/policycoreutils-1.30.30
+>=sys-apps/checkpolicy-1.30.12
+sec-policy/selinux-acpi
+>=sec-policy/selinux-apache-20060101
+>=sec-policy/selinux-arpwatch-20060101
+>=sec-policy/selinux-asterisk-20060101
+>=sec-policy/selinux-audio-entropyd-20060101
+sec-policy/selinux-avahi
+>=sec-policy/selinux-base-policy-20060101
+>=sec-policy/selinux-bind-20060101
+sec-policy/selinux-bluez
+>=sec-policy/selinux-clamav-20060101
+>=sec-policy/selinux-clockspeed-20060101
+>=sec-policy/selinux-courier-imap-20060101
+sec-policy/selinux-cups
+>=sec-policy/selinux-cyrus-sasl-20060101
+>=sec-policy/selinux-daemontools-20060101
+>=sec-policy/selinux-dante-20060101
+sec-policy/selinux-dbus
+sec-policy/selinux-desktop
+>=sec-policy/selinux-dhcp-20060101
+>=sec-policy/selinux-distcc-20060101
+>=sec-policy/selinux-djbdns-20060101
+sec-policy/selinux-dnsmasq
+>=sec-policy/selinux-ftpd-20060101
+sec-policy/selinux-games
+>=sec-policy/selinux-gnupg-20060101
+>=sec-policy/selinux-gpm-20060101
+sec-policy/selinux-hal
+sec-policy/selinux-inetd
+>=sec-policy/selinux-ipsec-tools-20060101
+>=sec-policy/selinux-jabber-server-20060101
+>=sec-policy/selinux-kerberos-20060101
+>=sec-policy/selinux-logrotate-20060101
+sec-policy/selinux-lpd
+>=sec-policy/selinux-lvm-20060101
+>=sec-policy/selinux-mdadm-20060101
+sec-policy/selinux-munin
+>=sec-policy/selinux-mysql-20060101
+>=sec-policy/selinux-nfs-20060101
+>=sec-policy/selinux-ntop-20060101
+>=sec-policy/selinux-ntp-20060101
+>=sec-policy/selinux-openldap-20060101
+>=sec-policy/selinux-openvpn-20060101
+sec-policy/selinux-pcmcia
+>=sec-policy/selinux-portmap-20060101
+>=sec-policy/selinux-postfix-20060101
+>=sec-policy/selinux-postgresql-20060101
+sec-policy/selinux-ppp
+>=sec-policy/selinux-privoxy-20060101
+>=sec-policy/selinux-procmail-20060101
+>=sec-policy/selinux-publicfile-20060101
+sec-policy/selinux-pyzor
+>=sec-policy/selinux-qmail-20060101
+sec-policy/selinux-razor
+>=sec-policy/selinux-samba-20060101
+>=sec-policy/selinux-screen-20060101
+>=sec-policy/selinux-snmpd-20060101
+>=sec-policy/selinux-snort-20060101
+>=sec-policy/selinux-spamassassin-20060101
+>=sec-policy/selinux-squid-20060101
+>=sec-policy/selinux-stunnel-20060101
+>=sec-policy/selinux-sudo-20060101
+sec-policy/selinux-tcpd
+>=sec-policy/selinux-tftpd-20060101
+>=sec-policy/selinux-ucspi-tcp-20060101
+>=sec-policy/selinux-wireshark-20060101
diff --git a/profiles/hardened/linux/package.use.mask b/profiles/hardened/linux/package.use.mask
new file mode 100644
index 000000000000..8ebcb71dca75
--- /dev/null
+++ b/profiles/hardened/linux/package.use.mask
@@ -0,0 +1,10 @@
+# Note that this requires portage-2.1.1+ so if you need this functionality,
+# make sure your package forces a new-enough portage.
