1 |
commit: f8ac652252f110bdd993a28e50109373839346eb |
2 |
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
3 |
AuthorDate: Sun Jun 17 12:28:25 2012 +0000 |
4 |
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
5 |
CommitDate: Sun Jun 17 12:28:25 2012 +0000 |
6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=dev/blueness.git;a=commit;h=f8ac6522 |
7 |
|
8 |
sys-kernel/hardened-sources: testing patchset 20120616 |
9 |
|
10 |
--- |
11 |
sys-kernel/hardened-sources/ChangeLog | 7 +++ |
12 |
sys-kernel/hardened-sources/Manifest | 28 ++++++----- |
13 |
.../hardened-sources-2.6.32-r111.ebuild | 51 ++++++++++++++++++++ |
14 |
.../hardened-sources-3.2.20-r1.ebuild | 50 +++++++++++++++++++ |
15 |
4 files changed, 124 insertions(+), 12 deletions(-) |
16 |
|
17 |
diff --git a/sys-kernel/hardened-sources/ChangeLog b/sys-kernel/hardened-sources/ChangeLog |
18 |
index e429084..532d9a4 100644 |
19 |
--- a/sys-kernel/hardened-sources/ChangeLog |
20 |
+++ b/sys-kernel/hardened-sources/ChangeLog |
21 |
@@ -1,5 +1,12 @@ |
22 |
|
23 |
|
24 |
+*hardened-sources-3.2.20-r1 (17 Jun 2012) |
25 |
+*hardened-sources-2.6.32-r111 (17 Jun 2012) |
26 |
+ |
27 |
+ 17 Jun 2012; Anthony G. Basile <blueness@g.o> |
28 |
+ +hardened-sources-2.6.32-r111.ebuild, +hardened-sources-3.2.20-r1.ebuild: |
29 |
+ Testing patchset 20120616 |
30 |
+ |
31 |
*hardened-sources-3.4.2-r1 (13 Jun 2012) |
32 |
|
33 |
13 Jun 2012; Anthony G. Basile <blueness@g.o> |
34 |
|
35 |
diff --git a/sys-kernel/hardened-sources/Manifest b/sys-kernel/hardened-sources/Manifest |
36 |
index 045824b..1bfc8a4 100644 |
37 |
--- a/sys-kernel/hardened-sources/Manifest |
38 |
+++ b/sys-kernel/hardened-sources/Manifest |
39 |
@@ -1,19 +1,23 @@ |
40 |
------BEGIN PGP SIGNED MESSAGE----- |
41 |
-Hash: SHA256 |
42 |
- |
43 |
+DIST deblob-2.6.32 84094 RMD160 394f46ec5b869638a7bc2e87beb118167c9bd6cb SHA1 1a2a1efb72126609d9e3b9be99ae5be2751efd06 SHA256 de625f0bd221c9c38d4453f1b709622f222d86a0ae9350d2b7b0e17795e6de6d |
44 |
+DIST deblob-3.2 107602 RMD160 56f1dfe4f0254c802b49ea5220c4f67e56649852 SHA1 83421184d88d02e24de2adbc5debfb03454a7f4b SHA256 5db88405af6d51a77d84354afc3b2bdf673b1a5dcff37bb8db4ccbd12d91db20 |
45 |
DIST deblob-3.4 109026 RMD160 ef9be1bdfbca2bfe4d5e60dd33ed6ec30a1e5c52 SHA1 83b455ad2db0470704225d1e81864af8fd3516c3 SHA256 2fca296bccfa7dc25447f36975971597f67730168a9bc4db0853e55347950680 |
46 |
+DIST deblob-check-2.6.32 247608 RMD160 840bf8a229ea79810519eee6241edb85b78a6562 SHA1 d45a24eb16e5ac956c0fcddbc1ac4d67e326c7b8 SHA256 da1aecdf3ab7f1207b90642d303e52262ccc2ed9e49739b729512b88950d17f3 |
47 |
+DIST deblob-check-3.2 423268 RMD160 8cb0c1b4a289db94543396c4445c4c7a35d2ba70 SHA1 01e50f824a577d15749f24643fdd136180342808 SHA256 9e67dd0885aa8ef356dbc15d487c8dea5a54f74c5b03a5d7946b65ee43f12638 |
48 |
DIST deblob-check-3.4 448778 RMD160 a00d430d137cd9d653a3c42cb36c6e31330ed007 SHA1 4d54aa271cebc0e770e152802f4cadf0dcc9471e SHA256 28ce952c082e765784f9e5b63f5a3a4fb93545e5e788dc94d094c0b3ae8ea3a0 |
49 |
+DIST genpatches-2.6.32-48.base.tar.bz2 1033142 RMD160 c42b6a5edbb9965391bbcf6ee40bb79c2080f497 SHA1 95e90447ecd875228121fa32e8cf89eaabde5fa6 SHA256 7438e7b7c0ef32e0c639cf89c4f53a3bc7917ca466b1fcf3931adb65ad05b583 |
