From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-dev+bounces-82374-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by finch.gentoo.org (Postfix) with ESMTPS id 49E7B1396D9
	for <garchives@archives.gentoo.org>; Tue, 10 Oct 2017 19:28:48 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 199452BC026;
	Tue, 10 Oct 2017 19:28:43 +0000 (UTC)
Received: from mail-ua0-x233.google.com (mail-ua0-x233.google.com [IPv6:2607:f8b0:400c:c08::233])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id B86F92BC004
	for <gentoo-dev@lists.gentoo.org>; Tue, 10 Oct 2017 19:28:42 +0000 (UTC)
Received: by mail-ua0-x233.google.com with SMTP id b11so17379714uae.12
        for <gentoo-dev@lists.gentoo.org>; Tue, 10 Oct 2017 12:28:42 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=scriptkitty-com.20150623.gappssmtp.com; s=20150623;
        h=mime-version:sender:in-reply-to:references:from:date:message-id
         :subject:to:cc;
        bh=NbNdGISyvzPMv241KShJ+EA/xa/bSsz8bo3c7OoyqpQ=;
        b=swDH8la9hIJHFcNTCowsEzSURnn/E7CoMZHrB7pqaQEE0Q7jKmEWQG2EwKWR5QX2d+
         AwEG+bMh1x3RjXB8QjM6gREj8bulG59u93qjwm3UepWlJj/Pvp3kpp5B0o13aopS2Y+C
         I44PZVXktVH+aHuJ1gO4bD8DkSCeMaJq5rz/UNMvobjvXjhanyxb8cICJqaYm89aevn5
         gxWDpmBhv2Z0RukOFH4Uq61OG75ZI1/Qx4zKIFIm5YIqUn07iMgvxGV0Nv9qVGj+yrZu
         Vqc2KcJaLhkA4AVyB8Bt1P8Wpwx1w+B/9yweBRTTlVdAUtiTMfZzK+2OK1B01GQocrg3
         97fg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:sender:in-reply-to:references:from
         :date:message-id:subject:to:cc;
        bh=NbNdGISyvzPMv241KShJ+EA/xa/bSsz8bo3c7OoyqpQ=;
        b=TDXnV8GFBbTW5FMKT5zNsE96BsVLpkQ7J+BEx9jqNTBqeunSuJdxWmTw/zdbYeTKqz
         AzyK29ld/Ju4iG/RbgB2e85qirEbIgbRnILUw0hCaWnDAQp8rMLYpqo/LR0DZoXQL+5f
         xg2U+/xlcxhsW9XOO0h8uT4kOMvboaGGge5OEDk+T8qP1M1ANMgafWCx6pthK4IvEswL
         LGdMVJbJBKcgMnZaLjhYHPnX3Y5P1qH2GXE8WaycKykD1zOMzJaZoPKvsCDxJ0dq0rNz
         ZR4+fCFH9tPMR+woIZWALmNFhYOW7iTD5JtG57zLwU+ocbvKsvmW0w/OG+EJ9xh5htTk
         S0Fw==
X-Gm-Message-State: AMCzsaXlPSosppaA7oQXP4cSlaNjOvrh1DoHYzKrrVb4m4jgItZvA8UB
	00aZ2iI2/sBn4vNeZm45y1ivjBqRhDk+faj1CEISZg==
X-Google-Smtp-Source: AOwi7QBCrPstYlyxVv6JhQxK+6ETJrJRPHyRajX3U1/Uj64Kef1hR0u3vsAQvVjLDz6vSoenQVEwHUTpatXoEWan8UE=
X-Received: by 10.176.95.138 with SMTP id b10mr8971019uaj.96.1507663721442;
 Tue, 10 Oct 2017 12:28:41 -0700 (PDT)
Precedence: bulk
List-Post: <mailto:gentoo-dev@lists.gentoo.org>
List-Help: <mailto:gentoo-dev+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-dev+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-dev+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-dev.gentoo.org>
X-BeenThere: gentoo-dev@lists.gentoo.org
Reply-to: gentoo-dev@lists.gentoo.org
MIME-Version: 1.0
Sender: antarus@scriptkitty.com
Received: by 10.159.48.195 with HTTP; Tue, 10 Oct 2017 12:28:41 -0700 (PDT)
X-Originating-IP: [2620:0:1003:410:3588:1e46:7ecc:11d6]
In-Reply-To: <1537421.UsZouyEjHW@pinacolada>
References: <1528131.eIYCIZq90I@pinacolada> <1537421.UsZouyEjHW@pinacolada>
From: Alec Warner <antarus@gentoo.org>
Date: Tue, 10 Oct 2017 15:28:41 -0400
X-Google-Sender-Auth: Szjp2ZGLrlzmjB0E1-XLglPMGq4
Message-ID: <CAAr7Pr8RS3WoFzYW1ZH8hZe9eaHcDdVaP4zhq-255yjHMXFJCg@mail.gmail.com>
Subject: Re: [gentoo-dev] RFC v2: news item for the 17.0 profiles
To: Gentoo Dev <gentoo-dev@lists.gentoo.org>
Cc: PR Gentoo <pr@gentoo.org>
Content-Type: multipart/alternative; boundary="089e0822c7a08ec550055b3650a4"
X-Archives-Salt: 7a3a4ba3-8999-4a6e-98bc-b4f0f72ed367
X-Archives-Hash: 59a6500adbe383011da05492b7bf72d4

