diff --git a/Makefile b/Makefile
index f3ea64e..cf0487d 100644
--- a/Makefile
+++ b/Makefile
@@ -6,7 +6,19 @@ export CONFIGDIR
 
 update.tar: $(IMAGESDIR)/update.tar.zstd
 
+$(O)/portage/.stamp: \
+		$(shell find portage -type f) \
+		$(shell find $(CONFIGDIR)/portage -type f)
+	rm -rf $(O)/portage
+	mkdir -p $(O)/portage/etc/portage
+	tar -C portage -c . | tar -C $(O)/portage/etc/portage -x
+	tar -C $(CONFIGDIR)/portage -c . | tar -C $(O)/portage/etc/portage -x
+	touch $@
+
+portage: $(O)/portage/.stamp
+
 $(O)/.prepared: \
+		$(O)/portage/.stamp \
 		prepare.sh \
 		setup-local-repo.sh
 	./prepare.sh
@@ -22,7 +34,7 @@ $(O)/.built: \
 		install.packages \
 		$(wildcard $(CONFIGDIR)/build.packages) \
 		$(CONFIGDIR)/install.packages \
-		$(shell find $(CONFIGDIR)/portage/target -type f) \
+		$(O)/portage/.stamp \
 		$(O)/.prepared
 	./build.sh
 	touch $(O)/.built
@@ -111,6 +123,7 @@ clean:
 	build \
 	grub \
 	kernel \
+	portage \
 	prepare \
 	sdcard.img \
 	squashfs \
diff --git a/build-rootfs.sh b/build-rootfs.sh
index 7ea5a23..7826785 100755
--- a/build-rootfs.sh
+++ b/build-rootfs.sh
@@ -29,7 +29,7 @@ cat \
     | xargs -ro \
 ${target}-emerge \
     --root=/mnt/gentoo \
-    --config-root="${CONFIGDIR}"/portage/target \
+    --config-root="${O}"/portage \
     -KvnuUDj \
     --rebuilt-binaries=y
 
@@ -37,7 +37,7 @@ if [ -f "${CONFIGDIR}"/installonly.packages ]; then
     < "${CONFIGDIR}"/installonly.packages xargs -ro \
     ${target}-emerge \
         --root=/mnt/gentoo \
-        --config-root="${CONFIGDIR}"/portage/target \
+        --config-root="${O}"/portage \
         -vnuUDj
 fi
 
diff --git a/build.sh b/build.sh
index 583247b..8389ff5 100755
--- a/build.sh
+++ b/build.sh
@@ -7,7 +7,7 @@ set -e
 
 unset MAKEFLAGS MAKEOVERRIDES MAKELEVEL
 
-export PORTAGE_CONFIGROOT="${CONFIGDIR}"/portage/target
+export PORTAGE_CONFIGROOT="${O}"/portage
 