50 |
+DIST genpatches-2.6.32-48.extras.tar.bz2 24939 RMD160 055706793fb532caeb3d364c5e1bd0ad46aff4b2 SHA1 2a966a4d5f9a718a0d43c25df563d0377154996f SHA256 ee714d14310fd5242ce2e28a8f8e5fda63ba18957960814876506f8754b9d2a0 |
51 |
+DIST genpatches-3.2-15.base.tar.bz2 402059 RMD160 60d8b5b3cb6a2a054b21f146612e534443a8a2cb SHA1 e09edadc6d4e3de8dc72eb248faa4a2bb4044102 SHA256 1e7997e7c9bb60c0307fd11c783e1f1aa8205ee400a8cce254a100c181b8295b |
52 |
+DIST genpatches-3.2-15.extras.tar.bz2 17195 RMD160 0f3b6b1b7955a9e648e5087fbe910b499e7c7528 SHA1 6b94048948e69dd640bf994295693027eca8c96d SHA256 ef869ab4d400d6422b0d462393d2d02488458ad5cb50abe8f376083cf27e167f |
53 |
DIST genpatches-3.4-2.base.tar.bz2 53731 RMD160 4218a0094a864240fe8ee4844df61d9caff15e6e SHA1 2c1c71a689a0f6343b8f3f152e050cc3a584a8e7 SHA256 165de5663fc5f600777744d9614cdfad9a4f96c07e56660f5f956375df2b1053 |
54 |
DIST genpatches-3.4-2.extras.tar.bz2 17502 RMD160 c5b834a28335f9a173e8e863b377aff513c791e5 SHA1 7278ac0434a59c1981c585e6a49305351b60573c SHA256 2b537431a408445cd1091562755234e840016f26ad63ab3a73812ac7f7e1c8d9 |
55 |
-DIST hardened-patches-3.4.2-2.extras.tar.bz2 547258 RMD160 fa33f0db98aa4b61d0b20bb943947de69cc9ed4c SHA1 5762a4ac93b57c6a4e6af6705826b377297eea78 SHA256 9b13ee433e2df41a9167ded5183c6f7a8d55987847bd9224b2b4400e28e07b77 |
56 |
+DIST hardened-patches-2.6.32-113.extras.tar.bz2 743903 RMD160 f805b8686b5c946a310013f5302254679d6697ef SHA1 1c4030cf394699ed028ae080fe796073671a25bf SHA256 7b450abba2d84164bc11d63d63a38ed16f9665bca4684df9b8258b7b92b2eaff |
57 |
+DIST hardened-patches-3.2.20-2.extras.tar.bz2 581395 RMD160 315814591173aed6e7cb301ee4e34682ae9d376c SHA1 561a9721e3aaa873df12fd440d0ec3b095096b02 SHA256 196c1e1b95bfce5b1dc0147e29ce6f97c39ef19baf1b0a4874ffe9ae03b93a78 |
58 |
+DIST hardened-patches-3.4.2-2.extras.tar.bz2 551756 RMD160 2b6ad2779549be98864fbade89dd9250313e48b7 SHA1 bbd9b88044fa51b183abf583d717f3496f6cbeea SHA256 a78d8a4dd29816c666c2310773c933931b854c401119a299bc3c976076fb764e |
59 |
+DIST linux-2.6.32.tar.bz2 64424138 RMD160 b93742cbaf8174f2200d2dbef0d47a26c618039c SHA1 410b4fc818023bfef60064e973ff0ab46d3bfb19 SHA256 5099786d80b8407d98a619df00209c2353517f22d804fdd9533b362adcb4504e |
60 |
+DIST linux-3.2.tar.bz2 78147838 RMD160 15eb022305dfc8b0e1d59e396911fa86eb9c3bdf SHA1 3460afa971049aa79b8f914e1bfd619eedd19f55 SHA256 c881fc2b53cf0da7ca4538aa44623a7de043a41f76fd5d0f51a31f6ed699d463 |
61 |
DIST linux-3.4.tar.bz2 80173484 RMD160 e0bcaa53b6eb3de9498f51b2c8b90d6c52d54889 SHA1 dfc54e7fbee81f77aba85d3d8ff2d992e1e49573 SHA256 a797a15d0b6228381507c14ecf4eec4a6cc5c77cfd521ba3b3e1325e85b5b16d |
62 |
+EBUILD hardened-sources-2.6.32-r111.ebuild 1819 RMD160 1e5c6123137cec0afb93cb7a2d883466ede47f72 SHA1 2257196345f2c37957c358feb5055ff424d9343e SHA256 e6760e888fe62d4526589bad64b54a66c0b991c53fc99c39c5cde1dbb4645fda |
63 |
+EBUILD hardened-sources-3.2.20-r1.ebuild 1813 RMD160 bb48a0c067935ecea42483d367c61e05706d0829 SHA1 963356ebd8e8a5a0b5dee7450e38984ceb55c2f5 SHA256 3c3461a4b384dcc1ada50f41a3b91f752a6bb71a59556eca3a8a43733011a0b1 |
