1 |
commit: 1da4951880ebc7d14b8879568e1951419e67394a |
2 |
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
3 |
AuthorDate: Sat Oct 8 14:01:14 2011 +0000 |
4 |
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
5 |
CommitDate: Sat Oct 8 14:01:14 2011 +0000 |
6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=dev/blueness.git;a=commit;h=1da49518 |
7 |
|
8 |
sys-kernel/hardened-sources: testing patchset 20111006 |
9 |
|
10 |
(Portage version: 2.1.10.11/git/Linux x86_64, signed Manifest commit with key 0xD0455535) |
11 |
|
12 |
--- |
13 |
sys-kernel/hardened-sources/ChangeLog | 7 +++ |
14 |
sys-kernel/hardened-sources/Manifest | 20 +++++++-- |
15 |
.../hardened-sources-2.6.32-r70.ebuild | 48 ++++++++++++++++++++ |
16 |
.../hardened-sources-3.0.4-r5.ebuild | 48 ++++++++++++++++++++ |
17 |
4 files changed, 119 insertions(+), 4 deletions(-) |
18 |
|
19 |
diff --git a/sys-kernel/hardened-sources/ChangeLog b/sys-kernel/hardened-sources/ChangeLog |
20 |
index 3b0f649..3ee41a7 100644 |
21 |
--- a/sys-kernel/hardened-sources/ChangeLog |
22 |
+++ b/sys-kernel/hardened-sources/ChangeLog |
23 |
@@ -1,5 +1,12 @@ |
24 |
|
25 |
|
26 |
+*hardened-sources-3.0.4-r5 (08 Oct 2011) |
27 |
+*hardened-sources-2.6.32-r70 (08 Oct 2011) |
28 |
+ |
29 |
+ 08 Oct 2011; Anthony G. Basile <blueness@g.o> |
30 |
+ +hardened-sources-2.6.32-r70.ebuild, +hardened-sources-3.0.4-r5.ebuild: |
31 |
+ testing patchset 20111006 |
32 |
+ |
33 |
27 Sep 2011; Anthony G. Basile <blueness@g.o> |
34 |
-hardened-sources-2.6.32-r69.ebuild, -hardened-sources-3.0.4-r4.ebuild: |
35 |
moved to tree |
36 |
|
37 |
diff --git a/sys-kernel/hardened-sources/Manifest b/sys-kernel/hardened-sources/Manifest |
38 |
index dd89189..2b6946a 100644 |
39 |
--- a/sys-kernel/hardened-sources/Manifest |
40 |
+++ b/sys-kernel/hardened-sources/Manifest |
41 |
@@ -1,12 +1,24 @@ |
42 |
-----BEGIN PGP SIGNED MESSAGE----- |
43 |
Hash: SHA256 |
44 |
|
45 |
-MISC ChangeLog 6088 RMD160 32e3acc62a3feebcb2d30a0d695ef60094b46fdb SHA1 c167b25f71df9c5ea91313a5b9678c5fce6add59 SHA256 42b9010d6cd9d0bddb4d1df84708afa182bf7b30dfd23c521e3e60250c1b2d6b |
46 |
+DIST deblob-2.6.32 84094 RMD160 394f46ec5b869638a7bc2e87beb118167c9bd6cb SHA1 1a2a1efb72126609d9e3b9be99ae5be2751efd06 SHA256 de625f0bd221c9c38d4453f1b709622f222d86a0ae9350d2b7b0e17795e6de6d |
47 |
+DIST deblob-check-2.6.32 247608 RMD160 840bf8a229ea79810519eee6241edb85b78a6562 SHA1 d45a24eb16e5ac956c0fcddbc1ac4d67e326c7b8 SHA256 da1aecdf3ab7f1207b90642d303e52262ccc2ed9e49739b729512b88950d17f3 |
48 |
