1 |
commit: f3c13bc1098c6e6454a8f740dcf2e27609e1930b |
2 |
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
3 |
AuthorDate: Wed Jan 4 15:48:04 2012 +0000 |
4 |
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
5 |
CommitDate: Wed Jan 4 15:48:04 2012 +0000 |
6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=dev/blueness.git;a=commit;h=f3c13bc1 |
7 |
|
8 |
sys-kernel/hardened-sources: testing patchset 20120103 |
9 |
|
10 |
(Portage version: 2.1.10.41/git/Linux x86_64, signed Manifest commit with key 0xD0455535) |
11 |
|
12 |
--- |
13 |
sys-kernel/hardened-sources/ChangeLog | 7 +++ |
14 |
sys-kernel/hardened-sources/Manifest | 22 +++++++-- |
15 |
.../hardened-sources-2.6.32-r84.ebuild | 49 +++++++++++++++++++ |
16 |
.../hardened-sources/hardened-sources-3.1.7.ebuild | 50 ++++++++++++++++++++ |
17 |
4 files changed, 124 insertions(+), 4 deletions(-) |
18 |
|
19 |
diff --git a/sys-kernel/hardened-sources/ChangeLog b/sys-kernel/hardened-sources/ChangeLog |
20 |
index 8d55ce0..89b6dca 100644 |
21 |
--- a/sys-kernel/hardened-sources/ChangeLog |
22 |
+++ b/sys-kernel/hardened-sources/ChangeLog |
23 |
@@ -1,5 +1,12 @@ |
24 |
|
25 |
|
26 |
+*hardened-sources-3.1.7 (04 Jan 2012) |
27 |
+*hardened-sources-2.6.32-r84 (04 Jan 2012) |
28 |
+ |
29 |
+ 04 Jan 2012; Anthony G. Basile <blueness@g.o> |
30 |
+ +hardened-sources-2.6.32-r84.ebuild, +hardened-sources-3.1.7.ebuild: |
31 |
+ testing patchset 20120103 |
32 |
+ |
33 |
29 Dec 2011; Anthony G. Basile <blueness@g.o> |
34 |
-hardened-sources-2.6.32-r82.ebuild: |
35 |
moved to tree |
36 |
|
37 |
diff --git a/sys-kernel/hardened-sources/Manifest b/sys-kernel/hardened-sources/Manifest |
38 |
index af7abac..bcc32af 100644 |
39 |
--- a/sys-kernel/hardened-sources/Manifest |
40 |
+++ b/sys-kernel/hardened-sources/Manifest |
41 |
@@ -1,12 +1,26 @@ |
42 |
-----BEGIN PGP SIGNED MESSAGE----- |
43 |
Hash: SHA256 |
44 |
|
45 |
-MISC ChangeLog 11831 RMD160 06eba6f04f43cede09d8269c55ec1a987b3f8eb2 SHA1 6de39e9bb9f3ee6909222d96d3c1825f2274fb49 SHA256 558edad627b37d98c896c73df41a27ba941bf72c466b50a36e02d193a4c71c43 |
46 |
+DIST deblob-2.6.32 84094 RMD160 394f46ec5b869638a7bc2e87beb118167c9bd6cb SHA1 1a2a1efb72126609d9e3b9be99ae5be2751efd06 SHA256 de625f0bd221c9c38d4453f1b709622f222d86a0ae9350d2b7b0e17795e6de6d |
47 |
+DIST deblob-3.1 103909 RMD160 723d36ef2574419417bbf30eda6a83aaa91922d7 SHA1 39d2c6e69f4e3b84e112b6e3e9389c983976fe4b SHA256 9dcf6f981cb3681f8afab0a4f814aebd6c2f46f8e635d2f35657d8344ef6b30e |
48 |
+DIST deblob-check-2.6.32 247608 RMD160 840bf8a229ea79810519eee6241edb85b78a6562 SHA1 d45a24eb16e5ac956c0fcddbc1ac4d67e326c7b8 SHA256 da1aecdf3ab7f1207b90642d303e52262ccc2ed9e49739b729512b88950d17f3 |
49 |