 ${target}-emerge -vuUDj sys-apps/util-linux
 
diff --git a/portage/env/nobuildpkg b/portage/env/nobuildpkg
new file mode 100644
index 0000000..1d3a766
--- /dev/null
+++ b/portage/env/nobuildpkg
@@ -0,0 +1 @@
+FEATURES=-buildpkg
diff --git a/portage/make.conf/20-binpkgs.conf b/portage/make.conf/20-binpkgs.conf
new file mode 100644
index 0000000..d2fb18f
--- /dev/null
+++ b/portage/make.conf/20-binpkgs.conf
@@ -0,0 +1,2 @@
+FEATURES="${FEATURES} binpkg-multi-instance buildpkg"
+EMERGE_DEFAULT_OPTS="${EMERGE_DEFAULT_OPTS} --usepkg --binpkg-respect-use=y"
diff --git a/portage/make.conf/30-default-use.conf b/portage/make.conf/30-default-use.conf
new file mode 100644
index 0000000..77072de
--- /dev/null
+++ b/portage/make.conf/30-default-use.conf
@@ -0,0 +1 @@
+USE='-man -doc minimal pam zstd'
diff --git a/portage/make.conf/40-goarch.conf b/portage/make.conf/40-goarch.conf
new file mode 100644
index 0000000..89195e2
--- /dev/null
+++ b/portage/make.conf/40-goarch.conf
@@ -0,0 +1,2 @@
+GOOS=linux
+GOARCH=${ARCH}
diff --git a/portage/make.conf/40-lang.conf b/portage/make.conf/40-lang.conf
new file mode 100644
index 0000000..0b0f27e
--- /dev/null
+++ b/portage/make.conf/40-lang.conf
@@ -0,0 +1,3 @@
+LINGUAS=en
+L10N=en-US
+USE="${USE} -nls"
diff --git a/portage/make.conf/80-quiet.conf b/portage/make.conf/80-quiet.conf
new file mode 100644
index 0000000..677144a
--- /dev/null
+++ b/portage/make.conf/80-quiet.conf
@@ -0,0 +1,2 @@
+EMERGE_DEFAULT_OPTS="${EMERGE_DEFAULT_OPTS} --quiet-build=y"
+FEATURES="${FEATURES} -news"
diff --git a/portage/package.env/linux-firmware b/portage/package.env/linux-firmware
new file mode 100644
index 0000000..ee995fa
--- /dev/null
+++ b/portage/package.env/linux-firmware
@@ -0,0 +1 @@
+sys-kernel/linux-firmware nobuildpkg
diff --git a/portage/package.env/raspberrypi-firmware b/portage/package.env/raspberrypi-firmware
new file mode 100644
index 0000000..d192af3
--- /dev/null
+++ b/portage/package.env/raspberrypi-firmware
@@ -0,0 +1 @@
+sys-boot/raspberrypi-firmware nobuildpkg
diff --git a/portage/package.use/awk b/portage/package.use/awk
new file mode 100644
index 0000000..ea17975
--- /dev/null
+++ b/portage/package.use/awk
@@ -0,0 +1 @@
+app-alternatives/awk -gawk busybox
diff --git a/portage/package.use/busybox b/portage/package.use/busybox
new file mode 100644
index 0000000..6be3f3e
--- /dev/null
+++ b/portage/package.use/busybox
@@ -0,0 +1 @@
+sys-apps/busybox savedconfig
diff --git a/portage/package.use/firmware b/portage/package.use/firmware
new file mode 100644
index 0000000..f557164
--- /dev/null
+++ b/portage/package.use/firmware
@@ -0,0 +1 @@
+sys-kernel/linux-firmware compress compress-xz savedconfig
diff --git a/portage/package.use/python b/portage/package.use/python
new file mode 100644
index 0000000..815e2af
--- /dev/null
+++ b/portage/package.use/python
@@ -0,0 +1 @@
+dev-lang/python -ensurepip
diff --git a/portage/package.use/u-boot b/portage/package.use/u-boot
new file mode 100644
index 0000000..3b9df8b
--- /dev/null
+++ b/portage/package.use/u-boot
@@ -0,0 +1 @@
+sys-boot/u-boot savedconfig
diff --git a/portage/patches/sec-policy/selinux-base-policy b/portage/patches/sec-policy/selinux-base-policy
new file mode 120000
index 0000000..999e000
--- /dev/null
+++ b/portage/patches/sec-policy/selinux-base-policy
@@ -0,0 +1 @@
+selinux-base
\ No newline at end of file
diff --git a/portage/patches/sec-policy/selinux-base/0001-systemd-Fixes-for-systemd-resolved.patch b/portage/patches/sec-policy/selinux-base/0001-systemd-Fixes-for-systemd-resolved.patch
new file mode 100644
index 0000000..233720b
--- /dev/null
+++ b/portage/patches/sec-policy/selinux-base/0001-systemd-Fixes-for-systemd-resolved.patch
@@ -0,0 +1,24 @@
+From 21d7cfbc3969ddea86e7dcc2dd15f8009ffcabe6 Mon Sep 17 00:00:00 2001
+From: "Dustin C. Hatch" <dustin@hatch.name>
+Date: Fri, 3 Mar 2023 15:04:28 -0600
+Subject: [PATCH] systemd: Fixes for systemd-resolved
+
+---
+ refpolicy/policy/modules/system/systemd.te | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/refpolicy/policy/modules/system/systemd.te b/refpolicy/policy/modules/system/systemd.te
+index da64b11..9013931 100644
+--- a/refpolicy/policy/modules/system/systemd.te
++++ b/refpolicy/policy/modules/system/systemd.te
+@@ -236,6 +236,7 @@ init_system_domain(systemd_resolved_t, systemd_resolved_exec_t)
+ 
+ type systemd_resolved_runtime_t alias systemd_resolved_var_run_t;
+ files_runtime_file(systemd_resolved_runtime_t)
++init_mountpoint(systemd_resolved_runtime_t)
+ 
+ type systemd_stdio_bridge_t;
+ type systemd_stdio_bridge_exec_t;
+-- 
+2.40.1
+
diff --git a/portage/patches/sec-policy/selinux-base/0002-mount-Allow-mounting-on-etc_t.patch b/portage/patches/sec-policy/selinux-base/0002-mount-Allow-mounting-on-etc_t.patch
new file mode 100644
index 0000000..9fb1862
--- /dev/null
+++ b/portage/patches/sec-policy/selinux-base/0002-mount-Allow-mounting-on-etc_t.patch
@@ -0,0 +1,24 @@
+From 1a7dfe6699484a6b7808cc02df7354b146b07a36 Mon Sep 17 00:00:00 2001
+From: "Dustin C. Hatch" <dustin@hatch.name>
+Date: Sat, 4 Mar 2023 09:57:44 -0600
+Subject: [PATCH] mount: Allow mounting on etc_t
+
+---
+ refpolicy/policy/modules/system/mount.te | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/refpolicy/policy/modules/system/mount.te b/refpolicy/policy/modules/system/mount.te
+index 22a4766..f405615 100644
+--- a/refpolicy/policy/modules/system/mount.te
++++ b/refpolicy/policy/modules/system/mount.te
+@@ -92,6 +92,7 @@ files_manage_etc_runtime_files(mount_t)
+ files_etc_filetrans_etc_runtime(mount_t, file)
+ files_mounton_all_mountpoints(mount_t)
+ files_unmount_rootfs(mount_t)
++files_mounton_etc_dirs(mount_t)
+ # These rules need to be generalized.  Only admin, initrc should have it:
+ files_relabelto_all_file_type_fs(mount_t)
+ files_mount_all_file_type_fs(mount_t)
+-- 
+2.40.1
+
diff --git a/portage/patches/sec-policy/selinux-base/0003-kernel-Mark-unlabeled_t-as-mount-point-type.patch b/portage/patches/sec-policy/selinux-base/0003-kernel-Mark-unlabeled_t-as-mount-point-type.patch
new file mode 100644
index 0000000..f1fcda1
--- /dev/null
+++ b/portage/patches/sec-policy/selinux-base/0003-kernel-Mark-unlabeled_t-as-mount-point-type.patch
@@ -0,0 +1,24 @@
+From b24010882565c3ea5f9ab9b3007648f1e4d2e603 Mon Sep 17 00:00:00 2001
+From: "Dustin C. Hatch" <dustin@hatch.name>
+Date: Sat, 4 Mar 2023 10:16:13 -0600
+Subject: [PATCH] kernel: Mark unlabeled_t as mount point type
+
+---
+ refpolicy/policy/modules/kernel/kernel.te | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/refpolicy/policy/modules/kernel/kernel.te b/refpolicy/policy/modules/kernel/kernel.te
+index 56dbd5a..0dff529 100644
+--- a/refpolicy/policy/modules/kernel/kernel.te
++++ b/refpolicy/policy/modules/kernel/kernel.te
+@@ -267,6 +267,7 @@ allow kernel_t sysctl_kernel_ns_last_pid_t:file read_file_perms;
+ 
+ # Other possible mount points for the root fs are in files
+ allow kernel_t unlabeled_t:dir mounton;
++files_mountpoint(unlabeled_t)
+ # Kernel-generated traffic e.g., TCP resets on
+ # connections with invalidated labels:
+ allow kernel_t unlabeled_t:packet send;
+-- 
+2.40.1
+
diff --git a/portage/patches/sec-policy/selinux-base/0004-Allow-systemd-journald-list-cgroup-directories.patch b/portage/patches/sec-policy/selinux-base/0004-Allow-systemd-journald-list-cgroup-directories.patch
new file mode 100644
index 0000000..1b5dfdf
--- /dev/null
+++ b/portage/patches/sec-policy/selinux-base/0004-Allow-systemd-journald-list-cgroup-directories.patch
@@ -0,0 +1,24 @@
+From 6e4feac42f7c646e3353e0747767f1226f6c513e Mon Sep 17 00:00:00 2001
+From: "Dustin C. Hatch" <dustin@hatch.name>
+Date: Mon, 6 Mar 2023 12:10:19 -0600
+Subject: [PATCH] Allow systemd-journald list cgroup directories
+
+---
+ refpolicy/policy/modules/system/logging.te | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/refpolicy/policy/modules/system/logging.te b/refpolicy/policy/modules/system/logging.te
+index 227dc67..0c6f372 100644
+--- a/refpolicy/policy/modules/system/logging.te
++++ b/refpolicy/policy/modules/system/logging.te
+@@ -500,6 +500,7 @@ files_var_lib_filetrans(syslogd_t, syslogd_var_lib_t, { file dir })
+ 
+ fs_getattr_all_fs(syslogd_t)
+ fs_search_auto_mountpoints(syslogd_t)
++fs_list_cgroup_dirs(syslogd_t)
+ 
+ mls_file_write_all_levels(syslogd_t) # Need to be able to write to /var/run/ and /var/log directories
+ 
+-- 
+2.40.1
+
diff --git a/portage/patches/sec-policy/selinux-base/0005-Allow-systemd-to-create-directories.patch b/portage/patches/sec-policy/selinux-base/0005-Allow-systemd-to-create-directories.patch
new file mode 100644
index 0000000..46a987b
--- /dev/null
+++ b/portage/patches/sec-policy/selinux-base/0005-Allow-systemd-to-create-directories.patch
@@ -0,0 +1,76 @@
+From 3e580c1cc3c31745c180dfd69bfd913ef1333c63 Mon Sep 17 00:00:00 2001
+From: "Dustin C. Hatch" <dustin@hatch.name>
+Date: Fri, 10 Mar 2023 12:39:41 -0600
+Subject: [PATCH] Allow systemd to create directories
+
+This allows use of the `RuntimeDirectory`, `StateDirectory`, etc. unit
+settings.
+---
+ refpolicy/policy/modules/kernel/files.if | 18 ++++++++++++++++++
+ refpolicy/policy/modules/system/init.te  | 14 ++++++++++++++
+ 2 files changed, 32 insertions(+)
+
+diff --git a/refpolicy/policy/modules/kernel/files.if b/refpolicy/policy/modules/kernel/files.if
+index 6fe764a..add9b6d 100644
+--- a/refpolicy/policy/modules/kernel/files.if
++++ b/refpolicy/policy/modules/kernel/files.if
+@@ -564,6 +564,24 @@ interface(`files_manage_non_security_dirs',`
+ 	allow $1 non_security_file_type:dir manage_dir_perms;
+ ')
+ 
++########################################
++## <summary>