--089e0822c7a08ec550055b3650a4
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

On Tue, Oct 10, 2017 at 3:16 PM, Andreas K. Huettel <dilfridge@gentoo.org>
wrote:

> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
> Title: New 17.0 profiles in the Gentoo repository
> Author: Andreas K. H=C3=BCttel <dilfridge@gentoo.org>
> Posted: xxxxxxx
> Revision: 1
> News-Item-Format: 2.0
> Display-If-Installed: >=3Dsys-devel/gcc-6.4.0
>
> We have just added a new set of profiles with release version 17.0
> to the Gentoo repository. These bring three changes:
> 1) The default C++ language version for applications is now C++14.
>    This change is mostly relevant to Gentoo developers. It also
>    means, however, that compilers earlier than GCC 6 are masked
>    and not supported for use as a system compiler anymore. Feel
>    free to unmask them if you need them for specific applications.
> 2) Where supported, GCC will now build position-independent
>    executables (PIE) by default. This improves the overall
>    security fingerprint. The switch from non-PIE to PIE binaries,
>    however, requires some steps by users, as detailed below.
> 3) Up to now, hardened profiles were separate from the default
>    profile tree. Now they are moving into the 17.0 profile
>    as a feature there, similar to "no-multilib" and "systemd".
>
> Please consider switching from your current 13.0 profile to the
> corresponding 17.0 profile soon after GCC 6.4.0 has been
> stabilized on your architecture. The 13.0 profiles will be deprecated
> and removed in the near future.
>

Can you commit to a deadline on this?

Its OK to be wrong (e.g. say 1 month but remove in 3); but "near future" is
not actionable by readers.


>
> Switching involves the following steps:
> If not already done,
> * Use gcc-config to select gcc-6.4.0 (or later) as system compiler
> * Re-source /etc/profile:
>     . /etc/profile
> * Re-emerge libtool
> Then,
> * Select the new profile with eselect
> * Re-emerge, in this sequence, the selected gcc, binutils, and glibc
>     emerge -1 sys-devel/gcc:6.4.0
>     emerge -1 sys-devel/binutils
>     emerge -1 sys-libs/glibc
> * Rebuild your entire system
>     emerge -e world
>
> Switching the profile modifies the use-flags of GCC 6 to generate
> PIE executables by default; thus, you need to do the rebuilds
> even if you already used GCC 6 beforehand.
>
> If you do not follow these steps you may get spurious build
> failures when the linker tries unsuccessfully to combine non-PIE
> and PIE code.
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
>
>
>
> --
> Andreas K. H=C3=BCttel
> dilfridge@gentoo.org
> Gentoo Linux developer (council, perl, libreoffice)

