summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRobin H. Johnson <robbat2@gentoo.org>2017-11-30 12:33:14 -0800
committerRobin H. Johnson <robbat2@gentoo.org>2017-11-30 12:35:50 -0800
commit07380791d1f4739ba21be6bcc986b575c6fb8b27 (patch)
tree0853add97a0aa2d004ea533c48a3a2c5aabb21ae /net-firewall
parentnet-firewall/ipset: improve init.d save (diff)
downloadgentoo-07380791d1f4739ba21be6bcc986b575c6fb8b27.tar.gz
gentoo-07380791d1f4739ba21be6bcc986b575c6fb8b27.tar.bz2
gentoo-07380791d1f4739ba21be6bcc986b575c6fb8b27.zip
net-firewall/ipset: block modules & CONFIG_PAX_CONSTIFY_PLUGIN
Closes: https://bugs.gentoo.org/614896 Package-Manager: Portage-2.3.16, Repoman-2.3.6 Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
Diffstat (limited to 'net-firewall')
-rw-r--r--net-firewall/ipset/ipset-6.34.ebuild2
1 files changed, 2 insertions, 0 deletions
diff --git a/net-firewall/ipset/ipset-6.34.ebuild b/net-firewall/ipset/ipset-6.34.ebuild
index 292b40eb05d7..98a8e3e335b6 100644
--- a/net-firewall/ipset/ipset-6.34.ebuild
+++ b/net-firewall/ipset/ipset-6.34.ebuild
@@ -36,6 +36,8 @@ pkg_setup() {
# It does still build without NET_NS, but it may be needed in future.
#CONFIG_CHECK="${CONFIG_CHECK} NET_NS"
#ERROR_NET_NS="ipset requires NET_NS (network namespace) support in your kernel."
+ CONFIG_CHECK+=" !PAX_CONSTIFY_PLUGIN"
+ ERROR_PAX_CONSTIFY_PLUGIN="ipset contains constified variables (#614896)"
build_modules=0
if use modules; then