+
+sys-devel/gcc -hardened
+www-apps/mediawiki math
+
+# Michael Sterrett <mr_bones_@gentoo.org> (30 Aug 2007)
+# Security bug #190835
+games-fps/doom-data doomsday
+games-fps/freedoom doomsday
diff --git a/profiles/hardened/linux/parent b/profiles/hardened/linux/parent
new file mode 100644
index 000000000000..77ede2836f49
--- /dev/null
+++ b/profiles/hardened/linux/parent
@@ -0,0 +1 @@
+../../default/linux
diff --git a/profiles/hardened/linux/powerpc/make.defaults b/profiles/hardened/linux/powerpc/make.defaults
new file mode 100644
index 000000000000..96cbb6a24aee
--- /dev/null
+++ b/profiles/hardened/linux/powerpc/make.defaults
@@ -0,0 +1,5 @@
+# Copyright 2005-2008 Gentoo Foundation.
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/profiles/hardened/linux/powerpc/make.defaults,v 1.1 2008/04/01 17:41:18 wolf31o2 Exp $
+
+FEATURES="-sandbox"
diff --git a/profiles/hardened/linux/powerpc/package.mask b/profiles/hardened/linux/powerpc/package.mask
new file mode 100644
index 000000000000..8817fc5a0d72
--- /dev/null
+++ b/profiles/hardened/linux/powerpc/package.mask
@@ -0,0 +1,15 @@
+# Copyright 2007 Gentoo Foundation.
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/profiles/hardened/linux/powerpc/package.mask,v 1.1 2008/04/01 17:41:18 wolf31o2 Exp $
+
+# Wulf C. Krueger <philantrop@gentoo.org> (22 Sep 2007)
+# Needs OOo.
+app-text/bibus
+
+# needs masked gcc
+=sys-libs/glibc-2.5*
+=sys-libs/glibc-2.6*
+=sys-libs/glibc-2.7*
+
+# Requires glibc 2.4 or better
+games-strategy/ufo-ai
diff --git a/profiles/hardened/linux/powerpc/parent b/profiles/hardened/linux/powerpc/parent
new file mode 100644
index 000000000000..728caca769b3
--- /dev/null
+++ b/profiles/hardened/linux/powerpc/parent
@@ -0,0 +1,3 @@
+../../../base
+..
+../../../arch/powerpc
diff --git a/profiles/hardened/linux/powerpc/ppc32/2008.0/desktop/parent b/profiles/hardened/linux/powerpc/ppc32/2008.0/desktop/parent
new file mode 100644
index 000000000000..db8ce088c69a
--- /dev/null
+++ b/profiles/hardened/linux/powerpc/ppc32/2008.0/desktop/parent
@@ -0,0 +1,2 @@
+..
+../../../../../../targets/desktop
diff --git a/profiles/hardened/linux/powerpc/ppc32/2008.0/developer/parent b/profiles/hardened/linux/powerpc/ppc32/2008.0/developer/parent
new file mode 100644
index 000000000000..5c8258a71e32
--- /dev/null
+++ b/profiles/hardened/linux/powerpc/ppc32/2008.0/developer/parent
@@ -0,0 +1,2 @@
+..
+../../../../../../targets/developer
diff --git a/profiles/hardened/linux/powerpc/ppc32/2008.0/make.defaults b/profiles/hardened/linux/powerpc/ppc32/2008.0/make.defaults
new file mode 100644
index 000000000000..144c58ca4ef2
--- /dev/null
+++ b/profiles/hardened/linux/powerpc/ppc32/2008.0/make.defaults
@@ -0,0 +1,9 @@
+# Copyright 1999-2008 Gentoo Foundation.
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/profiles/hardened/linux/powerpc/ppc32/2008.0/make.defaults,v 1.1 2008/04/01 17:41:19 wolf31o2 Exp $
+
+# STAGE1_USE does not stack
+STAGE1_USE="hardened nptl nptlonly pic"
+
+USE="-nls -unicode"
+
diff --git a/profiles/hardened/linux/powerpc/ppc32/2008.0/parent b/profiles/hardened/linux/powerpc/ppc32/2008.0/parent
new file mode 100644
index 000000000000..cfe87f7ad5be
--- /dev/null
+++ b/profiles/hardened/linux/powerpc/ppc32/2008.0/parent
@@ -0,0 +1,2 @@
+..