--089e0822c7a08ec550055b3650a4
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><br><div class=3D"gmail_extra"><br><div class=3D"gmail_quo=
te">On Tue, Oct 10, 2017 at 3:16 PM, Andreas K. Huettel <span dir=3D"ltr">&=
lt;<a href=3D"mailto:dilfridge@gentoo.org" target=3D"_blank">dilfridge@gent=
oo.org</a>&gt;</span> wrote:<br><blockquote class=3D"gmail_quote" style=3D"=
margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D<wbr>=3D=3D=3D=3D=3D=3D=3D<br>
Title: New 17.0 profiles in the Gentoo repository<br>
Author: Andreas K. H=C3=BCttel &lt;<a href=3D"mailto:dilfridge@gentoo.org">=
dilfridge@gentoo.org</a>&gt;<br>
Posted: xxxxxxx<br>
Revision: 1<br>
News-Item-Format: 2.0<br>
Display-If-Installed: &gt;=3Dsys-devel/gcc-6.4.0<br>
<br>
We have just added a new set of profiles with release version 17.0<br>
to the Gentoo repository. These bring three changes:<br>
1) The default C++ language version for applications is now C++14.<br>
=C2=A0 =C2=A0This change is mostly relevant to Gentoo developers. It also<b=
r>
=C2=A0 =C2=A0means, however, that compilers earlier than GCC 6 are masked<b=
r>
=C2=A0 =C2=A0and not supported for use as a system compiler anymore. Feel<b=
r>
=C2=A0 =C2=A0free to unmask them if you need them for specific applications=
.<br>
2) Where supported, GCC will now build position-independent<br>
=C2=A0 =C2=A0executables (PIE) by default. This improves the overall<br>
=C2=A0 =C2=A0security fingerprint. The switch from non-PIE to PIE binaries,=
<br>
=C2=A0 =C2=A0however, requires some steps by users, as detailed below.<br>
3) Up to now, hardened profiles were separate from the default<br>
=C2=A0 =C2=A0profile tree. Now they are moving into the 17.0 profile<br>
=C2=A0 =C2=A0as a feature there, similar to &quot;no-multilib&quot; and &qu=
ot;systemd&quot;.<br>
<br>
Please consider switching from your current 13.0 profile to the<br>
corresponding 17.0 profile soon after GCC 6.4.0 has been<br>
stabilized on your architecture. The 13.0 profiles will be deprecated<br>
and removed in the near future.<br></blockquote><div><br></div><div>Can you=
 commit to a deadline on this?</div><div><br></div><div>Its OK to be wrong =
(e.g. say 1 month but remove in 3); but &quot;near future&quot; is not acti=
onable by readers.</div><div>=C2=A0</div><blockquote class=3D"gmail_quote" =
style=3D"margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<br>
Switching involves the following steps:<br>
If not already done,<br>
* Use gcc-config to select gcc-6.4.0 (or later) as system compiler<br>
* Re-source /etc/profile:<br>
=C2=A0 =C2=A0 . /etc/profile<br>
* Re-emerge libtool<br>
Then,<br>
* Select the new profile with eselect<br>
* Re-emerge, in this sequence, the selected gcc, binutils, and glibc<br>
=C2=A0 =C2=A0 emerge -1 sys-devel/gcc:6.4.0<br>
=C2=A0 =C2=A0 emerge -1 sys-devel/binutils<br>
=C2=A0 =C2=A0 emerge -1 sys-libs/glibc<br>
* Rebuild your entire system<br>
=C2=A0 =C2=A0 emerge -e world<br>
<br>
Switching the profile modifies the use-flags of GCC 6 to generate<br>
PIE executables by default; thus, you need to do the rebuilds<br>
even if you already used GCC 6 beforehand.<br>
<br>
If you do not follow these steps you may get spurious build<br>
failures when the linker tries unsuccessfully to combine non-PIE<br>
and PIE code.<br>
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D<wbr>=3D=3D=3D=3D=3D=3D=3D<br>
<span class=3D"HOEnZb"><font color=3D"#888888"><br>
<br>
<br>
--<br>
Andreas K. H=C3=BCttel<br>
<a href=3D"mailto:dilfridge@gentoo.org">dilfridge@gentoo.org</a><br>
Gentoo Linux developer (council, perl, libreoffice)</font></span></blockquo=
te></div><br></div></div>

--089e0822c7a08ec550055b3650a4--