++##	Allow attempts to setattr any directory
++## </summary>
++## <param name="domain">
++##	<summary>
++##	Domain allowed access.
++##	</summary>
++## </param>
++#
++interface(`files_setattr_non_security_dirs',`
++	gen_require(`
++		attribute non_security_file_type;
++	')
++
++	allow $1 non_security_file_type:dir { read setattr };
++')
++
+ ########################################
+ ## <summary>
+ ##	Create non-security directories.
+diff --git a/refpolicy/policy/modules/system/init.te b/refpolicy/policy/modules/system/init.te
+index 9997215..554a04d 100644
+--- a/refpolicy/policy/modules/system/init.te
++++ b/refpolicy/policy/modules/system/init.te
+@@ -37,6 +37,13 @@ gen_tunable(init_daemons_use_tty, false)
+ ## </desc>
+ gen_tunable(init_mounton_non_security, false)
+ 
++## <desc>
++## <p>
++## Enable init create, setattr, mounton on non_security_file_type
++## </p>
++## </desc>
++gen_tunable(init_create_dirs, true)
++
+ attribute init_mountpoint_type;
+ attribute init_path_unit_loc_type;
+ attribute init_script_domain_type;
+@@ -625,6 +632,13 @@ ifdef(`init_systemd',`
+ 		unconfined_create_keys(init_t)
+ 		unconfined_write_keys(init_t)
+ 	')
++
++	tunable_policy(`init_create_dirs',`
++	    files_create_non_security_dirs(init_t)
++	    files_mounton_non_security(init_t)
++	    files_setattr_non_security_dirs(init_t)
++	')
++
+ ',`
+ 	tunable_policy(`init_upstart',`
+ 		corecmd_shell_domtrans(init_t, initrc_t)
+-- 
+2.40.1
+
diff --git a/portage/patches/sec-policy/selinux-base/0006-Allow-init-to-setattr-on-char-devices.patch b/portage/patches/sec-policy/selinux-base/0006-Allow-init-to-setattr-on-char-devices.patch
new file mode 100644
index 0000000..7d00cf6
--- /dev/null
+++ b/portage/patches/sec-policy/selinux-base/0006-Allow-init-to-setattr-on-char-devices.patch
@@ -0,0 +1,25 @@
+From 936c142431d96fec0474fa3c5b27e41f5906a3d0 Mon Sep 17 00:00:00 2001
+From: "Dustin C. Hatch" <dustin@hatch.name>
+Date: Tue, 14 Mar 2023 13:40:23 -0500
+Subject: [PATCH] Allow init to setattr on char devices
+
+This is required for local logins to work.
+---
+ refpolicy/policy/modules/system/init.te | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/refpolicy/policy/modules/system/init.te b/refpolicy/policy/modules/system/init.te
+index 554a04d..cd8ed37 100644
+--- a/refpolicy/policy/modules/system/init.te
++++ b/refpolicy/policy/modules/system/init.te
+@@ -392,6 +392,7 @@ ifdef(`init_systemd',`
+ 	dev_create_urand_dev(init_t)
+ 	# systemd writes to /dev/watchdog on shutdown
+ 	dev_write_watchdog(init_t)
++	dev_setattr_all_chr_files(init_t)
+ 
+ 	domain_read_all_domains_state(init_t)
+ 	# for starting systemd --user in the right domain:
+-- 
+2.40.1
+
diff --git a/portage/patches/sec-policy/selinux-base/0007-podman-Allow-crun-to-chown-stdio-sockets.patch b/portage/patches/sec-policy/selinux-base/0007-podman-Allow-crun-to-chown-stdio-sockets.patch
new file mode 100644
index 0000000..4ace272
--- /dev/null
+++ b/portage/patches/sec-policy/selinux-base/0007-podman-Allow-crun-to-chown-stdio-sockets.patch
@@ -0,0 +1,33 @@
+From 5595c5c29e6038da5e5a61b1f38c231e2ca4301e Mon Sep 17 00:00:00 2001
+From: "Dustin C. Hatch" <dustin@hatch.name>
+Date: Thu, 23 Mar 2023 09:44:02 -0500
+Subject: [PATCH] podman: Allow crun to chown stdio sockets
+
+Podman (actually `crun`) fails to launch containers as systemd units
+with this error:
+
+    fchown std stream 1: Permission denied
+
+The error is caused by this AVC denial:
+
+    AVC avc:  denied  { setattr } for  pid=262 comm="crun" name="UNIX-STREAM" dev="sockfs" ino=9811 scontext=system_u:system_r:podman_t:s0 tcontext=system_u:system_r:init_t:s0 tclass=unix_stream_socket permissive=0
+---
+ refpolicy/policy/modules/services/podman.te | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/refpolicy/policy/modules/services/podman.te b/refpolicy/policy/modules/services/podman.te
+index d929bb2..7649298 100644
+--- a/refpolicy/policy/modules/services/podman.te
++++ b/refpolicy/policy/modules/services/podman.te
+@@ -75,6 +75,8 @@ ifdef(`init_systemd',`
+ 	init_start_transient_units(podman_t)
+ 	init_stop_transient_units(podman_t)
+ 
++	init_rw_stream_sockets(podman_t)
++
+ 	# podman can read logs from containers which are
+ 	# sent to the system journal
+ 	logging_search_logs(podman_t)
+-- 
+2.40.1
+
diff --git a/portage/patches/sec-policy/selinux-base/0008-systemd-Allow-quadlet-to-read-container-configs.patch b/portage/patches/sec-policy/selinux-base/0008-systemd-Allow-quadlet-to-read-container-configs.patch
new file mode 100644
index 0000000..044cc88
--- /dev/null
+++ b/portage/patches/sec-policy/selinux-base/0008-systemd-Allow-quadlet-to-read-container-configs.patch
@@ -0,0 +1,28 @@
+From d7001620adab1780ae51fc916f8eee824ecd6709 Mon Sep 17 00:00:00 2001
+From: "Dustin C. Hatch" <dustin@hatch.name>
+Date: Thu, 23 Mar 2023 10:45:11 -0500
+Subject: [PATCH] systemd: Allow quadlet to read container configs
+
+---
+ refpolicy/policy/modules/system/systemd.te | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/refpolicy/policy/modules/system/systemd.te b/refpolicy/policy/modules/system/systemd.te
+index 9013931..54868ea 100644
+--- a/refpolicy/policy/modules/system/systemd.te
++++ b/refpolicy/policy/modules/system/systemd.te
+@@ -582,6 +582,11 @@ optional_policy(`
+ 	zfs_read_config(systemd_generator_t)
+ ')
+ 
++optional_policy(`
++	# needed by podman-system-generator
++	container_read_config(systemd_generator_t)
++')
++
+ #######################################
+ #
+ # systemd-homed policy
+-- 
+2.40.1
+
diff --git a/portage/patches/sec-policy/selinux-base/0009-podman-Allow-podman-to-use-fd-inherited-from-init.patch b/portage/patches/sec-policy/selinux-base/0009-podman-Allow-podman-to-use-fd-inherited-from-init.patch
new file mode 100644
index 0000000..52a695e
--- /dev/null
+++ b/portage/patches/sec-policy/selinux-base/0009-podman-Allow-podman-to-use-fd-inherited-from-init.patch
@@ -0,0 +1,24 @@
+From 04e3b1f3f91ad10b5fc69b59bba0e24f360905fa Mon Sep 17 00:00:00 2001
+From: "Dustin C. Hatch" <dustin@hatch.name>
+Date: Sun, 26 Mar 2023 14:56:02 -0500
+Subject: [PATCH] podman: Allow podman to use fd inherited from init
+
+---
+ refpolicy/policy/modules/services/podman.te | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/refpolicy/policy/modules/services/podman.te b/refpolicy/policy/modules/services/podman.te
+index 7649298..e622f25 100644
+--- a/refpolicy/policy/modules/services/podman.te
++++ b/refpolicy/policy/modules/services/podman.te
+@@ -76,6 +76,7 @@ ifdef(`init_systemd',`
+ 	init_stop_transient_units(podman_t)
+ 
+ 	init_rw_stream_sockets(podman_t)
++	init_use_fds(podman_t)
+ 
+ 	# podman can read logs from containers which are
+ 	# sent to the system journal
+-- 
+2.40.1
+
diff --git a/portage/patches/sec-policy/selinux-base/0010-Allow-podman-to-validate-security-contexts.patch b/portage/patches/sec-policy/selinux-base/0010-Allow-podman-to-validate-security-contexts.patch
new file mode 100644
index 0000000..19cfd14
--- /dev/null
+++ b/portage/patches/sec-policy/selinux-base/0010-Allow-podman-to-validate-security-contexts.patch
@@ -0,0 +1,28 @@
+From c59490d5823a17de62697cce367fbbb99156f424 Mon Sep 17 00:00:00 2001
+From: "Dustin C. Hatch" <dustin@hatch.name>
+Date: Sun, 26 Mar 2023 14:59:28 -0500
+Subject: [PATCH] Allow podman to validate security contexts
+
+Addresses this AVC denial:
+
+    avc:  denied  { write } for  pid=244 comm="podman" name="context" dev="selinuxfs" ino=5 scontext=system_u:system_r:podman_t:s0 tcontext=system_u:object_r:security_t:s0 tclass=file permissive=0
+---
+ refpolicy/policy/modules/services/podman.te | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/refpolicy/policy/modules/services/podman.te b/refpolicy/policy/modules/services/podman.te
+index e622f25..243880f 100644
+--- a/refpolicy/policy/modules/services/podman.te
++++ b/refpolicy/policy/modules/services/podman.te
+@@ -64,6 +64,8 @@ container_manage_sock_files(podman_t)
+ 
+ podman_spec_rangetrans_conmon(podman_t, s0)
+ 
++selinux_validate_context(podman_t)
++
+ ifdef(`init_systemd',`
+ 	init_dbus_chat(podman_t)
+ 	init_setsched(podman_t)
+-- 
+2.40.1
+
diff --git a/portage/patches/sec-policy/selinux-base/0011-podman-Allow-conmon-to-signal-containers.patch b/portage/patches/sec-policy/selinux-base/0011-podman-Allow-conmon-to-signal-containers.patch
new file mode 100644
index 0000000..ae02ece
--- /dev/null
+++ b/portage/patches/sec-policy/selinux-base/0011-podman-Allow-conmon-to-signal-containers.patch
@@ -0,0 +1,38 @@
+From 6d997d50fe41abc68b8828cac4fa7ce1d7bbd2f1 Mon Sep 17 00:00:00 2001
+From: "Dustin C. Hatch" <dustin@hatch.name>
+Date: Sun, 26 Mar 2023 15:03:40 -0500
+Subject: [PATCH] podman: Allow conmon to signal containers
+
+Addresses these AVC denials:
+
+    avc:  denied  { kill } for  pid=274 comm="conmon" capability=5  scontext=system_u:system_r:podman_conmon_t:s0 tcontext=system_u:system_r:podman_conmon_t:s0 tclass=capability permissive=0
+    avc:  denied  { signal } for  pid=278 comm="conmon" scontext=system_u:system_r:podman_conmon_t:s0 tcontext=system_u:system_r:container_t:s0:c273,c333 tclass=process permissive=0
+---
+ refpolicy/policy/modules/services/podman.te | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/refpolicy/policy/modules/services/podman.te b/refpolicy/policy/modules/services/podman.te
+index 243880f..0d64e19 100644
+--- a/refpolicy/policy/modules/services/podman.te
++++ b/refpolicy/policy/modules/services/podman.te
+@@ -196,7 +196,7 @@ ifdef(`init_systemd',`
+ # podman conmon local policy
+ #
+ 
+-allow podman_conmon_t self:capability { dac_override dac_read_search sys_ptrace sys_resource };