64 |
EBUILD hardened-sources-3.4.2-r1.ebuild 1811 RMD160 17a2761845c340454a15e5a25ea446bfbef765ee SHA1 3a29abf16b49f35a9d381dbd2022779185a96914 SHA256 eab191dfd3edfc43b5fdde98c1515263f63e0c9ddd67abe96385283fcf6dda97 |
65 |
-MISC ChangeLog 25246 RMD160 3cea2c1d27699903691eeae4e4dec39aabc04f6c SHA1 7e74450ee3c8c5472c71123c2d1ec03657fdfacb SHA256 11bb679ca77371009808ef33c7c0b7d0a9cabea088091c9bb18eae822089c931 |
66 |
+MISC ChangeLog 25493 RMD160 f6d9f9874d145dbed5c4e6ad7d8f536979dc5d37 SHA1 ff173c2ba91ddfd58baee4107dd1f5c250e8feb4 SHA256 f62d8a0830b435fa351d85fe0a479d591e7c7371e2bb2f0dd2ddd3384b71490e |
67 |
MISC metadata.xml 576 RMD160 f3d34140c6074436e3861275202f48ba32be6ccc SHA1 d1a11f53284e9ff098b6a5f14eaac6756e238588 SHA256 53e0d3bfb958bcbf62457a89abe76a7a6f5a2b1df5decb04bf8b840184cc5828 |
68 |
------BEGIN PGP SIGNATURE----- |
69 |
-Version: GnuPG v2.0.17 (GNU/Linux) |
70 |
- |
71 |
-iEYEAREIAAYFAk/ZITUACgkQl5yvQNBFVTWv5ACgn27GiR5sVJXZYx8rNTugMaVu |
72 |
-UbcAnj/3VrIJ1NQgF4Fagw3CTgNXsnIv |
73 |
-=qVyu |
74 |
------END PGP SIGNATURE----- |
75 |
|
76 |
diff --git a/sys-kernel/hardened-sources/hardened-sources-2.6.32-r111.ebuild b/sys-kernel/hardened-sources/hardened-sources-2.6.32-r111.ebuild |
77 |
new file mode 100644 |
78 |
index 0000000..f684e2c |
79 |
--- /dev/null |
80 |
+++ b/sys-kernel/hardened-sources/hardened-sources-2.6.32-r111.ebuild |
81 |
@@ -0,0 +1,51 @@ |
82 |
+# Copyright 1999-2012 Gentoo Foundation |
83 |
+# Distributed under the terms of the GNU General Public License v2 |
84 |
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/hardened-sources-2.6.32-r110.ebuild,v 1.1 2012/06/12 17:36:08 blueness Exp $ |
85 |
+ |
86 |
+EAPI="4" |
87 |
+ |
88 |
+ETYPE="sources" |
89 |
+K_WANT_GENPATCHES="base extras" |
90 |
+K_GENPATCHES_VER="48" |
91 |
+K_DEBLOB_AVAILABLE="1" |
92 |
+ |
93 |
+inherit kernel-2 |
94 |
+detect_version |
95 |
+ |
96 |
+HGPV="${KV_MAJOR}.${KV_MINOR}.${KV_PATCH}-113" |
97 |
+HGPV_URI="http://dev.gentoo.org/~blueness/hardened-sources/hardened-patches/hardened-patches-${HGPV}.extras.tar.bz2" |
98 |
+SRC_URI="${KERNEL_URI} ${HGPV_URI} ${GENPATCHES_URI} ${ARCH_URI}" |
99 |
+ |
100 |
+UNIPATCH_LIST="${DISTDIR}/hardened-patches-${HGPV}.extras.tar.bz2" |
101 |
+UNIPATCH_EXCLUDE="4200_fbcondecor-0.9.6.patch" |
102 |
+ |
103 |
+DESCRIPTION="Hardened kernel sources (kernel series ${KV_MAJOR}.${KV_MINOR})" |
104 |
+HOMEPAGE="http://www.gentoo.org/proj/en/hardened/" |
105 |
+IUSE="deblob" |
106 |
+ |
107 |
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86" |
108 |
+ |
109 |
+RDEPEND=">=sys-devel/gcc-4.5" |
110 |
+ |
111 |
+pkg_postinst() { |
112 |
+ kernel-2_pkg_postinst |
113 |
+ |
114 |
+ local GRADM_COMPAT="sys-apps/gradm-2.9.1" |
115 |
+ |
116 |
+ ewarn |
117 |
+ ewarn "Hardened Gentoo provides three different predefined grsecurity level:" |
118 |
+ ewarn "[server], [workstation], and [virtualization]." |
119 |
+ ewarn |
120 |
+ ewarn "Those who intend to use one of these predefined grsecurity levels" |
121 |
+ ewarn "should read the help associated with the level. Users importing a" |
122 |