+../../../../../releases/2008.0
diff --git a/profiles/hardened/linux/powerpc/ppc32/2008.0/server/parent b/profiles/hardened/linux/powerpc/ppc32/2008.0/server/parent
new file mode 100644
index 000000000000..2e085a6e45cc
--- /dev/null
+++ b/profiles/hardened/linux/powerpc/ppc32/2008.0/server/parent
@@ -0,0 +1,2 @@
+..
+../../../../../../targets/server
diff --git a/profiles/hardened/linux/powerpc/ppc32/parent b/profiles/hardened/linux/powerpc/ppc32/parent
new file mode 100644
index 000000000000..2c428f5da065
--- /dev/null
+++ b/profiles/hardened/linux/powerpc/ppc32/parent
@@ -0,0 +1,2 @@
+..
+../../../../arch/powerpc
diff --git a/profiles/hardened/linux/powerpc/ppc64/2008.0/32bit-userland/desktop/parent b/profiles/hardened/linux/powerpc/ppc64/2008.0/32bit-userland/desktop/parent
new file mode 100644
index 000000000000..fae96e8d36b2
--- /dev/null
+++ b/profiles/hardened/linux/powerpc/ppc64/2008.0/32bit-userland/desktop/parent
@@ -0,0 +1,2 @@
+..
+../../../../../../../targets/desktop
diff --git a/profiles/hardened/linux/powerpc/ppc64/2008.0/32bit-userland/developer/parent b/profiles/hardened/linux/powerpc/ppc64/2008.0/32bit-userland/developer/parent
new file mode 100644
index 000000000000..4bb06e409236
--- /dev/null
+++ b/profiles/hardened/linux/powerpc/ppc64/2008.0/32bit-userland/developer/parent
@@ -0,0 +1,2 @@
+..
+../../../../../../../targets/developer
diff --git a/profiles/hardened/linux/powerpc/ppc64/2008.0/32bit-userland/make.defaults b/profiles/hardened/linux/powerpc/ppc64/2008.0/32bit-userland/make.defaults
new file mode 100644
index 000000000000..c6fedb2a2c50
--- /dev/null
+++ b/profiles/hardened/linux/powerpc/ppc64/2008.0/32bit-userland/make.defaults
@@ -0,0 +1,8 @@
+# Copyright 1999-2008 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/profiles/hardened/linux/powerpc/ppc64/2008.0/32bit-userland/make.defaults,v 1.1 2008/04/01 17:41:23 wolf31o2 Exp $
+
+# All extra USE/etc should be specified in sub-profiles.
+# DO NOT POLLUTE USE ON THIS PROFILE.
+
+ACCEPT_KEYWORDS="-* ${ARCH}"
diff --git a/profiles/hardened/linux/powerpc/ppc64/2008.0/32bit-userland/parent b/profiles/hardened/linux/powerpc/ppc64/2008.0/32bit-userland/parent
new file mode 100644
index 000000000000..7947ae88c017
--- /dev/null
+++ b/profiles/hardened/linux/powerpc/ppc64/2008.0/32bit-userland/parent
@@ -0,0 +1,2 @@
+..
+../../../../../../features/32bit-userland
diff --git a/profiles/hardened/linux/powerpc/ppc64/2008.0/32bit-userland/server/parent b/profiles/hardened/linux/powerpc/ppc64/2008.0/32bit-userland/server/parent
new file mode 100644
index 000000000000..8c11cb52782f
--- /dev/null
+++ b/profiles/hardened/linux/powerpc/ppc64/2008.0/32bit-userland/server/parent
@@ -0,0 +1,2 @@
+..