++allow podman_conmon_t self:capability { dac_override dac_read_search kill sys_ptrace sys_resource };
+ dontaudit podman_conmon_t self:capability net_admin;
+ 
+ podman_domtrans(podman_conmon_t)
+@@ -219,6 +219,8 @@ container_engine_tmp_filetrans(podman_conmon_t, { file sock_file })
+ container_manage_engine_tmp_files(podman_conmon_t)
+ container_manage_engine_tmp_sock_files(podman_conmon_t)
+ 
++container_signal_all_containers(podman_conmon_t)
++
+ ifdef(`init_systemd',`
+ 	init_get_transient_units_status(podman_conmon_t)
+ 	init_start_transient_units(podman_conmon_t)
+-- 
+2.40.1
+
diff --git a/portage/patches/sec-policy/selinux-container b/portage/patches/sec-policy/selinux-container
new file mode 120000
index 0000000..999e000
--- /dev/null
+++ b/portage/patches/sec-policy/selinux-container
@@ -0,0 +1 @@
+selinux-base
\ No newline at end of file
diff --git a/portage/patches/sec-policy/selinux-podman b/portage/patches/sec-policy/selinux-podman
new file mode 120000
index 0000000..999e000
--- /dev/null
+++ b/portage/patches/sec-policy/selinux-podman
@@ -0,0 +1 @@
+selinux-base
\ No newline at end of file
diff --git a/portage/savedconfig/sys-apps/busybox b/portage/savedconfig/sys-apps/busybox
new file mode 100644
index 0000000..6b73981
--- /dev/null
+++ b/portage/savedconfig/sys-apps/busybox
@@ -0,0 +1,1190 @@
+#
+# Automatically generated make config: don't edit
+# Busybox version: 1.34.1
+# Sun Feb 12 18:57:50 2023
+#
+CONFIG_HAVE_DOT_CONFIG=y
+
+#
+# Settings
+#
+# CONFIG_DESKTOP is not set
+# CONFIG_EXTRA_COMPAT is not set
+# CONFIG_FEDORA_COMPAT is not set
+# CONFIG_INCLUDE_SUSv2 is not set
+CONFIG_LONG_OPTS=y
+# CONFIG_SHOW_USAGE is not set
+# CONFIG_FEATURE_VERBOSE_USAGE is not set
+# CONFIG_FEATURE_COMPRESS_USAGE is not set
+CONFIG_LFS=y
+CONFIG_PAM=y
+CONFIG_FEATURE_DEVPTS=y
+# CONFIG_FEATURE_UTMP is not set
+# CONFIG_FEATURE_WTMP is not set
+# CONFIG_FEATURE_PIDFILE is not set
+CONFIG_PID_FILE_PATH=""
+# CONFIG_BUSYBOX is not set
+# CONFIG_FEATURE_SHOW_SCRIPT is not set
+# CONFIG_FEATURE_INSTALLER is not set
+CONFIG_INSTALL_NO_USR=y
+CONFIG_FEATURE_SUID=y
+# CONFIG_FEATURE_SUID_CONFIG is not set
+# CONFIG_FEATURE_SUID_CONFIG_QUIET is not set
+# CONFIG_FEATURE_PREFER_APPLETS is not set
+CONFIG_BUSYBOX_EXEC_PATH="/proc/self/exe"
+# CONFIG_SELINUX is not set
+# CONFIG_FEATURE_CLEAN_UP is not set
+# CONFIG_FEATURE_SYSLOG_INFO is not set
+# CONFIG_FEATURE_SYSLOG is not set
+
+#
+# Build Options
+#
+# CONFIG_STATIC is not set
+# CONFIG_PIE is not set
+# CONFIG_NOMMU is not set
+# CONFIG_BUILD_LIBBUSYBOX is not set
+# CONFIG_FEATURE_LIBBUSYBOX_STATIC is not set
+# CONFIG_FEATURE_INDIVIDUAL is not set
+# CONFIG_FEATURE_SHARED_BUSYBOX is not set
+CONFIG_CROSS_COMPILER_PREFIX=""
+CONFIG_SYSROOT=""
+CONFIG_EXTRA_CFLAGS=""
+CONFIG_EXTRA_LDFLAGS=""
+CONFIG_EXTRA_LDLIBS=""
+# CONFIG_USE_PORTABLE_CODE is not set
+# CONFIG_STACK_OPTIMIZATION_386 is not set
+# CONFIG_STATIC_LIBGCC is not set
+
+#
+# Installation Options ("make install" behavior)
+#
+CONFIG_INSTALL_APPLET_SYMLINKS=y
+# CONFIG_INSTALL_APPLET_HARDLINKS is not set
+# CONFIG_INSTALL_APPLET_SCRIPT_WRAPPERS is not set
+# CONFIG_INSTALL_APPLET_DONT is not set
+# CONFIG_INSTALL_SH_APPLET_SYMLINK is not set
+# CONFIG_INSTALL_SH_APPLET_HARDLINK is not set
+# CONFIG_INSTALL_SH_APPLET_SCRIPT_WRAPPER is not set
+CONFIG_PREFIX="./_install"
+
+#
+# Debugging Options
+#
+# CONFIG_DEBUG is not set
+# CONFIG_DEBUG_PESSIMIZE is not set
+# CONFIG_DEBUG_SANITIZE is not set
+# CONFIG_UNIT_TEST is not set
+# CONFIG_WERROR is not set
+# CONFIG_WARN_SIMPLE_MSG is not set
+CONFIG_NO_DEBUG_LIB=y
+# CONFIG_DMALLOC is not set
+# CONFIG_EFENCE is not set
+
+#
+# Library Tuning
+#
+# CONFIG_FEATURE_USE_BSS_TAIL is not set
+# CONFIG_FLOAT_DURATION is not set
+# CONFIG_FEATURE_RTMINMAX is not set
+# CONFIG_FEATURE_RTMINMAX_USE_LIBC_DEFINITIONS is not set
+CONFIG_FEATURE_BUFFERS_USE_MALLOC=y
+# CONFIG_FEATURE_BUFFERS_GO_ON_STACK is not set
+# CONFIG_FEATURE_BUFFERS_GO_IN_BSS is not set
+CONFIG_PASSWORD_MINLEN=6
+CONFIG_MD5_SMALL=1
+CONFIG_SHA3_SMALL=1
+# CONFIG_FEATURE_FAST_TOP is not set
+# CONFIG_FEATURE_ETC_NETWORKS is not set
+# CONFIG_FEATURE_ETC_SERVICES is not set
+CONFIG_FEATURE_EDITING=y
+CONFIG_FEATURE_EDITING_MAX_LEN=1024
+CONFIG_FEATURE_EDITING_VI=y
+CONFIG_FEATURE_EDITING_HISTORY=255
+CONFIG_FEATURE_EDITING_SAVEHISTORY=y
+# CONFIG_FEATURE_EDITING_SAVE_ON_EXIT is not set
+CONFIG_FEATURE_REVERSE_SEARCH=y
+CONFIG_FEATURE_TAB_COMPLETION=y
+CONFIG_FEATURE_USERNAME_COMPLETION=y
+CONFIG_FEATURE_EDITING_FANCY_PROMPT=y
+CONFIG_FEATURE_EDITING_WINCH=y
+# CONFIG_FEATURE_EDITING_ASK_TERMINAL is not set
+# CONFIG_LOCALE_SUPPORT is not set
+CONFIG_UNICODE_SUPPORT=y
+# CONFIG_UNICODE_USING_LOCALE is not set
+# CONFIG_FEATURE_CHECK_UNICODE_IN_ENV is not set
+CONFIG_SUBST_WCHAR=63
+CONFIG_LAST_SUPPORTED_WCHAR=767
+# CONFIG_UNICODE_COMBINING_WCHARS is not set
+# CONFIG_UNICODE_WIDE_WCHARS is not set
+# CONFIG_UNICODE_BIDI_SUPPORT is not set
+# CONFIG_UNICODE_NEUTRAL_TABLE is not set
+# CONFIG_UNICODE_PRESERVE_BROKEN is not set
+CONFIG_FEATURE_NON_POSIX_CP=y
+CONFIG_FEATURE_VERBOSE_CP_MESSAGE=y
+CONFIG_FEATURE_USE_SENDFILE=y
+CONFIG_FEATURE_COPYBUF_KB=4
+# CONFIG_FEATURE_SKIP_ROOTFS is not set
+CONFIG_MONOTONIC_SYSCALL=y
+CONFIG_IOCTL_HEX2STR_ERROR=y
+# CONFIG_FEATURE_HWIB is not set
+
+#
+# Applets
+#
+
+#
+# Archival Utilities
+#
+CONFIG_FEATURE_SEAMLESS_XZ=y
+# CONFIG_FEATURE_SEAMLESS_LZMA is not set
+# CONFIG_FEATURE_SEAMLESS_BZ2 is not set
+CONFIG_FEATURE_SEAMLESS_GZ=y
+# CONFIG_FEATURE_SEAMLESS_Z is not set
+# CONFIG_AR is not set
+# CONFIG_FEATURE_AR_LONG_FILENAMES is not set
+# CONFIG_FEATURE_AR_CREATE is not set
+# CONFIG_UNCOMPRESS is not set
+# CONFIG_GUNZIP is not set
+# CONFIG_ZCAT is not set
+# CONFIG_FEATURE_GUNZIP_LONG_OPTIONS is not set
+# CONFIG_BUNZIP2 is not set
+# CONFIG_BZCAT is not set
+# CONFIG_UNLZMA is not set
+# CONFIG_LZCAT is not set
+# CONFIG_LZMA is not set
+# CONFIG_UNXZ is not set
+# CONFIG_XZCAT is not set
+# CONFIG_XZ is not set
+# CONFIG_BZIP2 is not set
+CONFIG_BZIP2_SMALL=0
+# CONFIG_FEATURE_BZIP2_DECOMPRESS is not set
+# CONFIG_CPIO is not set
+# CONFIG_FEATURE_CPIO_O is not set
+# CONFIG_FEATURE_CPIO_P is not set
+# CONFIG_DPKG is not set
+# CONFIG_DPKG_DEB is not set
+# CONFIG_GZIP is not set
+# CONFIG_FEATURE_GZIP_LONG_OPTIONS is not set
+CONFIG_GZIP_FAST=0
+# CONFIG_FEATURE_GZIP_LEVELS is not set
+# CONFIG_FEATURE_GZIP_DECOMPRESS is not set
+# CONFIG_LZOP is not set
+# CONFIG_UNLZOP is not set
+# CONFIG_LZOPCAT is not set
+# CONFIG_LZOP_COMPR_HIGH is not set
+# CONFIG_RPM is not set
+# CONFIG_RPM2CPIO is not set
+CONFIG_TAR=y
+CONFIG_FEATURE_TAR_LONG_OPTIONS=y
+CONFIG_FEATURE_TAR_CREATE=y
+CONFIG_FEATURE_TAR_AUTODETECT=y
+CONFIG_FEATURE_TAR_FROM=y
+# CONFIG_FEATURE_TAR_OLDGNU_COMPATIBILITY is not set
+# CONFIG_FEATURE_TAR_OLDSUN_COMPATIBILITY is not set
+CONFIG_FEATURE_TAR_GNU_EXTENSIONS=y
+# CONFIG_FEATURE_TAR_TO_COMMAND is not set
+CONFIG_FEATURE_TAR_UNAME_GNAME=y
+CONFIG_FEATURE_TAR_NOPRESERVE_TIME=y
+# CONFIG_FEATURE_TAR_SELINUX is not set
+# CONFIG_UNZIP is not set
+# CONFIG_FEATURE_UNZIP_CDF is not set
+# CONFIG_FEATURE_UNZIP_BZIP2 is not set
+# CONFIG_FEATURE_UNZIP_LZMA is not set
+# CONFIG_FEATURE_UNZIP_XZ is not set
+# CONFIG_FEATURE_LZMA_FAST is not set
+
+#
+# Coreutils
+#
+CONFIG_BASENAME=y
+CONFIG_CAT=y
+CONFIG_FEATURE_CATN=y
+CONFIG_FEATURE_CATV=y
+# CONFIG_CHGRP is not set
+# CONFIG_CHMOD is not set
+# CONFIG_CHOWN is not set
+# CONFIG_FEATURE_CHOWN_LONG_OPTIONS is not set
+# CONFIG_CHROOT is not set
+# CONFIG_CKSUM is not set
+# CONFIG_CRC32 is not set
+# CONFIG_COMM is not set
+CONFIG_CP=y
+# CONFIG_FEATURE_CP_LONG_OPTIONS is not set
+# CONFIG_FEATURE_CP_REFLINK is not set
+# CONFIG_CUT is not set
+# CONFIG_FEATURE_CUT_REGEX is not set
+# CONFIG_DATE is not set
+# CONFIG_FEATURE_DATE_ISOFMT is not set
+# CONFIG_FEATURE_DATE_NANO is not set
+# CONFIG_FEATURE_DATE_COMPAT is not set
+CONFIG_DD=y
+CONFIG_FEATURE_DD_SIGNAL_HANDLING=y
+CONFIG_FEATURE_DD_THIRD_STATUS_LINE=y
+CONFIG_FEATURE_DD_IBS_OBS=y
+CONFIG_FEATURE_DD_STATUS=y
+CONFIG_DF=y
+CONFIG_FEATURE_DF_FANCY=y
+# CONFIG_DIRNAME is not set
+# CONFIG_DOS2UNIX is not set
+# CONFIG_UNIX2DOS is not set
+CONFIG_DU=y
+CONFIG_FEATURE_DU_DEFAULT_BLOCKSIZE_1K=y
+CONFIG_ECHO=y
+CONFIG_FEATURE_FANCY_ECHO=y
+CONFIG_ENV=y
+# CONFIG_EXPAND is not set
+# CONFIG_UNEXPAND is not set
+# CONFIG_EXPR is not set
+# CONFIG_EXPR_MATH_SUPPORT_64 is not set
+# CONFIG_FACTOR is not set
+CONFIG_FALSE=y
+# CONFIG_FOLD is not set
+CONFIG_HEAD=y
+CONFIG_FEATURE_FANCY_HEAD=y
+# CONFIG_HOSTID is not set
+CONFIG_ID=y
+CONFIG_GROUPS=y
+CONFIG_INSTALL=y
+CONFIG_FEATURE_INSTALL_LONG_OPTIONS=y
+CONFIG_LINK=y
+CONFIG_LN=y
+# CONFIG_LOGNAME is not set
+CONFIG_LS=y
+CONFIG_FEATURE_LS_FILETYPES=y
+CONFIG_FEATURE_LS_FOLLOWLINKS=y
+CONFIG_FEATURE_LS_RECURSIVE=y
+CONFIG_FEATURE_LS_WIDTH=y
+CONFIG_FEATURE_LS_SORTFILES=y
+CONFIG_FEATURE_LS_TIMESTAMPS=y
+CONFIG_FEATURE_LS_USERNAME=y
+CONFIG_FEATURE_LS_COLOR=y
+CONFIG_FEATURE_LS_COLOR_IS_DEFAULT=y
+# CONFIG_MD5SUM is not set
+CONFIG_SHA1SUM=y
+CONFIG_SHA256SUM=y
+CONFIG_SHA512SUM=y
+CONFIG_SHA3SUM=y
+
+#
+# Common options for md5sum, sha1sum, sha256sum, sha512sum, sha3sum
+#
+CONFIG_FEATURE_MD5_SHA1_SUM_CHECK=y
+CONFIG_MKDIR=y
+CONFIG_MKFIFO=y
+# CONFIG_MKNOD is not set
+CONFIG_MKTEMP=y
+CONFIG_MV=y
+CONFIG_NICE=y
+# CONFIG_NL is not set
+# CONFIG_NOHUP is not set
+CONFIG_NPROC=y
+# CONFIG_OD is not set
+# CONFIG_PASTE is not set
+# CONFIG_PRINTENV is not set
+CONFIG_PRINTF=y
+# CONFIG_PWD is not set
+CONFIG_READLINK=y
+CONFIG_FEATURE_READLINK_FOLLOW=y
+CONFIG_REALPATH=y
+CONFIG_RM=y
+CONFIG_RMDIR=y
