1 |
commit: 31b7716f485915a67393a08651a3afb925813d51 |
2 |
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
3 |
AuthorDate: Sun Sep 4 23:05:49 2011 +0000 |
4 |
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
5 |
CommitDate: Sun Sep 4 23:05:49 2011 +0000 |
6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=dev/blueness.git;a=commit;h=31b7716f |
7 |
|
8 |
sys-kernel/hardened-rsbac-sources: initial commit |
9 |
|
10 |
(Portage version: 2.1.10.11/git/Linux x86_64, signed Manifest commit with key 0xD0455535) |
11 |
|
12 |
--- |
13 |
sys-kernel/hardened-rsbac-sources/ChangeLog | 8 +++ |
14 |
sys-kernel/hardened-rsbac-sources/Manifest | 17 +++++++ |
15 |
.../hardened-rsbac-sources-3.0.4.ebuild | 48 ++++++++++++++++++++ |
16 |
sys-kernel/hardened-rsbac-sources/metadata.xml | 17 +++++++ |
17 |
4 files changed, 90 insertions(+), 0 deletions(-) |
18 |
|
19 |
diff --git a/sys-kernel/hardened-rsbac-sources/ChangeLog b/sys-kernel/hardened-rsbac-sources/ChangeLog |
20 |
new file mode 100644 |
21 |
index 0000000..726039d |
22 |
--- /dev/null |
23 |
+++ b/sys-kernel/hardened-rsbac-sources/ChangeLog |
24 |
@@ -0,0 +1,8 @@ |
25 |
+ |
26 |
+ |
27 |
+*hardened-rsbac-sources-3.0.4 (04 Sep 2011) |
28 |
+ |
29 |
+ 04 Sep 2011; Anthony G. Basile <blueness@g.o> |
30 |
+ +hardened-rsbac-sources-3.0.4.ebuild, +metadata.xml: |
31 |
+ Initial commit of GRSEC/PaX + RSBAC patched kernel |
32 |
+ |
33 |
|
34 |
diff --git a/sys-kernel/hardened-rsbac-sources/Manifest b/sys-kernel/hardened-rsbac-sources/Manifest |
35 |
new file mode 100644 |
36 |
index 0000000..e7e3044 |
37 |
--- /dev/null |
38 |
+++ b/sys-kernel/hardened-rsbac-sources/Manifest |
39 |
@@ -0,0 +1,17 @@ |
40 |
+-----BEGIN PGP SIGNED MESSAGE----- |
41 |
+Hash: SHA256 |
42 |
+ |
43 |
+DIST genpatches-3.0-5.base.tar.bz2 112593 RMD160 0f0731dd5565622817c43cc15c133e02f53bf070 SHA1 89947def4e6a2ca55a73bb35fb80f04b081e8a75 SHA256 5a93e459e4e5fb1e38fc3d8a37533aaeee9e77fc00d45105d8d49584c1ae345e |
44 |
+DIST genpatches-3.0-5.extras.tar.bz2 17207 RMD160 0f04fef1fe76c9b9cbe7c497faae19b015caff72 SHA1 89935647c22c0a8b98dd568e97312ca64378a263 SHA256 ec88ca4408c668a2c4d2d25c3d4a8c67fad4bb08133db91bbb929c0053305fda |
45 |
+DIST hardened-rsbac-patches-3.0.4-1.extras.tar.bz2 867782 RMD160 8dfa7c018992a1b0e42520cb5168e2ccbf4f5112 SHA1 6fac9f5cd97585a882cae0dc9f2fdc3a27eb3bdd SHA256 92a35ae83d4b806a724919a2601ec6a3f41af81b066025e16a8cea54173b34de |
46 |
+DIST linux-3.0.tar.bz2 76753134 RMD160 e20c9564ec0c8128e28a4c038986d4d93bbe34bb SHA1 45b64bffc860f70ab7956da4493c488010714650 SHA256 64b0228b54ce39b0b2df086109a7b737cde58e3df4f779506ddcaccee90356a0 |
47 |
+EBUILD hardened-rsbac-sources-3.0.4.ebuild 1737 RMD160 99fd471d97eb5b11858e3a231b4250f2466170d4 SHA1 ea753017e55ff61585ea7da380bc57ef51998960 SHA256 47c4da68c391a2c3ddbb487a9d1ab122a4ed5a1f338312a99a2ac8bf3914d1f9 |
48 |
+MISC ChangeLog 211 RMD160 c46365b24839b001e93f24de2fb1a3c91d75bbf7 SHA1 b93f84e6532a7029a2df38fac9f56db2337d4fda SHA256 da0f20fccd57a91fd3a85aec33411b185caf25ba32103b59e3ce0d37956185a8 |
49 |
+MISC metadata.xml 581 RMD160 3aa8f6dc75314d009c3803019c64ae309ff542bf SHA1 20f233bcb6e26f80a0e0950b522b16b4d4c1d22b SHA256 1c5b7d60e27191976596f931b82b1f67b2a12e05c48b444d9686280a0773ec12 |
50 |
+-----BEGIN PGP SIGNATURE----- |
51 |
+Version: GnuPG v2.0.17 (GNU/Linux) |
52 |
+ |
53 |
+iEYEAREIAAYFAk5kBE0ACgkQl5yvQNBFVTWuSwCfVB4lbhYVDWCQJ+8c3UDc8iXV |
54 |
+U04AoIckfRYJCy6PTzSY02hqGPpZjeym |
55 |
+=YzKH |
56 |
+-----END PGP SIGNATURE----- |