+DIST genpatches-2.6.32-43.base.tar.bz2 979911 RMD160 d221c448adb8116fa328304f7cde9ce92f6c5432 SHA1 6038e46e09e8dccbf80563998fc9ebd14718d0e3 SHA256 92f71a7ac87fd7117ce28e1666e8c95473cd4b4701a78984c2ba4b87d0a8c705 |
49 |
+DIST genpatches-2.6.32-43.extras.tar.bz2 24897 RMD160 fac4ce9c15953ad811b2c500b0145f2eebea5e2d SHA1 8f9cdf4bc06dc5e806698d93c002798faa53fda1 SHA256 309841a94e96d7076bca7fb547caae9786e24258e032da242f64768a413ddbf0 |
50 |
+DIST genpatches-3.0-7.base.tar.bz2 127115 RMD160 9d4a1a2a6e4f9bff5a4a8b6f1e58987f22869506 SHA1 cbe9679466e09ccc5f7b28a51fdccbb3a06a5389 SHA256 08fb2362a96b8c88028167226aaaf1855363426e2f90d60daa81649b7c5ffd6f |
51 |
+DIST genpatches-3.0-7.extras.tar.bz2 17200 RMD160 74dd8384f2e1e9741b547a59eb15dd8fd87f935a SHA1 94f26f6a8876e340965c65ad1204c1b911d42498 SHA256 259f669c55dfe9b9420b0e2875af0c404f333961b19e5cdd40d8df5f07fc698b |
52 |
+DIST hardened-patches-2.6.32-73.extras.tar.bz2 501595 RMD160 118de511b8c564ac895c34f4b947d5bb40f6da75 SHA1 d6522ec149e717c77b830e2ca58663e49636654e SHA256 2713d6eb2b89e18a34c9f7b5373ee30aa8e1605b7f15188dc85e15880f028d69 |
53 |
+DIST hardened-patches-3.0.4-6.extras.tar.bz2 473277 RMD160 116c35e0aaab8be1ff8243c4828daa606841c75b SHA1 546f7a3e537e701700a773ed97dc8a4ea3b39908 SHA256 8a96daed2849eb19a46433086d47627f37da7ba33da7d5bc025bafba88048872 |
54 |
+DIST linux-2.6.32.tar.bz2 64424138 RMD160 b93742cbaf8174f2200d2dbef0d47a26c618039c SHA1 410b4fc818023bfef60064e973ff0ab46d3bfb19 SHA256 5099786d80b8407d98a619df00209c2353517f22d804fdd9533b362adcb4504e |
55 |
+DIST linux-3.0.tar.bz2 76753134 RMD160 e20c9564ec0c8128e28a4c038986d4d93bbe34bb SHA1 45b64bffc860f70ab7956da4493c488010714650 SHA256 64b0228b54ce39b0b2df086109a7b737cde58e3df4f779506ddcaccee90356a0 |
56 |
+EBUILD hardened-sources-2.6.32-r70.ebuild 1806 RMD160 72cbc0a843eaa64da8c4b8daf7fb341202711ad8 SHA1 404fc6125c8eff03000d720826e6aeda978ba798 SHA256 43f657ff2d99e68a4cbbcf45e97cc0e9b85856c9a5fe12c38b00b8677a0a4491 |
57 |
+EBUILD hardened-sources-3.0.4-r5.ebuild 1754 RMD160 0236abb7ed6bc71bf28052d514c7ad65344074be SHA1 71b2997bd1cd6dbd3696b8f5bd5bb1fac45c1d9b SHA256 25234087c57a43718f525bfef3c97e600bec3998edf4b885f26dedae03a3345d |
58 |
+MISC ChangeLog 6331 RMD160 43d3660ad9a3c92da4de3d5aa4c8d346cd23bf19 SHA1 a9b121ce6b3afda7979da0aca6ac25ba8f6b9c8b SHA256 b86d2dd833170a6ecd334746aaaacb0bb78923db2195ff4bbf9b6227278ca6fc |
59 |
MISC metadata.xml 578 RMD160 7ea189a37d0f863ae9c52170bb85df27d21686fb SHA1 4765c25d7770a69f7b9dda2b1accc8ff27b74ad0 SHA256 64140e091b51002a5355d8fcfd351f2f39ed63da68af3a5751fc2058d0d03813 |
60 |
-----BEGIN PGP SIGNATURE----- |
61 |
Version: GnuPG v2.0.17 (GNU/Linux) |
62 |
|
63 |
-iEYEAREIAAYFAk6BNJAACgkQl5yvQNBFVTWagACfW9EuO9W3Rq643WwztY/5LgH7 |
