From: | "Anthony G. Basile (blueness)" <blueness@g.o> |
---|---|
To: | gentoo-commits@l.g.o |
Subject: | [gentoo-commits] gentoo-x86 commit in sys-kernel/hardened-sources: ChangeLog hardened-sources-2.6.34-r2.ebuild |
Date: | Sat, 21 Aug 2010 11:57:16 |
Message-Id: | 20100821115712.07D032004C@flycatcher.gentoo.org |
1 | blueness 10/08/21 11:57:12 |
2 | |
3 | Modified: ChangeLog |
4 | Added: hardened-sources-2.6.34-r2.ebuild |
5 | Log: |
6 | Based on vanilla 2.6.34.4 + genpatches + grsec-2.2.0-2.6.34.4-201008131840 |
7 | (Portage version: 2.1.8.3/cvs/Linux x86_64) |
8 | |
9 | Revision Changes Path |
10 | 1.333 sys-kernel/hardened-sources/ChangeLog |
11 | |
12 | file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-kernel/hardened-sources/ChangeLog?rev=1.333&view=markup |
13 | plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-kernel/hardened-sources/ChangeLog?rev=1.333&content-type=text/plain |
14 | diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-kernel/hardened-sources/ChangeLog?r1=1.332&r2=1.333 |
15 | |
16 | Index: ChangeLog |
17 | =================================================================== |
18 | RCS file: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v |
19 | retrieving revision 1.332 |
20 | retrieving revision 1.333 |
21 | diff -u -r1.332 -r1.333 |
22 | --- ChangeLog 21 Aug 2010 11:50:29 -0000 1.332 |
23 | +++ ChangeLog 21 Aug 2010 11:57:11 -0000 1.333 |
24 | @@ -1,6 +1,12 @@ |
25 | # ChangeLog for sys-kernel/hardened-sources |
26 | # Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2 |
27 | -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.332 2010/08/21 11:50:29 blueness Exp $ |
28 | +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.333 2010/08/21 11:57:11 blueness Exp $ |
29 | + |
30 | +*hardened-sources-2.6.34-r2 (21 Aug 2010) |
31 | + |
32 | + 21 Aug 2010; Anthony G. Basile <blueness@g.o> |
33 | + +hardened-sources-2.6.34-r2.ebuild: |
34 | + Based on vanilla 2.6.34.4 + genpatches + grsec-2.2.0-2.6.34.4-201008131840 |
35 | |
36 | *hardened-sources-2.6.32-r14 (21 Aug 2010) |
37 | |
38 | |
39 | |
40 | |
41 | 1.1 sys-kernel/hardened-sources/hardened-sources-2.6.34-r2.ebuild |
42 | |
43 | file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-kernel/hardened-sources/hardened-sources-2.6.34-r2.ebuild?rev=1.1&view=markup |
44 | plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-kernel/hardened-sources/hardened-sources-2.6.34-r2.ebuild?rev=1.1&content-type=text/plain |
45 | |
46 | Index: hardened-sources-2.6.34-r2.ebuild |
47 | =================================================================== |
48 | # Copyright 1999-2010 Gentoo Foundation |
49 | # Distributed under the terms of the GNU General Public License v2 |
50 | # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/hardened-sources-2.6.34-r2.ebuild,v 1.1 2010/08/21 11:57:11 blueness Exp $ |
51 | |
52 | ETYPE="sources" |
53 | K_WANT_GENPATCHES="base extras" |
54 | K_GENPATCHES_VER="8" |
55 | |
56 | inherit kernel-2 |
57 | detect_version |
58 | |
59 | HGPV="${KV_MAJOR}.${KV_MINOR}.${KV_PATCH}-3" |
60 | HGPV_URI="mirror://gentoo/hardened-patches-${HGPV}.extras.tar.bz2" |
61 | SRC_URI="${KERNEL_URI} ${HGPV_URI} ${GENPATCHES_URI} ${ARCH_URI}" |
62 | |
63 | # Note: 4420_grsecurity-2.2.0-2.6.34.4-201008131840.patch includes |
64 | # 1800_page-table-unmap-for-stack-guard-fix.patch so we don't want |
65 | # to apply it twice: see https://bugzilla.kernel.org/show_bug.cgi?id=16588 |
66 | UNIPATCH_LIST="${DISTDIR}/hardened-patches-${HGPV}.extras.tar.bz2" |
67 | UNIPATCH_EXCLUDE="1800_page-table-unmap-for-stack-guard-fix.patch 4200_fbcondecor-0.9.6.patch" |
68 | |
69 | DESCRIPTION="Hardened kernel sources (kernel series ${KV_MAJOR}.${KV_MINOR})" |
70 | HOMEPAGE="http://www.gentoo.org/proj/en/hardened/" |
71 | IUSE="" |
72 | |
73 | KEYWORDS="~alpha ~amd64 ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86" |
74 | |
75 | pkg_postinst() { |
76 | kernel-2_pkg_postinst |
77 | |
78 | local GRADM_COMPAT="sys-apps/gradm-2.2.0*" |
79 | |
80 | ewarn |
81 | ewarn "Hardened Gentoo provides four different predefined grsecurity level:" |
82 | ewarn "[server], [server no rbac] [workstation] [workstation no rbac]" |
83 | ewarn |
84 | ewarn "Those who intend to use one of these predefined grsecurity levels" |
85 | ewarn "should read the help associated with the level. Users importing a" |
86 | ewarn "kernel configuration from a kernel prior to ${PN}-2.6.32," |
87 | ewarn "should review their selected grsecurity/PaX options carefully." |
88 | ewarn |
89 | ewarn "Users of grsecurity's RBAC system must ensure they are using" |
90 | ewarn "${GRADM_COMPAT}, which is compatible with ${PF}." |
91 | ewarn "It is strongly recommended that the following command is issued" |
92 | ewarn "prior to booting a ${PF} kernel for the first time:" |
93 | ewarn |
94 | ewarn "emerge -na =${GRADM_COMPAT}" |
95 | ewarn |
96 | } |