57 |
|
58 |
diff --git a/sys-kernel/hardened-rsbac-sources/hardened-rsbac-sources-3.0.4.ebuild b/sys-kernel/hardened-rsbac-sources/hardened-rsbac-sources-3.0.4.ebuild |
59 |
new file mode 100644 |
60 |
index 0000000..11806e6 |
61 |
--- /dev/null |
62 |
+++ b/sys-kernel/hardened-rsbac-sources/hardened-rsbac-sources-3.0.4.ebuild |
63 |
@@ -0,0 +1,48 @@ |
64 |
+# Copyright 1999-2011 Gentoo Foundation |
65 |
+# Distributed under the terms of the GNU General Public License v2 |
66 |
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/hardened-sources-3.0.4-r1.ebuild,v 1.1 2011/09/04 20:42:00 blueness Exp $ |
67 |
+ |
68 |
+EAPI="4" |
69 |
+ |
70 |
+ETYPE="sources" |
71 |
+K_WANT_GENPATCHES="base extras" |
72 |
+K_GENPATCHES_VER="5" |
73 |
+ |
74 |
+inherit kernel-2 |
75 |
+detect_version |
76 |
+ |
77 |
+HGPV="${KV_MAJOR}.${KV_MINOR}.${KV_PATCH}-1" |
78 |
+HGPV_URI="http://dev.gentoo.org/~blueness/hardened-sources/hardened-rsbac-patches/hardened-rsbac-patches-${HGPV}.extras.tar.bz2" |
79 |
+SRC_URI="${KERNEL_URI} ${HGPV_URI} ${GENPATCHES_URI} ${ARCH_URI}" |
80 |
+ |
81 |
+UNIPATCH_LIST="${DISTDIR}/hardened-rsbac-patches-${HGPV}.extras.tar.bz2" |
82 |
+UNIPATCH_EXCLUDE="4200_fbcondecor-0.9.6.patch" |
83 |
+ |
84 |
+DESCRIPTION="Hardened + RSBAC kernel sources (kernel series ${KV_MAJOR}.${KV_MINOR})" |
85 |
+HOMEPAGE="http://www.gentoo.org/proj/en/hardened/" |
86 |
+IUSE="" |
87 |
+ |
88 |
+KEYWORDS="~amd64 ~x86" |
89 |
+ |
90 |
+pkg_postinst() { |
91 |
+ kernel-2_pkg_postinst |
92 |
+ |
93 |
+ local GRADM_COMPAT="sys-apps/gradm-2.2.2*" |
94 |
+ |
95 |
+ ewarn |
96 |
+ ewarn "Hardened Gentoo provides three different predefined grsecurity level:" |
97 |
+ ewarn "[server], [workstation], and [virtualization]." |
98 |
+ ewarn |
99 |
+ ewarn "Those who intend to use one of these predefined grsecurity levels" |
100 |
+ ewarn "should read the help associated with the level. Users importing a" |
101 |
+ ewarn "kernel configuration from a kernel prior to ${PN}-2.6.32," |
102 |
+ ewarn "should review their selected grsecurity/PaX options carefully." |
103 |
+ ewarn |
104 |
+ ewarn "Users of grsecurity's RBAC system must ensure they are using" |
105 |
+ ewarn "${GRADM_COMPAT}, which is compatible with ${PF}." |
106 |
+ ewarn "It is strongly recommended that the following command is issued" |
107 |
+ ewarn "prior to booting a ${PF} kernel for the first time:" |
108 |
+ ewarn |
109 |
+ ewarn "emerge -na =${GRADM_COMPAT}" |
110 |
+ ewarn |
111 |
+} |
112 |
|
113 |
diff --git a/sys-kernel/hardened-rsbac-sources/metadata.xml b/sys-kernel/hardened-rsbac-sources/metadata.xml |
114 |
new file mode 100644 |
115 |
index 0000000..a326b7e |
116 |
--- /dev/null |
117 |
+++ b/sys-kernel/hardened-rsbac-sources/metadata.xml |
118 |
@@ -0,0 +1,17 @@ |
119 |
+<?xml version="1.0" encoding="UTF-8"?> |
120 |
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> |
121 |
+<pkgmetadata> |
122 |
+ <herd>kernel</herd> |
123 |
+ <herd>hardened</herd> |
124 |
+ <maintainer> |
125 |
+ <email>blueness@g.o</email> |
126 |
+ <name>Anthony G. Basile</name> |
127 |
+ </maintainer> |
128 |
+ <longdescription> |
129 |
+ hardened-rsbac-sources adds the grsecurity/PaX patch from http://www.grsecurity.net, |
130 |
+ and the RSBAC patch from http://www.rsbac.org/ |
131 |
+ </longdescription> |
132 |
+ <use> |
133 |
+ <flag name='deblob'>Remove binary blobs from kernel sources to provide libre license compliance.</flag> |
134 |
+ </use> |
135 |
+</pkgmetadata> |