+../../../../../../../targets/server
diff --git a/profiles/hardened/linux/powerpc/ppc64/2008.0/32bit-userland/use.mask b/profiles/hardened/linux/powerpc/ppc64/2008.0/32bit-userland/use.mask
new file mode 100644
index 000000000000..9b09de2deaf0
--- /dev/null
+++ b/profiles/hardened/linux/powerpc/ppc64/2008.0/32bit-userland/use.mask
@@ -0,0 +1,2 @@
+# We mask this since we're not really a multilib profile
+multilib
diff --git a/profiles/hardened/linux/powerpc/ppc64/2008.0/64bit-userland/desktop/parent b/profiles/hardened/linux/powerpc/ppc64/2008.0/64bit-userland/desktop/parent
new file mode 100644
index 000000000000..fae96e8d36b2
--- /dev/null
+++ b/profiles/hardened/linux/powerpc/ppc64/2008.0/64bit-userland/desktop/parent
@@ -0,0 +1,2 @@
+..
+../../../../../../../targets/desktop
diff --git a/profiles/hardened/linux/powerpc/ppc64/2008.0/64bit-userland/developer/parent b/profiles/hardened/linux/powerpc/ppc64/2008.0/64bit-userland/developer/parent
new file mode 100644
index 000000000000..4bb06e409236
--- /dev/null
+++ b/profiles/hardened/linux/powerpc/ppc64/2008.0/64bit-userland/developer/parent
@@ -0,0 +1,2 @@
+..
+../../../../../../../targets/developer
diff --git a/profiles/hardened/linux/powerpc/ppc64/2008.0/64bit-userland/parent b/profiles/hardened/linux/powerpc/ppc64/2008.0/64bit-userland/parent
new file mode 100644
index 000000000000..2479a24f890a
--- /dev/null
+++ b/profiles/hardened/linux/powerpc/ppc64/2008.0/64bit-userland/parent
@@ -0,0 +1,2 @@
+..
+../../../../../../features/64bit-native
diff --git a/profiles/hardened/linux/powerpc/ppc64/2008.0/64bit-userland/server/parent b/profiles/hardened/linux/powerpc/ppc64/2008.0/64bit-userland/server/parent
new file mode 100644
index 000000000000..8c11cb52782f
--- /dev/null
+++ b/profiles/hardened/linux/powerpc/ppc64/2008.0/64bit-userland/server/parent
@@ -0,0 +1,2 @@
+..
+../../../../../../../targets/server
diff --git a/profiles/hardened/linux/powerpc/ppc64/2008.0/64bit-userland/use.mask b/profiles/hardened/linux/powerpc/ppc64/2008.0/64bit-userland/use.mask
new file mode 100644
index 000000000000..6c918ff219d7
--- /dev/null
+++ b/profiles/hardened/linux/powerpc/ppc64/2008.0/64bit-userland/use.mask
@@ -0,0 +1,2 @@
+# We mask this since we don't have a stable sys-process/audit yet
+audit
diff --git a/profiles/hardened/linux/powerpc/ppc64/2008.0/64bit-userland/virtuals b/profiles/hardened/linux/powerpc/ppc64/2008.0/64bit-userland/virtuals
new file mode 100644
index 000000000000..39ec233b50ff
--- /dev/null
+++ b/profiles/hardened/linux/powerpc/ppc64/2008.0/64bit-userland/virtuals
@@ -0,0 +1,5 @@
+# Copyright 2004-2008 Gentoo Foundation.
+# Distributed under the terms of the GNU General Public License, v2
+# $Header: /var/cvsroot/gentoo-x86/profiles/hardened/linux/powerpc/ppc64/2008.0/64bit-userland/virtuals,v 1.1 2008/04/01 17:41:26 wolf31o2 Exp $
+
+virtual/bootloader     sys-boot/yaboot-static
diff --git a/profiles/hardened/linux/powerpc/ppc64/2008.0/desktop/parent b/profiles/hardened/linux/powerpc/ppc64/2008.0/desktop/parent
new file mode 100644
index 000000000000..db8ce088c69a
--- /dev/null
+++ b/profiles/hardened/linux/powerpc/ppc64/2008.0/desktop/parent
@@ -0,0 +1,2 @@
+..
