1 |
commit: 2184e4a3924c86c054d883082d215561d22bd83b |
2 |
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
3 |
AuthorDate: Mon Nov 28 01:48:48 2011 +0000 |
4 |
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
5 |
CommitDate: Mon Nov 28 01:48:48 2011 +0000 |
6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=dev/blueness.git;a=commit;h=2184e4a3 |
7 |
|
8 |
sys-kernel/hardened-sources: testing patchset 20111126 |
9 |
|
10 |
(Portage version: 2.1.10.11/git/Linux x86_64, signed Manifest commit with key 0xD0455535) |
11 |
|
12 |
--- |
13 |
sys-kernel/hardened-sources/ChangeLog | 7 +++ |
14 |
sys-kernel/hardened-sources/Manifest | 22 +++++++-- |
15 |
.../hardened-sources-2.6.32-r78.ebuild | 49 ++++++++++++++++++++ |
16 |
.../hardened-sources/hardened-sources-3.1.3.ebuild | 49 ++++++++++++++++++++ |
17 |
4 files changed, 123 insertions(+), 4 deletions(-) |
18 |
|
19 |
diff --git a/sys-kernel/hardened-sources/ChangeLog b/sys-kernel/hardened-sources/ChangeLog |
20 |
index c11c879..99e34bf 100644 |
21 |
--- a/sys-kernel/hardened-sources/ChangeLog |
22 |
+++ b/sys-kernel/hardened-sources/ChangeLog |
23 |
@@ -1,5 +1,12 @@ |
24 |
|
25 |
|
26 |
+*hardened-sources-3.1.3 (28 Nov 2011) |
27 |
+*hardened-sources-2.6.32-r78 (28 Nov 2011) |
28 |
+ |
29 |
+ 28 Nov 2011; Anthony G. Basile <blueness@g.o> |
30 |
+ +hardened-sources-2.6.32-r78.ebuild, +hardened-sources-3.1.3.ebuild: |
31 |
+ testing patchset 20111126 |
32 |
+ |
33 |
23 Nov 2011; Anthony G. Basile <blueness@g.o> |
34 |
-hardened-sources-2.6.32-r77.ebuild, -hardened-sources-3.1.1-r1.ebuild: |
35 |
moved to the tree |
36 |
|
37 |
diff --git a/sys-kernel/hardened-sources/Manifest b/sys-kernel/hardened-sources/Manifest |
38 |
index f1f897e..c83ef2f 100644 |
39 |
--- a/sys-kernel/hardened-sources/Manifest |
40 |
+++ b/sys-kernel/hardened-sources/Manifest |
41 |
@@ -1,12 +1,26 @@ |
42 |
-----BEGIN PGP SIGNED MESSAGE----- |
43 |
Hash: SHA256 |
44 |
|
45 |
-MISC ChangeLog 9064 RMD160 7453ff636c997ff6c75b95ee369c019be3a28f7e SHA1 aae80a54a6dd79c325e08fefe08a296da72f5e2a SHA256 3ed27cfc13db3a4e792109c65e5c31f71bb9b07836a7a684c9845c85bed568a5 |
46 |
+DIST deblob-2.6.32 84094 RMD160 394f46ec5b869638a7bc2e87beb118167c9bd6cb SHA1 1a2a1efb72126609d9e3b9be99ae5be2751efd06 SHA256 de625f0bd221c9c38d4453f1b709622f222d86a0ae9350d2b7b0e17795e6de6d |
47 |
+DIST deblob-3.1 103909 RMD160 723d36ef2574419417bbf30eda6a83aaa91922d7 SHA1 39d2c6e69f4e3b84e112b6e3e9389c983976fe4b SHA256 9dcf6f981cb3681f8afab0a4f814aebd6c2f46f8e635d2f35657d8344ef6b30e |