+DIST deblob-check-3.1 405438 RMD160 da7efe959bc7c0017214daa764fcb486ff4434f2 SHA1 397157d3f6bf225f8cc4f48b6c05bc56482c2934 SHA256 77d125ae5466049fb3f1fe39ddb9320b66239de782a348c66133de591049db43 |
50 |
+DIST genpatches-2.6.32-47.base.tar.bz2 1032970 RMD160 233c4a263ad2fca1f4d280f5793cc7a8c295c02c SHA1 0a29f64b5f737ed969939e5e4315ad3f5eed6347 SHA256 a536ee90691f2b2e84e4b043c658a8b5be023822a982393cc96861f8acf84479 |
51 |
+DIST genpatches-2.6.32-47.extras.tar.bz2 24939 RMD160 055706793fb532caeb3d364c5e1bd0ad46aff4b2 SHA1 2a966a4d5f9a718a0d43c25df563d0377154996f SHA256 ee714d14310fd5242ce2e28a8f8e5fda63ba18957960814876506f8754b9d2a0 |
52 |
+DIST genpatches-3.1-9.base.tar.bz2 180138 RMD160 29628cb0a5388ceccf230165a2b221eb1e1c8aad SHA1 565d560c04b589e58bcced7449205937828a6321 SHA256 29dc732ad6969d1a56606d05ddcb5dc7db012416c5feda19178120be5a061909 |
53 |
+DIST genpatches-3.1-9.extras.tar.bz2 17200 RMD160 fa8aa6ba8bc1e554758017d371769536d025bdc1 SHA1 47240cdc21d69d2af05d0b2bd7dcbb1615508f86 SHA256 b108dbf3b5ddad1701cacd2f1c936a63b60d1a4cd86fd7f9311230e3bacac56b |
54 |
+DIST hardened-patches-2.6.32-86.extras.tar.bz2 541665 RMD160 1c473e78757b38391f3ae585265130694fe04573 SHA1 f296e7ff7def1d7d581201a28da524a88c3a39e2 SHA256 3532881e2238b1d55c8629f294d268db5340a704b133689af2c01f07dd14900a |
55 |
+DIST hardened-patches-3.1.7-1.extras.tar.bz2 517209 RMD160 caa6f1d2e62f01dd96211e2e3be33f1b084af73b SHA1 f76f820ac14e28af031d3ab41a6f670d23b6212e SHA256 3933dcdcb37742c2905f6c174cd1f3e5a311ca02364c0b2b6fd80edd9e179138 |
56 |
+DIST linux-2.6.32.tar.bz2 64424138 RMD160 b93742cbaf8174f2200d2dbef0d47a26c618039c SHA1 410b4fc818023bfef60064e973ff0ab46d3bfb19 SHA256 5099786d80b8407d98a619df00209c2353517f22d804fdd9533b362adcb4504e |
57 |
+DIST linux-3.1.tar.bz2 77190238 RMD160 f9a3ce57b9f20a1402ef340792d3c223140ce1d2 SHA1 ac792701561b1cd4279302b8bb8f474731762ad1 SHA256 2573d2378c754b0c602b57586e9311e5b38c5d1e6c137f02873833633a4b9359 |
58 |
+EBUILD hardened-sources-2.6.32-r84.ebuild 1840 RMD160 707db9a4ab76ab11a83b0b78146da9a2dbc463f9 SHA1 ac8670a28a849fb166104202963791caf5ebd1e3 SHA256 dc57fbd62797462aab510f4824ead3b160c79c5535ea8a24fd5948a2fa05fa2d |
59 |
+EBUILD hardened-sources-3.1.7.ebuild 1811 RMD160 612e7ce07e91051ca252c4358eb7af7b7e3b1ca3 SHA1 28731186864039a796634398ea16d54a18b07005 SHA256 8a1028185e1d7a80d0b1ef0e7fcda087ba29dd3ac2848c507fa0611a92410369 |
60 |
+MISC ChangeLog 12068 RMD160 db5491621ab2f63ed7897700b7d5e5766705c81b SHA1 ed896a8ee96119721e074c9f68bab7e69c71de24 SHA256 0d7c40547369d444755e52c8c26e145bd47ae74d5fcdc11880a2686a770eaa9c |
61 |
MISC metadata.xml 578 RMD160 7ea189a37d0f863ae9c52170bb85df27d21686fb SHA1 4765c25d7770a69f7b9dda2b1accc8ff27b74ad0 SHA256 64140e091b51002a5355d8fcfd351f2f39ed63da68af3a5751fc2058d0d03813 |
62 |
-----BEGIN PGP SIGNATURE----- |