64 |
-T2MAoJUmnoEebghkq6gQXexPi72zWsCx |
65 |
-=4dXx |
66 |
+iEYEAREIAAYFAk6QV6oACgkQl5yvQNBFVTWZagCfdqCLda4Hjwent4l9pLOrK3O4 |
67 |
+ucgAoIM+NvNLqIKb3eWJjtYPLA9VKWzX |
68 |
+=ofmi |
69 |
-----END PGP SIGNATURE----- |
70 |
|
71 |
diff --git a/sys-kernel/hardened-sources/hardened-sources-2.6.32-r70.ebuild b/sys-kernel/hardened-sources/hardened-sources-2.6.32-r70.ebuild |
72 |
new file mode 100644 |
73 |
index 0000000..6b46338 |
74 |
--- /dev/null |
75 |
+++ b/sys-kernel/hardened-sources/hardened-sources-2.6.32-r70.ebuild |
76 |
@@ -0,0 +1,48 @@ |
77 |
+# Copyright 1999-2011 Gentoo Foundation |
78 |
+# Distributed under the terms of the GNU General Public License v2 |
79 |
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/hardened-sources-2.6.32-r69.ebuild,v 1.1 2011/09/27 02:24:01 blueness Exp $ |
80 |
+ |
81 |
+EAPI="4" |
82 |
+ |
83 |
+ETYPE="sources" |
84 |
+K_WANT_GENPATCHES="base extras" |
85 |
+K_GENPATCHES_VER="43" |
86 |
+ |
87 |
+inherit kernel-2 |
88 |
+detect_version |
89 |
+ |
90 |
+HGPV="${KV_MAJOR}.${KV_MINOR}.${KV_PATCH}-73" |
91 |
+HGPV_URI="http://dev.gentoo.org/~blueness/hardened-sources/hardened-patches/hardened-patches-${HGPV}.extras.tar.bz2" |
92 |
+SRC_URI="${KERNEL_URI} ${HGPV_URI} ${GENPATCHES_URI} ${ARCH_URI}" |
93 |
+ |
94 |
+UNIPATCH_LIST="${DISTDIR}/hardened-patches-${HGPV}.extras.tar.bz2" |
95 |
+UNIPATCH_EXCLUDE="2000_fix-broken-backport-for-ipv6-tunnels.patch 4200_fbcondecor-0.9.6.patch" |
96 |
+ |
97 |
+DESCRIPTION="Hardened kernel sources (kernel series ${KV_MAJOR}.${KV_MINOR})" |
98 |
+HOMEPAGE="http://www.gentoo.org/proj/en/hardened/" |
99 |
+IUSE="" |
100 |
+ |
101 |
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86" |
102 |
+ |
103 |
+pkg_postinst() { |
104 |
+ kernel-2_pkg_postinst |
105 |
+ |
106 |
+ local GRADM_COMPAT="sys-apps/gradm-2.2.2*" |
107 |
+ |
108 |
+ ewarn |
109 |
+ ewarn "Hardened Gentoo provides three different predefined grsecurity level:" |
110 |
+ ewarn "[server], [workstation], and [virtualization]." |
111 |
+ ewarn |
112 |
+ ewarn "Those who intend to use one of these predefined grsecurity levels" |
113 |
+ ewarn "should read the help associated with the level. Users importing a" |
114 |
+ ewarn "kernel configuration from a kernel prior to ${PN}-2.6.32," |
115 |
+ ewarn "should review their selected grsecurity/PaX options carefully." |
116 |
+ ewarn |
117 |
+ ewarn "Users of grsecurity's RBAC system must ensure they are using" |
118 |
+ ewarn "${GRADM_COMPAT}, which is compatible with ${PF}." |
119 |
+ ewarn "It is strongly recommended that the following command is issued" |
120 |