48 |
+DIST deblob-check-2.6.32 247608 RMD160 840bf8a229ea79810519eee6241edb85b78a6562 SHA1 d45a24eb16e5ac956c0fcddbc1ac4d67e326c7b8 SHA256 da1aecdf3ab7f1207b90642d303e52262ccc2ed9e49739b729512b88950d17f3 |
49 |
+DIST deblob-check-3.1 405438 RMD160 da7efe959bc7c0017214daa764fcb486ff4434f2 SHA1 397157d3f6bf225f8cc4f48b6c05bc56482c2934 SHA256 77d125ae5466049fb3f1fe39ddb9320b66239de782a348c66133de591049db43 |
50 |
+DIST genpatches-2.6.32-44.base.tar.bz2 1012021 RMD160 37aae12613e8d5e0f3cb0ad5f6057a83846e5bdc SHA1 3f4a864c30fd445eff30b480b0b5654c5758b219 SHA256 f00a36ff4e30785eca0816bf1a698b358213e59c5786799b5bddd8322da1c633 |
51 |
+DIST genpatches-2.6.32-44.extras.tar.bz2 24902 RMD160 9e8d686ce4e2bb36e6f6310835b96f64ad8d0f08 SHA1 29ed146cfcfb4470b0f2cea9b4dad07b359c31df SHA256 e105210bca94660f3292751fea0db38c7dea50ea2c5a729faa1dbc9fb348442f |
52 |
+DIST genpatches-3.1-5.base.tar.bz2 115408 RMD160 f2f638fc59ee79de070cdc29ff6c8dbf693a917a SHA1 bf0dcab1f5d9fefa1d2e70f7b60f08b985085d3e SHA256 f0a4ae3a45f5cc0390ca15db2e6933847346725e31fbddaf080994dc65681fb0 |
53 |
+DIST genpatches-3.1-5.extras.tar.bz2 17187 RMD160 7c45690a22d68bb40b90fbd692cd52d786b69a05 SHA1 e780917129e86c668048175ca7de2c6a96701d0b SHA256 c71596744bf82b3605ed5e2e582ea8dd3b8519cd9ff9216514aa37ef63bb9179 |
54 |
+DIST hardened-patches-2.6.32-80.extras.tar.bz2 526290 RMD160 d1ea1000467fee2ca3d170799032d262a643c6ef SHA1 f670bb70b586c67bfecb00614e6da97d3b9c3aa0 SHA256 a96a9ddf5268521f27306c076c7cfbf8b79caa66b9266f440879e4a0c49bdeca |
55 |
+DIST hardened-patches-3.1.3-1.extras.tar.bz2 502787 RMD160 e1c29dac909d9ce3e11afc44ccf009a1d8e17108 SHA1 9edb452a0daba3c0afca79d20d9b6ec431fe4b39 SHA256 86c27503341fdff1d52fb2e701703e5139b9cc50d2a5179d28459790c48a8b12 |
56 |
+DIST linux-2.6.32.tar.bz2 64424138 RMD160 b93742cbaf8174f2200d2dbef0d47a26c618039c SHA1 410b4fc818023bfef60064e973ff0ab46d3bfb19 SHA256 5099786d80b8407d98a619df00209c2353517f22d804fdd9533b362adcb4504e |
57 |
+DIST linux-3.1.tar.bz2 77190238 RMD160 f9a3ce57b9f20a1402ef340792d3c223140ce1d2 SHA1 ac792701561b1cd4279302b8bb8f474731762ad1 SHA256 2573d2378c754b0c602b57586e9311e5b38c5d1e6c137f02873833633a4b9359 |
58 |
+EBUILD hardened-sources-2.6.32-r78.ebuild 1840 RMD160 898e13c0c0e8db48448b7956f001fb575b0ceefb SHA1 b1a8d05245065bf62632bd7b1ac53192a264683a SHA256 a10b345f96542c4ddf47a8664a0df69991f93f70b0ff917fb27aea22d99bf6cc |
59 |
+EBUILD hardened-sources-3.1.3.ebuild 1783 RMD160 4cf2774d588548db57f1beae59d39f69d1dcbeae SHA1 2e307bfd4bd416c888177f1845d5f4e61b3c45a7 SHA256 312ce5933701d57922e46082ce9e4024ac79a47ddb7a798750932991ed35480a |