+CONFIG_SEQ=y
+# CONFIG_SHRED is not set
+# CONFIG_SHUF is not set
+# CONFIG_SLEEP is not set
+# CONFIG_FEATURE_FANCY_SLEEP is not set
+CONFIG_SORT=y
+CONFIG_FEATURE_SORT_BIG=y
+# CONFIG_FEATURE_SORT_OPTIMIZE_MEMORY is not set
+# CONFIG_SPLIT is not set
+# CONFIG_FEATURE_SPLIT_FANCY is not set
+CONFIG_STAT=y
+CONFIG_FEATURE_STAT_FORMAT=y
+CONFIG_FEATURE_STAT_FILESYSTEM=y
+CONFIG_STTY=y
+# CONFIG_SUM is not set
+CONFIG_SYNC=y
+CONFIG_FEATURE_SYNC_FANCY=y
+CONFIG_FSYNC=y
+CONFIG_TAC=y
+CONFIG_TAIL=y
+CONFIG_FEATURE_FANCY_TAIL=y
+CONFIG_TEE=y
+CONFIG_FEATURE_TEE_USE_BLOCK_IO=y
+CONFIG_TEST=y
+CONFIG_TEST1=y
+# CONFIG_TEST2 is not set
+CONFIG_FEATURE_TEST_64=y
+CONFIG_TIMEOUT=y
+CONFIG_TOUCH=y
+CONFIG_FEATURE_TOUCH_SUSV3=y
+CONFIG_TR=y
+CONFIG_FEATURE_TR_CLASSES=y
+CONFIG_FEATURE_TR_EQUIV=y
+CONFIG_TRUE=y
+CONFIG_TRUNCATE=y
+CONFIG_TTY=y
+CONFIG_UNAME=y
+CONFIG_UNAME_OSNAME="GNU/Linux"
+# CONFIG_BB_ARCH is not set
+# CONFIG_UNIQ is not set
+# CONFIG_UNLINK is not set
+# CONFIG_USLEEP is not set
+# CONFIG_UUDECODE is not set
+# CONFIG_BASE32 is not set
+# CONFIG_BASE64 is not set
+# CONFIG_UUENCODE is not set
+# CONFIG_WC is not set
+# CONFIG_FEATURE_WC_LARGE is not set
+# CONFIG_WHO is not set
+# CONFIG_W is not set
+# CONFIG_USERS is not set
+# CONFIG_WHOAMI is not set
+# CONFIG_YES is not set
+
+#
+# Common options
+#
+# CONFIG_FEATURE_VERBOSE is not set
+
+#
+# Common options for cp and mv
+#
+CONFIG_FEATURE_PRESERVE_HARDLINKS=y
+
+#
+# Common options for df, du, ls
+#
+CONFIG_FEATURE_HUMAN_READABLE=y
+
+#
+# Console Utilities
+#
+# CONFIG_CHVT is not set
+# CONFIG_CLEAR is not set
+# CONFIG_DEALLOCVT is not set
+# CONFIG_DUMPKMAP is not set
+# CONFIG_FGCONSOLE is not set
+# CONFIG_KBD_MODE is not set
+# CONFIG_LOADFONT is not set
+# CONFIG_SETFONT is not set
+# CONFIG_FEATURE_SETFONT_TEXTUAL_MAP is not set
+CONFIG_DEFAULT_SETFONT_DIR=""
+# CONFIG_FEATURE_LOADFONT_PSF2 is not set
+# CONFIG_FEATURE_LOADFONT_RAW is not set
+# CONFIG_LOADKMAP is not set
+# CONFIG_OPENVT is not set
+# CONFIG_RESET is not set
+# CONFIG_RESIZE is not set
+# CONFIG_FEATURE_RESIZE_PRINT is not set
+# CONFIG_SETCONSOLE is not set
+# CONFIG_FEATURE_SETCONSOLE_LONG_OPTIONS is not set
+# CONFIG_SETKEYCODES is not set
+# CONFIG_SETLOGCONS is not set
+# CONFIG_SHOWKEY is not set
+
+#
+# Debian Utilities
+#
+# CONFIG_PIPE_PROGRESS is not set
+# CONFIG_RUN_PARTS is not set
+# CONFIG_FEATURE_RUN_PARTS_LONG_OPTIONS is not set
+# CONFIG_FEATURE_RUN_PARTS_FANCY is not set
+# CONFIG_START_STOP_DAEMON is not set
+# CONFIG_FEATURE_START_STOP_DAEMON_LONG_OPTIONS is not set
+# CONFIG_FEATURE_START_STOP_DAEMON_FANCY is not set
+# CONFIG_WHICH is not set
+
+#
+# klibc-utils
+#
+# CONFIG_MINIPS is not set
+# CONFIG_NUKE is not set
+# CONFIG_RESUME is not set
+# CONFIG_RUN_INIT is not set
+
+#
+# Editors
+#
+CONFIG_AWK=y
+# CONFIG_FEATURE_AWK_LIBM is not set
+# CONFIG_FEATURE_AWK_GNU_EXTENSIONS is not set
+# CONFIG_CMP is not set
+# CONFIG_DIFF is not set
+# CONFIG_FEATURE_DIFF_LONG_OPTIONS is not set
+# CONFIG_FEATURE_DIFF_DIR is not set
+# CONFIG_ED is not set
+# CONFIG_PATCH is not set
+CONFIG_SED=y
+# CONFIG_VI is not set
+CONFIG_FEATURE_VI_MAX_LEN=0
+# CONFIG_FEATURE_VI_8BIT is not set
+# CONFIG_FEATURE_VI_COLON is not set
+# CONFIG_FEATURE_VI_COLON_EXPAND is not set
+# CONFIG_FEATURE_VI_YANKMARK is not set
+# CONFIG_FEATURE_VI_SEARCH is not set
+# CONFIG_FEATURE_VI_REGEX_SEARCH is not set
+# CONFIG_FEATURE_VI_USE_SIGNALS is not set
+# CONFIG_FEATURE_VI_DOT_CMD is not set
+# CONFIG_FEATURE_VI_READONLY is not set
+# CONFIG_FEATURE_VI_SETOPTS is not set
+# CONFIG_FEATURE_VI_SET is not set
+# CONFIG_FEATURE_VI_WIN_RESIZE is not set
+# CONFIG_FEATURE_VI_ASK_TERMINAL is not set
+# CONFIG_FEATURE_VI_UNDO is not set
+# CONFIG_FEATURE_VI_UNDO_QUEUE is not set
+CONFIG_FEATURE_VI_UNDO_QUEUE_MAX=0
+# CONFIG_FEATURE_VI_VERBOSE_STATUS is not set
+# CONFIG_FEATURE_ALLOW_EXEC is not set
+
+#
+# Finding Utilities
+#
+# CONFIG_FIND is not set
+# CONFIG_FEATURE_FIND_PRINT0 is not set
+# CONFIG_FEATURE_FIND_MTIME is not set
+# CONFIG_FEATURE_FIND_MMIN is not set
+# CONFIG_FEATURE_FIND_PERM is not set
+# CONFIG_FEATURE_FIND_TYPE is not set
+# CONFIG_FEATURE_FIND_EXECUTABLE is not set
+# CONFIG_FEATURE_FIND_XDEV is not set
+# CONFIG_FEATURE_FIND_MAXDEPTH is not set
+# CONFIG_FEATURE_FIND_NEWER is not set
+# CONFIG_FEATURE_FIND_INUM is not set
+# CONFIG_FEATURE_FIND_EXEC is not set
+# CONFIG_FEATURE_FIND_EXEC_PLUS is not set
+# CONFIG_FEATURE_FIND_USER is not set
+# CONFIG_FEATURE_FIND_GROUP is not set
+# CONFIG_FEATURE_FIND_NOT is not set
+# CONFIG_FEATURE_FIND_DEPTH is not set
+# CONFIG_FEATURE_FIND_PAREN is not set
+# CONFIG_FEATURE_FIND_SIZE is not set
+# CONFIG_FEATURE_FIND_PRUNE is not set
+# CONFIG_FEATURE_FIND_QUIT is not set
+# CONFIG_FEATURE_FIND_DELETE is not set
+# CONFIG_FEATURE_FIND_EMPTY is not set
+# CONFIG_FEATURE_FIND_PATH is not set
+# CONFIG_FEATURE_FIND_REGEX is not set
+# CONFIG_FEATURE_FIND_CONTEXT is not set
+# CONFIG_FEATURE_FIND_LINKS is not set
+CONFIG_GREP=y
+# CONFIG_EGREP is not set
+# CONFIG_FGREP is not set
+CONFIG_FEATURE_GREP_CONTEXT=y
+# CONFIG_XARGS is not set
+# CONFIG_FEATURE_XARGS_SUPPORT_CONFIRMATION is not set
+# CONFIG_FEATURE_XARGS_SUPPORT_QUOTES is not set
+# CONFIG_FEATURE_XARGS_SUPPORT_TERMOPT is not set
+# CONFIG_FEATURE_XARGS_SUPPORT_ZERO_TERM is not set
+# CONFIG_FEATURE_XARGS_SUPPORT_REPL_STR is not set
+# CONFIG_FEATURE_XARGS_SUPPORT_PARALLEL is not set
+# CONFIG_FEATURE_XARGS_SUPPORT_ARGS_FILE is not set
+
+#
+# Init Utilities
+#
+# CONFIG_BOOTCHARTD is not set
+# CONFIG_FEATURE_BOOTCHARTD_BLOATED_HEADER is not set
+# CONFIG_FEATURE_BOOTCHARTD_CONFIG_FILE is not set
+# CONFIG_HALT is not set
+# CONFIG_POWEROFF is not set
+# CONFIG_REBOOT is not set
+# CONFIG_FEATURE_WAIT_FOR_INIT is not set
+# CONFIG_FEATURE_CALL_TELINIT is not set
+CONFIG_TELINIT_PATH=""
+# CONFIG_INIT is not set
+# CONFIG_LINUXRC is not set
+# CONFIG_FEATURE_USE_INITTAB is not set
+# CONFIG_FEATURE_KILL_REMOVED is not set
+CONFIG_FEATURE_KILL_DELAY=0
+# CONFIG_FEATURE_INIT_SCTTY is not set
+# CONFIG_FEATURE_INIT_SYSLOG is not set
+# CONFIG_FEATURE_INIT_QUIET is not set
+# CONFIG_FEATURE_INIT_COREDUMPS is not set
+CONFIG_INIT_TERMINAL_TYPE=""
+# CONFIG_FEATURE_INIT_MODIFY_CMDLINE is not set
+
+#
+# Login/Password Management Utilities
+#
+# CONFIG_FEATURE_SHADOWPASSWDS is not set
+# CONFIG_USE_BB_PWD_GRP is not set
+# CONFIG_USE_BB_SHADOW is not set
+# CONFIG_USE_BB_CRYPT is not set
+# CONFIG_USE_BB_CRYPT_SHA is not set
+# CONFIG_ADD_SHELL is not set
+# CONFIG_REMOVE_SHELL is not set
+# CONFIG_ADDGROUP is not set
+# CONFIG_FEATURE_ADDUSER_TO_GROUP is not set
+# CONFIG_ADDUSER is not set
+# CONFIG_FEATURE_CHECK_NAMES is not set
+CONFIG_LAST_ID=0
+CONFIG_FIRST_SYSTEM_ID=0
+CONFIG_LAST_SYSTEM_ID=0
+# CONFIG_CHPASSWD is not set
+CONFIG_FEATURE_DEFAULT_PASSWD_ALGO=""
+# CONFIG_CRYPTPW is not set
+# CONFIG_MKPASSWD is not set
+# CONFIG_DELUSER is not set
+# CONFIG_DELGROUP is not set
+# CONFIG_FEATURE_DEL_USER_FROM_GROUP is not set
+# CONFIG_GETTY is not set
+# CONFIG_LOGIN is not set
+# CONFIG_LOGIN_SESSION_AS_CHILD is not set
+# CONFIG_LOGIN_SCRIPTS is not set
+# CONFIG_FEATURE_NOLOGIN is not set
+# CONFIG_FEATURE_SECURETTY is not set
+# CONFIG_PASSWD is not set
+# CONFIG_FEATURE_PASSWD_WEAK_CHECK is not set
+# CONFIG_SU is not set
+# CONFIG_FEATURE_SU_SYSLOG is not set
+# CONFIG_FEATURE_SU_CHECKS_SHELLS is not set
+# CONFIG_FEATURE_SU_BLANK_PW_NEEDS_SECURE_TTY is not set
+# CONFIG_SULOGIN is not set
+# CONFIG_VLOCK is not set
+
+#
+# Linux Ext2 FS Progs
+#
+# CONFIG_CHATTR is not set
+# CONFIG_FSCK is not set
+# CONFIG_LSATTR is not set
+# CONFIG_TUNE2FS is not set
+
+#
+# Linux Module Utilities
+#
+# CONFIG_MODPROBE_SMALL is not set
+# CONFIG_DEPMOD is not set
+# CONFIG_INSMOD is not set
+# CONFIG_LSMOD is not set
+# CONFIG_FEATURE_LSMOD_PRETTY_2_6_OUTPUT is not set
+# CONFIG_MODINFO is not set
+# CONFIG_MODPROBE is not set
+# CONFIG_FEATURE_MODPROBE_BLACKLIST is not set
+# CONFIG_RMMOD is not set
+
+#
+# Options common to multiple modutils
+#
+# CONFIG_FEATURE_CMDLINE_MODULE_OPTIONS is not set
+# CONFIG_FEATURE_MODPROBE_SMALL_CHECK_ALREADY_LOADED is not set
+# CONFIG_FEATURE_2_4_MODULES is not set
+# CONFIG_FEATURE_INSMOD_VERSION_CHECKING is not set
+# CONFIG_FEATURE_INSMOD_KSYMOOPS_SYMBOLS is not set
+# CONFIG_FEATURE_INSMOD_LOADINKMEM is not set
+# CONFIG_FEATURE_INSMOD_LOAD_MAP is not set
+# CONFIG_FEATURE_INSMOD_LOAD_MAP_FULL is not set
+# CONFIG_FEATURE_CHECK_TAINTED_MODULE is not set
+# CONFIG_FEATURE_INSMOD_TRY_MMAP is not set
+# CONFIG_FEATURE_MODUTILS_ALIAS is not set
+# CONFIG_FEATURE_MODUTILS_SYMBOLS is not set
+CONFIG_DEFAULT_MODULES_DIR=""
+CONFIG_DEFAULT_DEPMOD_FILE=""
+
+#
+# Linux System Utilities
+#
+# CONFIG_ACPID is not set
+# CONFIG_FEATURE_ACPID_COMPAT is not set
+# CONFIG_BLKDISCARD is not set
+# CONFIG_BLKID is not set
+# CONFIG_FEATURE_BLKID_TYPE is not set
+# CONFIG_BLOCKDEV is not set
+# CONFIG_CAL is not set
+# CONFIG_CHRT is not set
+# CONFIG_DMESG is not set
+# CONFIG_FEATURE_DMESG_PRETTY is not set
+# CONFIG_EJECT is not set
+# CONFIG_FEATURE_EJECT_SCSI is not set
+# CONFIG_FALLOCATE is not set
+# CONFIG_FATATTR is not set
+# CONFIG_FBSET is not set
+# CONFIG_FEATURE_FBSET_FANCY is not set
+# CONFIG_FEATURE_FBSET_READMODE is not set
+# CONFIG_FDFORMAT is not set
+# CONFIG_FDISK is not set
+# CONFIG_FDISK_SUPPORT_LARGE_DISKS is not set
+# CONFIG_FEATURE_FDISK_WRITABLE is not set
+# CONFIG_FEATURE_AIX_LABEL is not set
+# CONFIG_FEATURE_SGI_LABEL is not set
+# CONFIG_FEATURE_SUN_LABEL is not set
+# CONFIG_FEATURE_OSF_LABEL is not set