+ ewarn "kernel configuration from a kernel prior to ${PN}-2.6.32," |
123 |
+ ewarn "should review their selected grsecurity/PaX options carefully." |
124 |
+ ewarn |
125 |
+ ewarn "Users of grsecurity's RBAC system must ensure they are using" |
126 |
+ ewarn "${GRADM_COMPAT}, which is compatible with ${PF}." |
127 |
+ ewarn "It is strongly recommended that the following command is issued" |
128 |
+ ewarn "prior to booting a ${PF} kernel for the first time:" |
129 |
+ ewarn |
130 |
+ ewarn "emerge -na =${GRADM_COMPAT}" |
131 |
+ ewarn |
132 |
+} |
133 |
|
134 |
diff --git a/sys-kernel/hardened-sources/hardened-sources-3.2.20-r1.ebuild b/sys-kernel/hardened-sources/hardened-sources-3.2.20-r1.ebuild |
135 |
new file mode 100644 |
136 |
index 0000000..86c9eff |
137 |
--- /dev/null |
138 |
+++ b/sys-kernel/hardened-sources/hardened-sources-3.2.20-r1.ebuild |
139 |
@@ -0,0 +1,50 @@ |
140 |
+# Copyright 1999-2012 Gentoo Foundation |
141 |
+# Distributed under the terms of the GNU General Public License v2 |
142 |
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/hardened-sources-3.2.20.ebuild,v 1.1 2012/06/12 17:41:51 blueness Exp $ |
143 |
+ |
144 |
+EAPI="4" |
145 |
+ |
146 |
+ETYPE="sources" |
147 |
+K_WANT_GENPATCHES="base extras" |
148 |
+K_GENPATCHES_VER="15" |
149 |
+K_DEBLOB_AVAILABLE="1" |
150 |
+ |
151 |
+inherit kernel-2 |
152 |
+detect_version |
153 |
+ |
154 |
+HGPV="${KV_MAJOR}.${KV_MINOR}.${KV_PATCH}-2" |
155 |
+HGPV_URI="http://dev.gentoo.org/~blueness/hardened-sources/hardened-patches/hardened-patches-${HGPV}.extras.tar.bz2" |
156 |
+SRC_URI="${KERNEL_URI} ${HGPV_URI} ${GENPATCHES_URI} ${ARCH_URI}" |
157 |
+ |
158 |
+UNIPATCH_LIST="${DISTDIR}/hardened-patches-${HGPV}.extras.tar.bz2" |
159 |
+UNIPATCH_EXCLUDE="4200_fbcondecor-0.9.6.patch" |
160 |
+ |
161 |
+DESCRIPTION="Hardened kernel sources (kernel series ${KV_MAJOR}.${KV_MINOR})" |
162 |
+HOMEPAGE="http://www.gentoo.org/proj/en/hardened/" |
163 |
+IUSE="deblob" |
164 |
+ |
165 |
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86" |
166 |
+ |
167 |
+RDEPEND=">=sys-devel/gcc-4.5" |
168 |
+ |
169 |
+pkg_postinst() { |
170 |
+ kernel-2_pkg_postinst |
171 |
+ |
172 |
+ local GRADM_COMPAT="sys-apps/gradm-2.9.1" |
173 |
+ |
174 |
+ ewarn |
175 |
+ ewarn "Hardened Gentoo provides three different predefined grsecurity level:" |
176 |
+ ewarn "[server], [workstation], and [virtualization]. Those who intend to" |
177 |
+ ewarn "use one of these predefined grsecurity levels should read the help" |
178 |
+ ewarn "associated with the level. Because some options require >=gcc-4.5," |
179 |
+ ewarn "users with more, than one version of gcc installed should use gcc-config" |
180 |
+ ewarn "to select a compatible version." |
181 |
+ ewarn |
182 |
+ ewarn "Users of grsecurity's RBAC system must ensure they are using" |
183 |
+ ewarn "${GRADM_COMPAT}, which is compatible with ${PF}." |
184 |
+ ewarn "It is strongly recommended that the following command is issued" |
185 |
+ ewarn "prior to booting a ${PF} kernel for the first time:" |
186 |
+ ewarn |
187 |
+ ewarn "emerge -na =${GRADM_COMPAT}*" |
188 |
+ ewarn |
189 |
+} |