| # Install minimal AppArmor profiles. |
| sec-policy/apparmor-profiles minimal |
| |
| # Docker uses libapparmor, so this should have static libs included. |
| sys-libs/libapparmor static-libs |
| |
| # Lakitu uses overlayfs graph driver in docker. |
| app-emulation/docker -device-mapper overlay |
| |
| # Use generated test key. |
| chromeos-base/chromeos-ssh-testkeys generated_ssh_key |
| |
| # We don't use the few features this adds, and it avoids a circ dep. |
| # https://crbug.com/599986 |
| sys-apps/util-linux -systemd |
| |
| # procps' "systemd" support is nothing but the "ps" tool printing systemd units, |
| # which "systemd-cgls" can do. Disabling it avoids a circ dep. |
| sys-process/procps -systemd |
| |
| # Enable metrics uploader. |
| chromeos-base/metrics metrics_uploader |
| |
| # Enable full-featured vim. |
| app-editors/vim -minimal |
| |
| # Docker uses libseccomp, so this should have static libs included. |
| sys-libs/libseccomp static-libs |
| |
| # Build ebtables statically to prevent deps on its libraries. |
| net-firewall/ebtables static |
| |
| # This removed dependency on libmix which is depricated and unsupported. |
| net-analyzer/netcat -crypt |
| |
| # Enable 'poweroff', 'reboot' and other similar commands that control init. |
| sys-apps/systemd sysv-utils |
| |
| # Disable systemd-logind session tracker |
| sys-auth/pambase -systemd |
| |
| # Docker uses tini, so this should be static |
| sys-process/tini static |
| |
| # Disable PAM for busybox, because it conflicts with 'static' use flag. |
| sys-apps/busybox -pam static |
| |
| # The JavaScript SSH client implementation on GCE developer console |
| # ('ssh-in-browser') does not handle HPN-capable server very well, so disable |
| # HPN support in OpenSSH (b/64450408). |
| net-misc/openssh -hpn |