63 |
Version: GnuPG v2.0.17 (GNU/Linux) |
64 |
|
65 |
-iEYEAREIAAYFAk78fwIACgkQl5yvQNBFVTV1QgCfSdxuDuzP+D7lxT+rD8y5II9a |
66 |
-n90Anj4cnehqRlK/vUXkIIR1WvoQ0bAf |
67 |
-=bltp |
68 |
+iEYEAREIAAYFAk8EdLQACgkQl5yvQNBFVTVSHACcDYEIWO2ePuGZytS2zdJB3yDt |
69 |
+tEoAnRHpCxBsxDv6k2acfzlxwApsgky5 |
70 |
+=ACxW |
71 |
-----END PGP SIGNATURE----- |
72 |
|
73 |
diff --git a/sys-kernel/hardened-sources/hardened-sources-2.6.32-r84.ebuild b/sys-kernel/hardened-sources/hardened-sources-2.6.32-r84.ebuild |
74 |
new file mode 100644 |
75 |
index 0000000..82cc8c1 |
76 |
--- /dev/null |
77 |
+++ b/sys-kernel/hardened-sources/hardened-sources-2.6.32-r84.ebuild |
78 |
@@ -0,0 +1,49 @@ |
79 |
+# Copyright 1999-2012 Gentoo Foundation |
80 |
+# Distributed under the terms of the GNU General Public License v2 |
81 |
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/hardened-sources-2.6.32-r83.ebuild,v 1.1 2011/12/29 14:38:11 blueness Exp $ |
82 |
+ |
83 |
+EAPI="4" |
84 |
+ |
85 |
+ETYPE="sources" |
86 |
+K_WANT_GENPATCHES="base extras" |
87 |
+K_GENPATCHES_VER="47" |
88 |
+K_DEBLOB_AVAILABLE="1" |
89 |
+ |
90 |
+inherit kernel-2 |
91 |
+detect_version |
92 |
+ |
93 |
+HGPV="${KV_MAJOR}.${KV_MINOR}.${KV_PATCH}-86" |
94 |
+HGPV_URI="http://dev.gentoo.org/~blueness/hardened-sources/hardened-patches/hardened-patches-${HGPV}.extras.tar.bz2" |
95 |
+SRC_URI="${KERNEL_URI} ${HGPV_URI} ${GENPATCHES_URI} ${ARCH_URI}" |
96 |
+ |
97 |
+UNIPATCH_LIST="${DISTDIR}/hardened-patches-${HGPV}.extras.tar.bz2" |
98 |
+UNIPATCH_EXCLUDE="2901_kbuild-fix-passing-wno-options-to-gcc-4.4.patch 4200_fbcondecor-0.9.6.patch" |
99 |
+ |
100 |
+DESCRIPTION="Hardened kernel sources (kernel series ${KV_MAJOR}.${KV_MINOR})" |
101 |
+HOMEPAGE="http://www.gentoo.org/proj/en/hardened/" |
102 |
+IUSE="deblob" |
103 |
+ |
104 |
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86" |
105 |
+ |
106 |
+pkg_postinst() { |
107 |
+ kernel-2_pkg_postinst |
108 |
+ |
109 |
+ local GRADM_COMPAT="sys-apps/gradm-2.2.2*" |
110 |
+ |
111 |
+ ewarn |
112 |
+ ewarn "Hardened Gentoo provides three different predefined grsecurity level:" |
113 |
+ ewarn "[server], [workstation], and [virtualization]." |
114 |
+ ewarn |
115 |
+ ewarn "Those who intend to use one of these predefined grsecurity levels" |
116 |
+ ewarn "should read the help associated with the level. Users importing a" |
117 |
+ ewarn "kernel configuration from a kernel prior to ${PN}-2.6.32," |
118 |
+ ewarn "should review their selected grsecurity/PaX options carefully." |
119 |
+ ewarn |
120 |
+ ewarn "Users of grsecurity's RBAC system must ensure they are using" |
121 |
+ ewarn "${GRADM_COMPAT}, which is compatible with ${PF}." |
122 |
+ ewarn "It is strongly recommended that the following command is issued" |