60 |
+MISC ChangeLog 9301 RMD160 7ca06121fbb429c13441c31beb08f50f9630c887 SHA1 b08bc91d84c0e39ee8b6d94ac106272efbbb87a7 SHA256 8abeee9e013e2d965947cef4356145322893eb5424c05d07079aa3aac92f00bb |
61 |
MISC metadata.xml 578 RMD160 7ea189a37d0f863ae9c52170bb85df27d21686fb SHA1 4765c25d7770a69f7b9dda2b1accc8ff27b74ad0 SHA256 64140e091b51002a5355d8fcfd351f2f39ed63da68af3a5751fc2058d0d03813 |
62 |
-----BEGIN PGP SIGNATURE----- |
63 |
Version: GnuPG v2.0.17 (GNU/Linux) |
64 |
|
65 |
-iEYEAREIAAYFAk7Nh4MACgkQl5yvQNBFVTVhEwCgkrWhAwbV56TNBlteO6cKaU/5 |
66 |
-AzIAn1H1m3MYqLTxJ6bMA7n0vV8j4a/S |
67 |
-=zGyO |
68 |
+iEYEAREIAAYFAk7S6IAACgkQl5yvQNBFVTWifQCfXj08yTBAfZ2RR6w2c5OT+PFx |
69 |
+TaoAnjIXdzIZ9SpE/N8vw5jihAjyhpNr |
70 |
+=ttlg |
71 |
-----END PGP SIGNATURE----- |
72 |
|
73 |
diff --git a/sys-kernel/hardened-sources/hardened-sources-2.6.32-r78.ebuild b/sys-kernel/hardened-sources/hardened-sources-2.6.32-r78.ebuild |
74 |
new file mode 100644 |
75 |
index 0000000..f7b747d |
76 |
--- /dev/null |
77 |
+++ b/sys-kernel/hardened-sources/hardened-sources-2.6.32-r78.ebuild |
78 |
@@ -0,0 +1,49 @@ |
79 |
+# Copyright 1999-2011 Gentoo Foundation |
80 |
+# Distributed under the terms of the GNU General Public License v2 |
81 |
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/hardened-sources-2.6.32-r77.ebuild,v 1.1 2011/11/23 23:46:49 blueness Exp $ |
82 |
+ |
83 |
+EAPI="4" |
84 |
+ |
85 |
+ETYPE="sources" |
86 |
+K_WANT_GENPATCHES="base extras" |
87 |
+K_GENPATCHES_VER="44" |
88 |
+K_DEBLOB_AVAILABLE="1" |
89 |
+ |
90 |
+inherit kernel-2 |
91 |
+detect_version |
92 |
+ |
93 |
+HGPV="${KV_MAJOR}.${KV_MINOR}.${KV_PATCH}-80" |
94 |
+HGPV_URI="http://dev.gentoo.org/~blueness/hardened-sources/hardened-patches/hardened-patches-${HGPV}.extras.tar.bz2" |
95 |
+SRC_URI="${KERNEL_URI} ${HGPV_URI} ${GENPATCHES_URI} ${ARCH_URI}" |
96 |
+ |
97 |
+UNIPATCH_LIST="${DISTDIR}/hardened-patches-${HGPV}.extras.tar.bz2" |
98 |
+UNIPATCH_EXCLUDE="2901_kbuild-fix-passing-wno-options-to-gcc-4.4.patch 4200_fbcondecor-0.9.6.patch" |
99 |
+ |
100 |
+DESCRIPTION="Hardened kernel sources (kernel series ${KV_MAJOR}.${KV_MINOR})" |
101 |
+HOMEPAGE="http://www.gentoo.org/proj/en/hardened/" |
102 |
+IUSE="deblob" |
103 |
+ |
104 |
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86" |
105 |
+ |
106 |
+pkg_postinst() { |
107 |
+ kernel-2_pkg_postinst |
108 |
+ |
109 |
+ local GRADM_COMPAT="sys-apps/gradm-2.2.2*" |