+ ewarn "prior to booting a ${PF} kernel for the first time:" |
121 |
+ ewarn |
122 |
+ ewarn "emerge -na =${GRADM_COMPAT}" |
123 |
+ ewarn |
124 |
+} |
125 |
|
126 |
diff --git a/sys-kernel/hardened-sources/hardened-sources-3.0.4-r5.ebuild b/sys-kernel/hardened-sources/hardened-sources-3.0.4-r5.ebuild |
127 |
new file mode 100644 |
128 |
index 0000000..25a364c |
129 |
--- /dev/null |
130 |
+++ b/sys-kernel/hardened-sources/hardened-sources-3.0.4-r5.ebuild |
131 |
@@ -0,0 +1,48 @@ |
132 |
+# Copyright 1999-2011 Gentoo Foundation |
133 |
+# Distributed under the terms of the GNU General Public License v2 |
134 |
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/hardened-sources-3.0.4-r4.ebuild,v 1.1 2011/09/27 02:29:03 blueness Exp $ |
135 |
+ |
136 |
+EAPI="4" |
137 |
+ |
138 |
+ETYPE="sources" |
139 |
+K_WANT_GENPATCHES="base extras" |
140 |
+K_GENPATCHES_VER="7" |
141 |
+ |
142 |
+inherit kernel-2 |
143 |
+detect_version |
144 |
+ |
145 |
+HGPV="${KV_MAJOR}.${KV_MINOR}.${KV_PATCH}-6" |
146 |
+HGPV_URI="http://dev.gentoo.org/~blueness/hardened-sources/hardened-patches/hardened-patches-${HGPV}.extras.tar.bz2" |
147 |
+SRC_URI="${KERNEL_URI} ${HGPV_URI} ${GENPATCHES_URI} ${ARCH_URI}" |
148 |
+ |
149 |
+UNIPATCH_LIST="${DISTDIR}/hardened-patches-${HGPV}.extras.tar.bz2" |
150 |
+UNIPATCH_EXCLUDE="4200_fbcondecor-0.9.6.patch" |
151 |
+ |
152 |
+DESCRIPTION="Hardened kernel sources (kernel series ${KV_MAJOR}.${KV_MINOR})" |
153 |
+HOMEPAGE="http://www.gentoo.org/proj/en/hardened/" |
154 |
+IUSE="" |
155 |
+ |
156 |
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86" |
157 |
+ |
158 |
+pkg_postinst() { |
159 |
+ kernel-2_pkg_postinst |
160 |
+ |
161 |
+ local GRADM_COMPAT="sys-apps/gradm-2.2.2*" |
162 |
+ |
163 |
+ ewarn |
164 |
+ ewarn "Hardened Gentoo provides three different predefined grsecurity level:" |
165 |
+ ewarn "[server], [workstation], and [virtualization]." |
166 |
+ ewarn |
167 |
+ ewarn "Those who intend to use one of these predefined grsecurity levels" |
168 |
+ ewarn "should read the help associated with the level. Users importing a" |
169 |
+ ewarn "kernel configuration from a kernel prior to ${PN}-2.6.32," |
170 |
+ ewarn "should review their selected grsecurity/PaX options carefully." |
171 |
+ ewarn |
172 |
+ ewarn "Users of grsecurity's RBAC system must ensure they are using" |
173 |
+ ewarn "${GRADM_COMPAT}, which is compatible with ${PF}." |
174 |
+ ewarn "It is strongly recommended that the following command is issued" |
175 |
+ ewarn "prior to booting a ${PF} kernel for the first time:" |
176 |
+ ewarn |
177 |
+ ewarn "emerge -na =${GRADM_COMPAT}" |
178 |
+ ewarn |
179 |
+} |