123 |
+ ewarn "prior to booting a ${PF} kernel for the first time:" |
124 |
+ ewarn |
125 |
+ ewarn "emerge -na =${GRADM_COMPAT}" |
126 |
+ ewarn |
127 |
+} |
128 |
|
129 |
diff --git a/sys-kernel/hardened-sources/hardened-sources-3.1.7.ebuild b/sys-kernel/hardened-sources/hardened-sources-3.1.7.ebuild |
130 |
new file mode 100644 |
131 |
index 0000000..896bc15 |
132 |
--- /dev/null |
133 |
+++ b/sys-kernel/hardened-sources/hardened-sources-3.1.7.ebuild |
134 |
@@ -0,0 +1,50 @@ |
135 |
+# Copyright 1999-2012 Gentoo Foundation |
136 |
+# Distributed under the terms of the GNU General Public License v2 |
137 |
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/hardened-sources-3.1.6.ebuild,v 1.1 2011/12/27 02:15:01 blueness Exp $ |
138 |
+ |
139 |
+EAPI="4" |
140 |
+ |
141 |
+ETYPE="sources" |
142 |
+K_WANT_GENPATCHES="base extras" |
143 |
+K_GENPATCHES_VER="9" |
144 |
+K_DEBLOB_AVAILABLE="1" |
145 |
+ |
146 |
+inherit kernel-2 |
147 |
+detect_version |
148 |
+ |
149 |
+HGPV="${KV_MAJOR}.${KV_MINOR}.${KV_PATCH}-1" |
150 |
+HGPV_URI="http://dev.gentoo.org/~blueness/hardened-sources/hardened-patches/hardened-patches-${HGPV}.extras.tar.bz2" |
151 |
+SRC_URI="${KERNEL_URI} ${HGPV_URI} ${GENPATCHES_URI} ${ARCH_URI}" |
152 |
+ |
153 |
+UNIPATCH_LIST="${DISTDIR}/hardened-patches-${HGPV}.extras.tar.bz2" |
154 |
+UNIPATCH_EXCLUDE="4200_fbcondecor-0.9.6.patch" |
155 |
+ |
156 |
+DESCRIPTION="Hardened kernel sources (kernel series ${KV_MAJOR}.${KV_MINOR})" |
157 |
+HOMEPAGE="http://www.gentoo.org/proj/en/hardened/" |
158 |
+IUSE="deblob" |
159 |
+ |
160 |
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86" |
161 |
+ |
162 |
+RDEPEND=">=sys-devel/gcc-4.5" |
163 |
+ |
164 |
+pkg_postinst() { |
165 |
+ kernel-2_pkg_postinst |
166 |
+ |
167 |
+ local GRADM_COMPAT="sys-apps/gradm-2.2.2*" |
168 |
+ |
169 |
+ ewarn |
170 |
+ ewarn "Hardened Gentoo provides three different predefined grsecurity level:" |
171 |
+ ewarn "[server], [workstation], and [virtualization]. Those who intend to" |
172 |
+ ewarn "use one of these predefined grsecurity levels should read the help" |
173 |
+ ewarn "associated with the level. Because some options require >=gcc-4.5," |
174 |
+ ewarn "users with more, than one version of gcc installed should use gcc-config" |
175 |
+ ewarn "to select a compatible version." |
176 |
+ ewarn |
177 |
+ ewarn "Users of grsecurity's RBAC system must ensure they are using" |
178 |
+ ewarn "${GRADM_COMPAT}, which is compatible with ${PF}." |
179 |
+ ewarn "It is strongly recommended that the following command is issued" |
180 |
+ ewarn "prior to booting a ${PF} kernel for the first time:" |
181 |
+ ewarn |
182 |
+ ewarn "emerge -na =${GRADM_COMPAT}" |
183 |
+ ewarn |
184 |
+} |