+# CONFIG_FEATURE_GPT_LABEL is not set
+# CONFIG_FEATURE_FDISK_ADVANCED is not set
+# CONFIG_FINDFS is not set
+# CONFIG_FLOCK is not set
+# CONFIG_FDFLUSH is not set
+# CONFIG_FREERAMDISK is not set
+# CONFIG_FSCK_MINIX is not set
+# CONFIG_FSFREEZE is not set
+# CONFIG_FSTRIM is not set
+# CONFIG_GETOPT is not set
+# CONFIG_FEATURE_GETOPT_LONG is not set
+# CONFIG_HEXDUMP is not set
+# CONFIG_HD is not set
+# CONFIG_XXD is not set
+# CONFIG_HWCLOCK is not set
+# CONFIG_FEATURE_HWCLOCK_ADJTIME_FHS is not set
+# CONFIG_IONICE is not set
+# CONFIG_IPCRM is not set
+# CONFIG_IPCS is not set
+# CONFIG_LAST is not set
+# CONFIG_FEATURE_LAST_FANCY is not set
+# CONFIG_LOSETUP is not set
+# CONFIG_LSPCI is not set
+# CONFIG_LSUSB is not set
+# CONFIG_MDEV is not set
+# CONFIG_FEATURE_MDEV_CONF is not set
+# CONFIG_FEATURE_MDEV_RENAME is not set
+# CONFIG_FEATURE_MDEV_RENAME_REGEXP is not set
+# CONFIG_FEATURE_MDEV_EXEC is not set
+# CONFIG_FEATURE_MDEV_LOAD_FIRMWARE is not set
+# CONFIG_FEATURE_MDEV_DAEMON is not set
+# CONFIG_MESG is not set
+# CONFIG_FEATURE_MESG_ENABLE_ONLY_GROUP is not set
+# CONFIG_MKE2FS is not set
+# CONFIG_MKFS_EXT2 is not set
+# CONFIG_MKFS_MINIX is not set
+# CONFIG_FEATURE_MINIX2 is not set
+# CONFIG_MKFS_REISER is not set
+# CONFIG_MKDOSFS is not set
+# CONFIG_MKFS_VFAT is not set
+# CONFIG_MKSWAP is not set
+# CONFIG_FEATURE_MKSWAP_UUID is not set
+# CONFIG_MORE is not set
+# CONFIG_MOUNT is not set
+# CONFIG_FEATURE_MOUNT_FAKE is not set
+# CONFIG_FEATURE_MOUNT_VERBOSE is not set
+# CONFIG_FEATURE_MOUNT_HELPERS is not set
+# CONFIG_FEATURE_MOUNT_LABEL is not set
+# CONFIG_FEATURE_MOUNT_NFS is not set
+# CONFIG_FEATURE_MOUNT_CIFS is not set
+# CONFIG_FEATURE_MOUNT_FLAGS is not set
+# CONFIG_FEATURE_MOUNT_FSTAB is not set
+# CONFIG_FEATURE_MOUNT_OTHERTAB is not set
+# CONFIG_MOUNTPOINT is not set
+# CONFIG_NOLOGIN is not set
+# CONFIG_NOLOGIN_DEPENDENCIES is not set
+# CONFIG_NSENTER is not set
+# CONFIG_PIVOT_ROOT is not set
+# CONFIG_RDATE is not set
+# CONFIG_RDEV is not set
+# CONFIG_READPROFILE is not set
+# CONFIG_RENICE is not set
+# CONFIG_REV is not set
+# CONFIG_RTCWAKE is not set
+# CONFIG_SCRIPT is not set
+# CONFIG_SCRIPTREPLAY is not set
+# CONFIG_SETARCH is not set
+# CONFIG_LINUX32 is not set
+# CONFIG_LINUX64 is not set
+# CONFIG_SETPRIV is not set
+# CONFIG_FEATURE_SETPRIV_DUMP is not set
+# CONFIG_FEATURE_SETPRIV_CAPABILITIES is not set
+# CONFIG_FEATURE_SETPRIV_CAPABILITY_NAMES is not set
+# CONFIG_SETSID is not set
+# CONFIG_SWAPON is not set
+# CONFIG_FEATURE_SWAPON_DISCARD is not set
+# CONFIG_FEATURE_SWAPON_PRI is not set
+# CONFIG_SWAPOFF is not set
+# CONFIG_FEATURE_SWAPONOFF_LABEL is not set
+# CONFIG_SWITCH_ROOT is not set
+# CONFIG_TASKSET is not set
+# CONFIG_FEATURE_TASKSET_FANCY is not set
+# CONFIG_FEATURE_TASKSET_CPULIST is not set
+# CONFIG_UEVENT is not set
+# CONFIG_UMOUNT is not set
+# CONFIG_FEATURE_UMOUNT_ALL is not set
+# CONFIG_UNSHARE is not set
+# CONFIG_WALL is not set
+# CONFIG_FEATURE_MOUNT_LOOP is not set
+# CONFIG_FEATURE_MOUNT_LOOP_CREATE is not set
+# CONFIG_FEATURE_MTAB_SUPPORT is not set
+# CONFIG_VOLUMEID is not set
+# CONFIG_FEATURE_VOLUMEID_BCACHE is not set
+# CONFIG_FEATURE_VOLUMEID_BTRFS is not set
+# CONFIG_FEATURE_VOLUMEID_CRAMFS is not set
+# CONFIG_FEATURE_VOLUMEID_EROFS is not set
+# CONFIG_FEATURE_VOLUMEID_EXFAT is not set
+# CONFIG_FEATURE_VOLUMEID_EXT is not set
+# CONFIG_FEATURE_VOLUMEID_F2FS is not set
+# CONFIG_FEATURE_VOLUMEID_FAT is not set
+# CONFIG_FEATURE_VOLUMEID_HFS is not set
+# CONFIG_FEATURE_VOLUMEID_ISO9660 is not set
+# CONFIG_FEATURE_VOLUMEID_JFS is not set
+# CONFIG_FEATURE_VOLUMEID_LFS is not set
+# CONFIG_FEATURE_VOLUMEID_LINUXRAID is not set
+# CONFIG_FEATURE_VOLUMEID_LINUXSWAP is not set
+# CONFIG_FEATURE_VOLUMEID_LUKS is not set
+# CONFIG_FEATURE_VOLUMEID_MINIX is not set
+# CONFIG_FEATURE_VOLUMEID_NILFS is not set
+# CONFIG_FEATURE_VOLUMEID_NTFS is not set
+# CONFIG_FEATURE_VOLUMEID_OCFS2 is not set
+# CONFIG_FEATURE_VOLUMEID_REISERFS is not set
+# CONFIG_FEATURE_VOLUMEID_ROMFS is not set
+# CONFIG_FEATURE_VOLUMEID_SQUASHFS is not set
+# CONFIG_FEATURE_VOLUMEID_SYSV is not set
+# CONFIG_FEATURE_VOLUMEID_UBIFS is not set
+# CONFIG_FEATURE_VOLUMEID_UDF is not set
+# CONFIG_FEATURE_VOLUMEID_XFS is not set
+
+#
+# Miscellaneous Utilities
+#
+# CONFIG_ADJTIMEX is not set
+# CONFIG_ASCII is not set
+# CONFIG_BBCONFIG is not set
+# CONFIG_FEATURE_COMPRESS_BBCONFIG is not set
+# CONFIG_BC is not set
+# CONFIG_DC is not set
+# CONFIG_FEATURE_DC_BIG is not set
+# CONFIG_FEATURE_DC_LIBM is not set
+# CONFIG_FEATURE_BC_INTERACTIVE is not set
+# CONFIG_FEATURE_BC_LONG_OPTIONS is not set
+# CONFIG_BEEP is not set
+CONFIG_FEATURE_BEEP_FREQ=0
+CONFIG_FEATURE_BEEP_LENGTH_MS=0
+# CONFIG_CHAT is not set
+# CONFIG_FEATURE_CHAT_NOFAIL is not set
+# CONFIG_FEATURE_CHAT_TTY_HIFI is not set
+# CONFIG_FEATURE_CHAT_IMPLICIT_CR is not set
+# CONFIG_FEATURE_CHAT_SWALLOW_OPTS is not set
+# CONFIG_FEATURE_CHAT_SEND_ESCAPES is not set
+# CONFIG_FEATURE_CHAT_VAR_ABORT_LEN is not set
+# CONFIG_FEATURE_CHAT_CLR_ABORT is not set
+# CONFIG_CONSPY is not set
+# CONFIG_CROND is not set
+# CONFIG_FEATURE_CROND_D is not set
+# CONFIG_FEATURE_CROND_CALL_SENDMAIL is not set
+# CONFIG_FEATURE_CROND_SPECIAL_TIMES is not set
+CONFIG_FEATURE_CROND_DIR=""
+# CONFIG_CRONTAB is not set
+# CONFIG_DEVFSD is not set
+# CONFIG_DEVFSD_MODLOAD is not set
+# CONFIG_DEVFSD_FG_NP is not set
+# CONFIG_DEVFSD_VERBOSE is not set
+# CONFIG_FEATURE_DEVFS is not set
+# CONFIG_DEVMEM is not set
+# CONFIG_FBSPLASH is not set
+# CONFIG_FLASH_ERASEALL is not set
+# CONFIG_FLASH_LOCK is not set
+# CONFIG_FLASH_UNLOCK is not set
+# CONFIG_FLASHCP is not set
+# CONFIG_HDPARM is not set
+# CONFIG_FEATURE_HDPARM_GET_IDENTITY is not set
+# CONFIG_FEATURE_HDPARM_HDIO_SCAN_HWIF is not set
+# CONFIG_FEATURE_HDPARM_HDIO_UNREGISTER_HWIF is not set
+# CONFIG_FEATURE_HDPARM_HDIO_DRIVE_RESET is not set
+# CONFIG_FEATURE_HDPARM_HDIO_TRISTATE_HWIF is not set
+# CONFIG_FEATURE_HDPARM_HDIO_GETSET_DMA is not set
+# CONFIG_HEXEDIT is not set
+# CONFIG_I2CGET is not set
+# CONFIG_I2CSET is not set
+# CONFIG_I2CDUMP is not set
+# CONFIG_I2CDETECT is not set
+# CONFIG_I2CTRANSFER is not set
+# CONFIG_INOTIFYD is not set
+CONFIG_LESS=y
+CONFIG_FEATURE_LESS_MAXLINES=9999999
+CONFIG_FEATURE_LESS_BRACKETS=y
+CONFIG_FEATURE_LESS_FLAGS=y
+CONFIG_FEATURE_LESS_TRUNCATE=y
+CONFIG_FEATURE_LESS_MARKS=y
+CONFIG_FEATURE_LESS_REGEXP=y
+CONFIG_FEATURE_LESS_WINCH=y
+CONFIG_FEATURE_LESS_ASK_TERMINAL=y
+CONFIG_FEATURE_LESS_DASHCMD=y
+CONFIG_FEATURE_LESS_LINENUMS=y
+CONFIG_FEATURE_LESS_RAW=y
+CONFIG_FEATURE_LESS_ENV=y
+# CONFIG_LSSCSI is not set
+# CONFIG_MAKEDEVS is not set
+# CONFIG_FEATURE_MAKEDEVS_LEAF is not set
+# CONFIG_FEATURE_MAKEDEVS_TABLE is not set
+# CONFIG_MAN is not set
+# CONFIG_MICROCOM is not set
+# CONFIG_MIM is not set
+# CONFIG_MT is not set
+# CONFIG_NANDWRITE is not set
+# CONFIG_NANDDUMP is not set
+# CONFIG_PARTPROBE is not set
+# CONFIG_RAIDAUTORUN is not set
+CONFIG_READAHEAD=y
+# CONFIG_RFKILL is not set
+# CONFIG_RUNLEVEL is not set
+# CONFIG_RX is not set
+# CONFIG_SETFATTR is not set
+# CONFIG_SETSERIAL is not set
+# CONFIG_STRINGS is not set
+# CONFIG_TIME is not set
+# CONFIG_TS is not set
+# CONFIG_TTYSIZE is not set
+# CONFIG_UBIATTACH is not set
+# CONFIG_UBIDETACH is not set
+# CONFIG_UBIMKVOL is not set
+# CONFIG_UBIRMVOL is not set
+# CONFIG_UBIRSVOL is not set
+# CONFIG_UBIUPDATEVOL is not set
+# CONFIG_UBIRENAME is not set
+# CONFIG_VOLNAME is not set
+# CONFIG_WATCHDOG is not set
+# CONFIG_FEATURE_WATCHDOG_OPEN_TWICE is not set
+
+#
+# Networking Utilities
+#
+CONFIG_FEATURE_IPV6=y
+# CONFIG_FEATURE_UNIX_LOCAL is not set
+CONFIG_FEATURE_PREFER_IPV4_ADDRESS=y
+# CONFIG_VERBOSE_RESOLUTION_ERRORS is not set
+# CONFIG_FEATURE_TLS_SHA1 is not set
+# CONFIG_ARP is not set
+# CONFIG_ARPING is not set
+# CONFIG_BRCTL is not set
+# CONFIG_FEATURE_BRCTL_FANCY is not set
+# CONFIG_FEATURE_BRCTL_SHOW is not set
+# CONFIG_DNSD is not set
+# CONFIG_ETHER_WAKE is not set
+# CONFIG_FTPD is not set
+# CONFIG_FEATURE_FTPD_WRITE is not set
+# CONFIG_FEATURE_FTPD_ACCEPT_BROKEN_LIST is not set
+# CONFIG_FEATURE_FTPD_AUTHENTICATION is not set
+# CONFIG_FTPGET is not set
+# CONFIG_FTPPUT is not set
+# CONFIG_FEATURE_FTPGETPUT_LONG_OPTIONS is not set
+# CONFIG_HOSTNAME is not set
+# CONFIG_DNSDOMAINNAME is not set
+# CONFIG_HTTPD is not set
+# CONFIG_FEATURE_HTTPD_RANGES is not set
+# CONFIG_FEATURE_HTTPD_SETUID is not set
+# CONFIG_FEATURE_HTTPD_BASIC_AUTH is not set
+# CONFIG_FEATURE_HTTPD_AUTH_MD5 is not set
+# CONFIG_FEATURE_HTTPD_CGI is not set
+# CONFIG_FEATURE_HTTPD_CONFIG_WITH_SCRIPT_INTERPR is not set
+# CONFIG_FEATURE_HTTPD_SET_REMOTE_PORT_TO_ENV is not set
+# CONFIG_FEATURE_HTTPD_ENCODE_URL_STR is not set
+# CONFIG_FEATURE_HTTPD_ERROR_PAGES is not set
+# CONFIG_FEATURE_HTTPD_PROXY is not set
+# CONFIG_FEATURE_HTTPD_GZIP is not set
+# CONFIG_FEATURE_HTTPD_ETAG is not set
+# CONFIG_FEATURE_HTTPD_LAST_MODIFIED is not set
+# CONFIG_FEATURE_HTTPD_DATE is not set
+# CONFIG_FEATURE_HTTPD_ACL_IP is not set
+# CONFIG_IFCONFIG is not set
+# CONFIG_FEATURE_IFCONFIG_STATUS is not set
+# CONFIG_FEATURE_IFCONFIG_SLIP is not set
+# CONFIG_FEATURE_IFCONFIG_MEMSTART_IOADDR_IRQ is not set
+# CONFIG_FEATURE_IFCONFIG_HW is not set
+# CONFIG_FEATURE_IFCONFIG_BROADCAST_PLUS is not set
+# CONFIG_IFENSLAVE is not set
+# CONFIG_IFPLUGD is not set
+# CONFIG_IFUP is not set
+# CONFIG_IFDOWN is not set
+CONFIG_IFUPDOWN_IFSTATE_PATH=""
+# CONFIG_FEATURE_IFUPDOWN_IP is not set
+# CONFIG_FEATURE_IFUPDOWN_IPV4 is not set
+# CONFIG_FEATURE_IFUPDOWN_IPV6 is not set