+../../../../../../targets/desktop
diff --git a/profiles/hardened/linux/powerpc/ppc64/2008.0/developer/parent b/profiles/hardened/linux/powerpc/ppc64/2008.0/developer/parent
new file mode 100644
index 000000000000..5c8258a71e32
--- /dev/null
+++ b/profiles/hardened/linux/powerpc/ppc64/2008.0/developer/parent
@@ -0,0 +1,2 @@
+..
+../../../../../../targets/developer
diff --git a/profiles/hardened/linux/powerpc/ppc64/2008.0/make.defaults b/profiles/hardened/linux/powerpc/ppc64/2008.0/make.defaults
new file mode 100644
index 000000000000..cf0f6ce1543d
--- /dev/null
+++ b/profiles/hardened/linux/powerpc/ppc64/2008.0/make.defaults
@@ -0,0 +1,9 @@
+# Copyright 1999-2008 Gentoo Foundation.
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/profiles/hardened/linux/powerpc/ppc64/2008.0/make.defaults,v 1.1 2008/04/01 17:41:22 wolf31o2 Exp $
+
+# STAGE1_USE does not stack
+STAGE1_USE="hardened nptl nptlonly pic"
+
+USE="-nls -unicode"
+
diff --git a/profiles/hardened/linux/powerpc/ppc64/2008.0/parent b/profiles/hardened/linux/powerpc/ppc64/2008.0/parent
new file mode 100644
index 000000000000..cfe87f7ad5be
--- /dev/null
+++ b/profiles/hardened/linux/powerpc/ppc64/2008.0/parent
@@ -0,0 +1,2 @@
+..
+../../../../../releases/2008.0
diff --git a/profiles/hardened/linux/powerpc/ppc64/2008.0/server/parent b/profiles/hardened/linux/powerpc/ppc64/2008.0/server/parent
new file mode 100644
index 000000000000..2e085a6e45cc
--- /dev/null
+++ b/profiles/hardened/linux/powerpc/ppc64/2008.0/server/parent
@@ -0,0 +1,2 @@
+..
+../../../../../../targets/server
diff --git a/profiles/hardened/linux/powerpc/ppc64/package.use.mask b/profiles/hardened/linux/powerpc/ppc64/package.use.mask
new file mode 100644
index 000000000000..ded15bcafd5e
--- /dev/null
+++ b/profiles/hardened/linux/powerpc/ppc64/package.use.mask
@@ -0,0 +1,6 @@
+# Diego Pettenò <flameeyes@gentoo.org> (10 Nov 2007)
+# Tests for Linux-PAM 0.99 require >=sys-libs/glibc-2.4
+=sys-libs/pam-0.99* test
+#Brent Baude <ranger@gentoo.org> (1 Feb 2008)
+# Masking hb and hb2 USE flags as no suitable solution for evms exists
+sys-fs/evms hb hb2
diff --git a/profiles/hardened/linux/powerpc/ppc64/parent b/profiles/hardened/linux/powerpc/ppc64/parent
new file mode 100644
index 000000000000..cc638282d9d2
--- /dev/null
+++ b/profiles/hardened/linux/powerpc/ppc64/parent
@@ -0,0 +1,3 @@
+..