+# CONFIG_FEATURE_IFUPDOWN_MAPPING is not set
+# CONFIG_FEATURE_IFUPDOWN_EXTERNAL_DHCP is not set
+# CONFIG_INETD is not set
+# CONFIG_FEATURE_INETD_SUPPORT_BUILTIN_ECHO is not set
+# CONFIG_FEATURE_INETD_SUPPORT_BUILTIN_DISCARD is not set
+# CONFIG_FEATURE_INETD_SUPPORT_BUILTIN_TIME is not set
+# CONFIG_FEATURE_INETD_SUPPORT_BUILTIN_DAYTIME is not set
+# CONFIG_FEATURE_INETD_SUPPORT_BUILTIN_CHARGEN is not set
+# CONFIG_FEATURE_INETD_RPC is not set
+CONFIG_IP=y
+# CONFIG_IPADDR is not set
+# CONFIG_IPLINK is not set
+# CONFIG_IPROUTE is not set
+# CONFIG_IPTUNNEL is not set
+# CONFIG_IPRULE is not set
+# CONFIG_IPNEIGH is not set
+CONFIG_FEATURE_IP_ADDRESS=y
+CONFIG_FEATURE_IP_LINK=y
+CONFIG_FEATURE_IP_ROUTE=y
+CONFIG_FEATURE_IP_ROUTE_DIR="/etc/iproute2"
+CONFIG_FEATURE_IP_TUNNEL=y
+CONFIG_FEATURE_IP_RULE=y
+CONFIG_FEATURE_IP_NEIGH=y
+# CONFIG_FEATURE_IP_RARE_PROTOCOLS is not set
+# CONFIG_IPCALC is not set
+# CONFIG_FEATURE_IPCALC_LONG_OPTIONS is not set
+# CONFIG_FEATURE_IPCALC_FANCY is not set
+# CONFIG_FAKEIDENTD is not set
+# CONFIG_NAMEIF is not set
+# CONFIG_FEATURE_NAMEIF_EXTENDED is not set
+# CONFIG_NBDCLIENT is not set
+# CONFIG_NC is not set
+# CONFIG_NETCAT is not set
+# CONFIG_NC_SERVER is not set
+# CONFIG_NC_EXTRA is not set
+# CONFIG_NC_110_COMPAT is not set
+CONFIG_NETSTAT=y
+CONFIG_FEATURE_NETSTAT_WIDE=y
+CONFIG_FEATURE_NETSTAT_PRG=y
+# CONFIG_NSLOOKUP is not set
+# CONFIG_FEATURE_NSLOOKUP_BIG is not set
+# CONFIG_FEATURE_NSLOOKUP_LONG_OPTIONS is not set
+# CONFIG_NTPD is not set
+# CONFIG_FEATURE_NTPD_SERVER is not set
+# CONFIG_FEATURE_NTPD_CONF is not set
+# CONFIG_FEATURE_NTP_AUTH is not set
+CONFIG_PING=y
+CONFIG_PING6=y
+CONFIG_FEATURE_FANCY_PING=y
+# CONFIG_PSCAN is not set
+# CONFIG_ROUTE is not set
+# CONFIG_SLATTACH is not set
+CONFIG_SSL_CLIENT=y
+# CONFIG_TC is not set
+# CONFIG_FEATURE_TC_INGRESS is not set
+# CONFIG_TCPSVD is not set
+# CONFIG_UDPSVD is not set
+# CONFIG_TELNET is not set
+# CONFIG_FEATURE_TELNET_TTYPE is not set
+# CONFIG_FEATURE_TELNET_AUTOLOGIN is not set
+# CONFIG_FEATURE_TELNET_WIDTH is not set
+# CONFIG_TELNETD is not set
+# CONFIG_FEATURE_TELNETD_STANDALONE is not set
+# CONFIG_FEATURE_TELNETD_INETD_WAIT is not set
+# CONFIG_TFTP is not set
+# CONFIG_FEATURE_TFTP_PROGRESS_BAR is not set
+# CONFIG_FEATURE_TFTP_HPA_COMPAT is not set
+# CONFIG_TFTPD is not set
+# CONFIG_FEATURE_TFTP_GET is not set
+# CONFIG_FEATURE_TFTP_PUT is not set
+# CONFIG_FEATURE_TFTP_BLOCKSIZE is not set
+# CONFIG_TFTP_DEBUG is not set
+CONFIG_TLS=y
+# CONFIG_TRACEROUTE is not set
+# CONFIG_TRACEROUTE6 is not set
+# CONFIG_FEATURE_TRACEROUTE_VERBOSE is not set
+# CONFIG_FEATURE_TRACEROUTE_USE_ICMP is not set
+# CONFIG_TUNCTL is not set
+# CONFIG_FEATURE_TUNCTL_UG is not set
+# CONFIG_VCONFIG is not set
+CONFIG_WGET=y
+CONFIG_FEATURE_WGET_LONG_OPTIONS=y
+CONFIG_FEATURE_WGET_STATUSBAR=y
+# CONFIG_FEATURE_WGET_FTP is not set
+# CONFIG_FEATURE_WGET_AUTHENTICATION is not set
+CONFIG_FEATURE_WGET_TIMEOUT=y
+CONFIG_FEATURE_WGET_HTTPS=y
+# CONFIG_FEATURE_WGET_OPENSSL is not set
+# CONFIG_WHOIS is not set
+# CONFIG_ZCIP is not set
+# CONFIG_UDHCPD is not set
+# CONFIG_FEATURE_UDHCPD_BASE_IP_ON_MAC is not set
+# CONFIG_FEATURE_UDHCPD_WRITE_LEASES_EARLY is not set
+CONFIG_DHCPD_LEASES_FILE=""
+# CONFIG_DUMPLEASES is not set
+# CONFIG_DHCPRELAY is not set
+# CONFIG_UDHCPC is not set
+# CONFIG_FEATURE_UDHCPC_ARPING is not set
+# CONFIG_FEATURE_UDHCPC_SANITIZEOPT is not set
+CONFIG_UDHCPC_DEFAULT_SCRIPT=""
+# CONFIG_UDHCPC6 is not set
+# CONFIG_FEATURE_UDHCPC6_RFC3646 is not set
+# CONFIG_FEATURE_UDHCPC6_RFC4704 is not set
+# CONFIG_FEATURE_UDHCPC6_RFC4833 is not set
+# CONFIG_FEATURE_UDHCPC6_RFC5970 is not set
+CONFIG_UDHCPC_DEFAULT_INTERFACE=""
+# CONFIG_FEATURE_UDHCP_PORT is not set
+CONFIG_UDHCP_DEBUG=0
+CONFIG_UDHCPC_SLACK_FOR_BUGGY_SERVERS=0
+# CONFIG_FEATURE_UDHCP_RFC3397 is not set
+# CONFIG_FEATURE_UDHCP_8021Q is not set
+CONFIG_IFUPDOWN_UDHCPC_CMD_OPTIONS=""
+
+#
+# Print Utilities
+#
+# CONFIG_LPD is not set
+# CONFIG_LPR is not set
+# CONFIG_LPQ is not set
+
+#
+# Mail Utilities
+#
+# CONFIG_MAKEMIME is not set
+# CONFIG_POPMAILDIR is not set
+# CONFIG_FEATURE_POPMAILDIR_DELIVERY is not set
+# CONFIG_REFORMIME is not set
+# CONFIG_FEATURE_REFORMIME_COMPAT is not set
+# CONFIG_SENDMAIL is not set
+CONFIG_FEATURE_MIME_CHARSET=""
+
+#
+# Process Utilities
+#
+CONFIG_FREE=y
+CONFIG_FUSER=y
+# CONFIG_IOSTAT is not set
+CONFIG_KILL=y
+# CONFIG_KILLALL is not set
+# CONFIG_KILLALL5 is not set
+CONFIG_LSOF=y
+# CONFIG_MPSTAT is not set
+# CONFIG_NMETER is not set
+CONFIG_PGREP=y
+CONFIG_PKILL=y
+CONFIG_PIDOF=y
+CONFIG_FEATURE_PIDOF_SINGLE=y
+CONFIG_FEATURE_PIDOF_OMIT=y
+# CONFIG_PMAP is not set
+# CONFIG_POWERTOP is not set
+# CONFIG_FEATURE_POWERTOP_INTERACTIVE is not set
+CONFIG_PS=y
+CONFIG_FEATURE_PS_WIDE=y
+CONFIG_FEATURE_PS_LONG=y
+# CONFIG_FEATURE_PS_TIME is not set
+# CONFIG_FEATURE_PS_UNUSUAL_SYSTEMS is not set
+# CONFIG_FEATURE_PS_ADDITIONAL_COLUMNS is not set
+# CONFIG_PSTREE is not set
+# CONFIG_PWDX is not set
+# CONFIG_SMEMCAP is not set
+# CONFIG_BB_SYSCTL is not set
+# CONFIG_TOP is not set
+# CONFIG_FEATURE_TOP_INTERACTIVE is not set
+# CONFIG_FEATURE_TOP_CPU_USAGE_PERCENTAGE is not set
+# CONFIG_FEATURE_TOP_CPU_GLOBAL_PERCENTS is not set
+# CONFIG_FEATURE_TOP_SMP_CPU is not set
+# CONFIG_FEATURE_TOP_DECIMALS is not set
+# CONFIG_FEATURE_TOP_SMP_PROCESS is not set
+# CONFIG_FEATURE_TOPMEM is not set
+CONFIG_UPTIME=y
+# CONFIG_FEATURE_UPTIME_UTMP_SUPPORT is not set
+# CONFIG_WATCH is not set
+CONFIG_FEATURE_SHOW_THREADS=y
+
+#
+# Runit Utilities
+#
+# CONFIG_CHPST is not set
+# CONFIG_SETUIDGID is not set
+# CONFIG_ENVUIDGID is not set
+# CONFIG_ENVDIR is not set
+# CONFIG_SOFTLIMIT is not set
+# CONFIG_RUNSV is not set
+# CONFIG_RUNSVDIR is not set
+# CONFIG_FEATURE_RUNSVDIR_LOG is not set
+# CONFIG_SV is not set
+CONFIG_SV_DEFAULT_SERVICE_DIR=""
+# CONFIG_SVC is not set
+# CONFIG_SVOK is not set
+# CONFIG_SVLOGD is not set
+CONFIG_CHCON=y
+# CONFIG_GETENFORCE is not set
+# CONFIG_GETSEBOOL is not set
+# CONFIG_LOAD_POLICY is not set
+# CONFIG_MATCHPATHCON is not set
+# CONFIG_RUNCON is not set
+# CONFIG_SELINUXENABLED is not set
+# CONFIG_SESTATUS is not set
+# CONFIG_SETENFORCE is not set
+# CONFIG_SETFILES is not set
+# CONFIG_FEATURE_SETFILES_CHECK_OPTION is not set
+# CONFIG_RESTORECON is not set
+# CONFIG_SETSEBOOL is not set
+
+#
+# Shells
+#
+CONFIG_SH_IS_ASH=y
+# CONFIG_SH_IS_HUSH is not set
+# CONFIG_SH_IS_NONE is not set
+# CONFIG_BASH_IS_ASH is not set
+# CONFIG_BASH_IS_HUSH is not set
+CONFIG_BASH_IS_NONE=y
+CONFIG_SHELL_ASH=y
+CONFIG_ASH=y
+# CONFIG_ASH_OPTIMIZE_FOR_SIZE is not set
+# CONFIG_ASH_INTERNAL_GLOB is not set
+# CONFIG_ASH_BASH_COMPAT is not set
+# CONFIG_ASH_BASH_SOURCE_CURDIR is not set
+# CONFIG_ASH_BASH_NOT_FOUND_HOOK is not set
+CONFIG_ASH_JOB_CONTROL=y
+# CONFIG_ASH_ALIAS is not set
+# CONFIG_ASH_RANDOM_SUPPORT is not set
+# CONFIG_ASH_EXPAND_PRMT is not set
+# CONFIG_ASH_IDLE_TIMEOUT is not set
+# CONFIG_ASH_MAIL is not set
+CONFIG_ASH_ECHO=y
+CONFIG_ASH_PRINTF=y
+CONFIG_ASH_TEST=y
+# CONFIG_ASH_HELP is not set
+# CONFIG_ASH_GETOPTS is not set
+CONFIG_ASH_CMDCMD=y
+# CONFIG_CTTYHACK is not set
+# CONFIG_HUSH is not set
+# CONFIG_SHELL_HUSH is not set
+# CONFIG_HUSH_BASH_COMPAT is not set
+# CONFIG_HUSH_BRACE_EXPANSION is not set
+# CONFIG_HUSH_BASH_SOURCE_CURDIR is not set
+# CONFIG_HUSH_LINENO_VAR is not set
+# CONFIG_HUSH_INTERACTIVE is not set
+# CONFIG_HUSH_SAVEHISTORY is not set
+# CONFIG_HUSH_JOB is not set
+# CONFIG_HUSH_TICK is not set
+# CONFIG_HUSH_IF is not set
+# CONFIG_HUSH_LOOPS is not set
+# CONFIG_HUSH_CASE is not set
+# CONFIG_HUSH_FUNCTIONS is not set
+# CONFIG_HUSH_LOCAL is not set
+# CONFIG_HUSH_RANDOM_SUPPORT is not set
+# CONFIG_HUSH_MODE_X is not set
+# CONFIG_HUSH_ECHO is not set
+# CONFIG_HUSH_PRINTF is not set
+# CONFIG_HUSH_TEST is not set
+# CONFIG_HUSH_HELP is not set
+# CONFIG_HUSH_EXPORT is not set
+# CONFIG_HUSH_EXPORT_N is not set
+# CONFIG_HUSH_READONLY is not set
+# CONFIG_HUSH_KILL is not set
+# CONFIG_HUSH_WAIT is not set
+# CONFIG_HUSH_COMMAND is not set
+# CONFIG_HUSH_TRAP is not set
+# CONFIG_HUSH_TYPE is not set
+# CONFIG_HUSH_TIMES is not set
+# CONFIG_HUSH_READ is not set
+# CONFIG_HUSH_SET is not set
+# CONFIG_HUSH_UNSET is not set
+# CONFIG_HUSH_ULIMIT is not set
+# CONFIG_HUSH_UMASK is not set
+# CONFIG_HUSH_GETOPTS is not set
+# CONFIG_HUSH_MEMLEAK is not set
+
+#
+# Options common to all shells
+#
+CONFIG_FEATURE_SH_MATH=y
+CONFIG_FEATURE_SH_MATH_64=y
+CONFIG_FEATURE_SH_MATH_BASE=y
+CONFIG_FEATURE_SH_EXTRA_QUIET=y
+# CONFIG_FEATURE_SH_STANDALONE is not set
+# CONFIG_FEATURE_SH_NOFORK is not set
+# CONFIG_FEATURE_SH_READ_FRAC is not set
+# CONFIG_FEATURE_SH_HISTFILESIZE is not set
+# CONFIG_FEATURE_SH_EMBEDDED_SCRIPTS is not set
+
+#
+# System Logging Utilities
+#
+# CONFIG_KLOGD is not set
+# CONFIG_FEATURE_KLOGD_KLOGCTL is not set
+# CONFIG_LOGGER is not set
+# CONFIG_LOGREAD is not set
+# CONFIG_FEATURE_LOGREAD_REDUCED_LOCKING is not set
+# CONFIG_SYSLOGD is not set
+# CONFIG_FEATURE_ROTATE_LOGFILE is not set
+# CONFIG_FEATURE_REMOTE_LOG is not set
+# CONFIG_FEATURE_SYSLOGD_DUP is not set
+# CONFIG_FEATURE_SYSLOGD_CFG is not set
+# CONFIG_FEATURE_SYSLOGD_PRECISE_TIMESTAMPS is not set
+CONFIG_FEATURE_SYSLOGD_READ_BUFFER_SIZE=0
+# CONFIG_FEATURE_IPC_SYSLOG is not set
+CONFIG_FEATURE_IPC_SYSLOG_BUFFER_SIZE=0
+# CONFIG_FEATURE_KMSG_SYSLOG is not set
diff --git a/prepare.sh b/prepare.sh
index 51dd2ff..cc070d2 100755
--- a/prepare.sh
+++ b/prepare.sh
@@ -31,11 +31,12 @@ if [ -d /usr/${target}/usr/lib/pkgconfig ] \
 fi
 