+../../../../arch/powerpc/ppc64
+../../../../features/64bit-native
diff --git a/profiles/hardened/linux/powerpc/ppc64/use.mask b/profiles/hardened/linux/powerpc/ppc64/use.mask
new file mode 100644
index 000000000000..da7f5c1759b4
--- /dev/null
+++ b/profiles/hardened/linux/powerpc/ppc64/use.mask
@@ -0,0 +1,58 @@
+# this is a list of USE flags
+# that should not be used on PPC64
+# Tom Gall <tgall@gentoo.org> manages this list
+mplayer
+ruby
+
+# should be ok
+jikes
+junit
+
+guile
+
+# need to test libaio
+aio
+# needs some asm written
+ocaml
+
+# until media-libs/portaudio is keyworded for ppc64
+portaudio
+
+# mask mozilla/firefox (bug #108020)
+mozilla
+firefox
+seamonkey
+
+# 2006/03/20 - Donnie Berkholz <dberkholz@gentoo.org>
+# Modular X: mask for architectures on which they aren't available
+video_cards_apm
+video_cards_ark
+video_cards_cyrix
+video_cards_i128
+video_cards_i740
+video_cards_i810
+video_cards_neomagic
+video_cards_nsc
+video_cards_rendition
+video_cards_siliconmotion
+video_cards_sis
+video_cards_tga
+video_cards_tseng
+video_cards_vesa
+video_cards_vga
+video_cards_via
+
+# Masked p2p for bug #155302 <josejx@gentoo.org>
+p2p
+
+# 02 Dec 2006; Tony Vroon <chainsaw@gentoo.org> 
+# Keywording wpa_supplicant, but I don't have madwifi(-ng) hardware to test with, only BCM4306.
+madwifi
+
+# mask qt4 (does not work) - bug #178779
+qt4
+
+# USE=audit masked prior to testing on alpha, arm, hppa, ppc64, s390, sh.
+# Bug #184563, 18 Sep 2007 
+# Robin H. Johnson <robbat2@gentoo.org>
+audit
diff --git a/profiles/hardened/linux/powerpc/ppc64/virtuals b/profiles/hardened/linux/powerpc/ppc64/virtuals
new file mode 100644
index 000000000000..0bd052c5a3dd
--- /dev/null
+++ b/profiles/hardened/linux/powerpc/ppc64/virtuals
@@ -0,0 +1,5 @@
+# Copyright 2005 Gentoo Foundation.
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/profiles/hardened/linux/powerpc/ppc64/virtuals,v 1.1 2008/04/01 17:41:22 wolf31o2 Exp $
+
+virtual/bootloader     sys-boot/yaboot-static
diff --git a/profiles/hardened/linux/use.mask b/profiles/hardened/linux/use.mask
new file mode 100644
index 000000000000..8d68abcd9a9d
--- /dev/null
+++ b/profiles/hardened/linux/use.mask
@@ -0,0 +1,21 @@
+# Copyright 1999-2004 Gentoo Foundation.
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/profiles/hardened/linux/use.mask,v 1.1 2008/04/01 17:41:10 wolf31o2 Exp $
+
+emul-linux-x86
+
+x264
+
+# lvm2 clustered use flags (moved from default-linux)
+clvm
+gulm
+cman
+
+# tcc is x86-only
+tcc
+
+# precompiled headers are not compat with ASLR.
+pch
+
+# we love this stuff
+-hardened
diff --git a/profiles/hardened/linux/virtuals b/profiles/hardened/linux/virtuals
new file mode 100644
index 000000000000..3bf8dc109dc5
--- /dev/null
+++ b/profiles/hardened/linux/virtuals
@@ -0,0 +1,6 @@
+# Copyright 1999-2005 Gentoo Foundation.
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/profiles/hardened/linux/virtuals,v 1.1 2008/04/01 17:41:10 wolf31o2 Exp $
+
+virtual/alsa			sys-kernel/hardened-sources
+virtual/linux-sources	sys-kernel/hardened-sources
diff --git a/profiles/hardened/linux/x86/2008.0/desktop/parent b/profiles/hardened/linux/x86/2008.0/desktop/parent
new file mode 100644
index 000000000000..ad6c5e126fbb
--- /dev/null
+++ b/profiles/hardened/linux/x86/2008.0/desktop/parent
@@ -0,0 +1,2 @@
+..
+../../../../../targets/desktop
diff --git a/profiles/hardened/linux/x86/2008.0/developer/parent b/profiles/hardened/linux/x86/2008.0/developer/parent
new file mode 100644
index 000000000000..4c893748ce71
--- /dev/null
+++ b/profiles/hardened/linux/x86/2008.0/developer/parent
@@ -0,0 +1,2 @@
+..