 if [ ! -f portage/make.conf/10-crossdev.conf ]; then
+    mkdir -p "${O}"/portage/etc/portage/make.conf
     sed -r \
         -e 's: ?-pam::' \
         -e '/PKGDIR=/d' \
         /usr/${target}/etc/portage/make.conf \
-        > "${CONFIGDIR}"/portage/target/etc/portage/make.conf/10-crossdev.conf
+        > "${O}"/portage/etc/portage/make.conf/10-crossdev.conf
 fi
 
 ln -snf /var/db/repos/gentoo/profiles/${profile} \
@@ -51,9 +52,7 @@ USE='pam build' \
 ${target}-emerge -bknvj sys-apps/util-linux
 
 # Set the Portage profile
+mkdir -p "${O}"/portage/etc/portage
 ln -snf \
     /var/db/repos/gentoo/profiles/${profile} \
-    ${CONFIGDIR}/portage/target/etc/portage/make.profile
-ln -snf \
-    $(realpath /etc/portage/make.profile) \
-    ${CONFIGDIR}/portage/host/etc/portage/make.profile
+    ${O}/portage/etc/portage/make.profile
diff --git a/rebuild-pkg.sh b/rebuild-pkg.sh
index 3a3e711..258f62b 100755
--- a/rebuild-pkg.sh
+++ b/rebuild-pkg.sh
@@ -7,6 +7,6 @@ set -e
 
 unset MAKEFLAGS MAKEOVERRIDES MAKELEVEL
 
-export PORTAGE_CONFIGROOT="${CONFIGDIR}"/portage/target
+export PORTAGE_CONFIGROOT="${O}"/portage
 
 ${target}-emerge -bkv1j --usepkg-exclude="$*" "$@"
diff --git a/setup-local-repo.sh b/setup-local-repo.sh
index 1237115..13d94f2 100755
--- a/setup-local-repo.sh
+++ b/setup-local-repo.sh
@@ -5,9 +5,9 @@ set -e
 
 . "${CONFIGDIR:=${PWD}}"/config
 
-mkdir -p "${CONFIGDIR}"/portage/target/etc/portage/repos.conf
+mkdir -p "${O}"/portage/etc/portage/repos.conf
 
-cat > "${CONFIGDIR}"/portage/target/etc/portage/repos.conf/aimee-os.conf <<EOF
+cat > "${O}"/portage/etc/portage/repos.conf/aimee-os.conf <<EOF
 [aimee-os]
 location = ${PWD}/repos/aimee-os
 auto-sync = no