+../../../../../targets/developer
diff --git a/profiles/hardened/linux/x86/2008.0/make.defaults b/profiles/hardened/linux/x86/2008.0/make.defaults
new file mode 100644
index 000000000000..3675827476af
--- /dev/null
+++ b/profiles/hardened/linux/x86/2008.0/make.defaults
@@ -0,0 +1,9 @@
+# Copyright 1999-2008 Gentoo Foundation.
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/profiles/hardened/linux/x86/2008.0/make.defaults,v 1.1 2008/04/01 17:41:31 wolf31o2 Exp $
+
+# STAGE1_USE does not stack
+STAGE1_USE="hardened nptl nptlonly pic"
+
+USE="-nls -unicode"
+
diff --git a/profiles/hardened/linux/x86/2008.0/no-nptl/parent b/profiles/hardened/linux/x86/2008.0/no-nptl/parent
new file mode 100644
index 000000000000..0627a62b5353
--- /dev/null
+++ b/profiles/hardened/linux/x86/2008.0/no-nptl/parent
@@ -0,0 +1,2 @@
+..
+../../../../../features/no-nptl
diff --git a/profiles/hardened/linux/x86/2008.0/parent b/profiles/hardened/linux/x86/2008.0/parent
new file mode 100644
index 000000000000..3c71bf2b8ea0
--- /dev/null
+++ b/profiles/hardened/linux/x86/2008.0/parent
@@ -0,0 +1,2 @@
+..
+../../../../releases/2008.0
diff --git a/profiles/hardened/linux/x86/2008.0/server/parent b/profiles/hardened/linux/x86/2008.0/server/parent
new file mode 100644
index 000000000000..c39901657c87
--- /dev/null
+++ b/profiles/hardened/linux/x86/2008.0/server/parent
@@ -0,0 +1,2 @@
+..
+../../../../../targets/server
diff --git a/profiles/hardened/linux/x86/make.defaults b/profiles/hardened/linux/x86/make.defaults
new file mode 100644
index 000000000000..3e5381b68285
--- /dev/null
+++ b/profiles/hardened/linux/x86/make.defaults
@@ -0,0 +1,25 @@
+# Copyright 1999-2006 Gentoo Foundation.
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/profiles/hardened/linux/x86/make.defaults,v 1.1 2008/04/01 17:41:30 wolf31o2 Exp $
+
+ARCH="x86"
+ACCEPT_KEYWORDS="x86"
+
+CHOST="i486-pc-linux-gnu"
+CFLAGS="-O2 -mcpu=i486 -pipe -fforce-addr"
+CXXFLAGS="${CFLAGS}"
+
+USE="berkdb crypt hardened nls nptl nptlonly pam pic readline ssl tcpd zlib"
+
+# 2006/08/18 - Donnie Berkholz <dberkholz@gentoo.org>
+# Defaults for video drivers
+VIDEO_CARDS="apm ark chips cirrus cyrix dummy fbdev glint i128 i740 i810 imstt \
+	mach64 mga neomagic nsc nv r128 radeon rendition s3 s3virge savage \
+	siliconmotion sis sisusb tdfx tga trident tseng v4l vesa vga via vmware \
+	voodoo"
+
+# 2006/12/21 - Andrej Kacian <ticho@gentoo.org>
+# Defaults for audio drivers
+ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1 \
+	emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m \
+	maestro3 trident usb-audio via82xx via82xx-modem ymfpci"
diff --git a/profiles/hardened/linux/x86/minimal/make.defaults b/profiles/hardened/linux/x86/minimal/make.defaults
new file mode 100644
index 000000000000..7231ba0b372c
--- /dev/null
+++ b/profiles/hardened/linux/x86/minimal/make.defaults
@@ -0,0 +1,15 @@
+# Copyright 2007 Gentoo Foundation.
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/profiles/hardened/linux/x86/minimal/make.defaults,v 1.1 2008/04/01 17:41:34 wolf31o2 Exp $
+
+# - TESTING PROFILE - TESTING PROFILE - 
+#  ------ USE AT YOUR OWN RISK ------
+
+USE="-* crypt hardened minimal multicall ncurses pic readline zlib"
+PORTDIR=/usr/portage
+PKGDIR=${PORTDIR}/packages/${ARCH}/
+
+CFLAGS="-Os -pipe"
+CXXFLAGS="${CFLAGS}"
+FEATURES="nodoc noinfo noman"
+
diff --git a/profiles/hardened/linux/x86/minimal/parent b/profiles/hardened/linux/x86/minimal/parent
new file mode 100644
index 000000000000..f3229c5b9876
--- /dev/null
+++ b/profiles/hardened/linux/x86/minimal/parent
@@ -0,0 +1 @@
+..
diff --git a/profiles/hardened/linux/x86/minimal/use.mask b/profiles/hardened/linux/x86/minimal/use.mask
new file mode 100644
index 000000000000..6645969ef058
--- /dev/null
+++ b/profiles/hardened/linux/x86/minimal/use.mask
@@ -0,0 +1,2 @@
+pam
+nls
diff --git a/profiles/hardened/linux/x86/minimal/virtuals b/profiles/hardened/linux/x86/minimal/virtuals
new file mode 100644
index 000000000000..590fb8492d5a
--- /dev/null
+++ b/profiles/hardened/linux/x86/minimal/virtuals
@@ -0,0 +1 @@
+virtual/ssh	net-misc/dropbear
diff --git a/profiles/hardened/linux/x86/package.mask b/profiles/hardened/linux/x86/package.mask
new file mode 100644
index 000000000000..b5f9676cde7c
--- /dev/null
+++ b/profiles/hardened/linux/x86/package.mask
@@ -0,0 +1,12 @@
+# Copyright 2006-2008 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/profiles/hardened/linux/x86/package.mask,v 1.1 2008/04/01 17:41:30 wolf31o2 Exp $
+
+# Markus Ullmann <jokey@gentoo.org> (18 Apr 2007)
+# mask because of b0rkage with hardened compiler, works with vanilla compiler
+# see bug #174813
+app-emulation/virtualbox
+
+# Christian Faulhammer <opfer@gentoo.org> (05 Dec 2006)
+# this version is badly broken on x86, see bug #153280
+~app-arch/rpm-4.4.7
diff --git a/profiles/hardened/linux/x86/package.use.mask b/profiles/hardened/linux/x86/package.use.mask
new file mode 100644
index 000000000000..88395cf62321
--- /dev/null
+++ b/profiles/hardened/linux/x86/package.use.mask
@@ -0,0 +1,10 @@
+# This file requires >=portage-2.1.1
+
+# cyrus-sasl doesn't work w/ USE=berkdb (#192753)
+dev-libs/cyrus-sasl berkdb
+
+# missing the necessary linux-headers dep
+>=net-fs/netatalk-2.0.3-r3 xfs
+
+# needs sys-process/audit which is masked by this profile
+sys-libs/pam audit
diff --git a/profiles/hardened/linux/x86/parent b/profiles/hardened/linux/x86/parent
new file mode 100644
index 000000000000..03cb31cedb03
--- /dev/null
+++ b/profiles/hardened/linux/x86/parent
@@ -0,0 +1,3 @@
+../../../base
+..
+../../../arch/x86
diff --git a/profiles/hardened/linux/x86/use.mask b/profiles/hardened/linux/x86/use.mask
new file mode 100644
index 000000000000..f4df12c2e405
--- /dev/null
+++ b/profiles/hardened/linux/x86/use.mask
@@ -0,0 +1,8 @@
+# Copyright 1999-2004 Gentoo Foundation.
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/profiles/hardened/linux/x86/use.mask,v 1.1 2008/04/01 17:41:30 wolf31o2 Exp $
+
+# nvidia-drivers are masked, this has to be too
+video_cards_nvidia
+nvidia
+