110 |
+ |
111 |
+ ewarn |
112 |
+ ewarn "Hardened Gentoo provides three different predefined grsecurity level:" |
113 |
+ ewarn "[server], [workstation], and [virtualization]." |
114 |
+ ewarn |
115 |
+ ewarn "Those who intend to use one of these predefined grsecurity levels" |
116 |
+ ewarn "should read the help associated with the level. Users importing a" |
117 |
+ ewarn "kernel configuration from a kernel prior to ${PN}-2.6.32," |
118 |
+ ewarn "should review their selected grsecurity/PaX options carefully." |
119 |
+ ewarn |
120 |
+ ewarn "Users of grsecurity's RBAC system must ensure they are using" |
121 |
+ ewarn "${GRADM_COMPAT}, which is compatible with ${PF}." |
122 |
+ ewarn "It is strongly recommended that the following command is issued" |
123 |
+ ewarn "prior to booting a ${PF} kernel for the first time:" |
124 |
+ ewarn |
125 |
+ ewarn "emerge -na =${GRADM_COMPAT}" |
126 |
+ ewarn |
127 |
+} |
128 |
|
129 |
diff --git a/sys-kernel/hardened-sources/hardened-sources-3.1.3.ebuild b/sys-kernel/hardened-sources/hardened-sources-3.1.3.ebuild |
130 |
new file mode 100644 |
131 |
index 0000000..0a35ef7 |
132 |
--- /dev/null |
133 |
+++ b/sys-kernel/hardened-sources/hardened-sources-3.1.3.ebuild |
134 |
@@ -0,0 +1,49 @@ |
135 |
+# Copyright 1999-2011 Gentoo Foundation |
136 |
+# Distributed under the terms of the GNU General Public License v2 |
137 |
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/hardened-sources-3.1.1-r1.ebuild,v 1.1 2011/11/23 23:49:42 blueness Exp $ |
138 |
+ |
139 |
+EAPI="4" |
140 |
+ |
141 |
+ETYPE="sources" |
142 |
+K_WANT_GENPATCHES="base extras" |
143 |
+K_GENPATCHES_VER="5" |
144 |
+K_DEBLOB_AVAILABLE="1" |
145 |
+ |
146 |
+inherit kernel-2 |
147 |
+detect_version |
148 |
+ |
149 |
+HGPV="${KV_MAJOR}.${KV_MINOR}.${KV_PATCH}-1" |
150 |
+HGPV_URI="http://dev.gentoo.org/~blueness/hardened-sources/hardened-patches/hardened-patches-${HGPV}.extras.tar.bz2" |
151 |
+SRC_URI="${KERNEL_URI} ${HGPV_URI} ${GENPATCHES_URI} ${ARCH_URI}" |
152 |
+ |
153 |
+UNIPATCH_LIST="${DISTDIR}/hardened-patches-${HGPV}.extras.tar.bz2" |
154 |
+UNIPATCH_EXCLUDE="4200_fbcondecor-0.9.6.patch" |
155 |
+ |
156 |
+DESCRIPTION="Hardened kernel sources (kernel series ${KV_MAJOR}.${KV_MINOR})" |
157 |
+HOMEPAGE="http://www.gentoo.org/proj/en/hardened/" |
158 |
+IUSE="deblob" |
159 |
+ |
160 |
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86" |
161 |
+ |
162 |
+pkg_postinst() { |
163 |
+ kernel-2_pkg_postinst |
164 |
+ |
165 |
+ local GRADM_COMPAT="sys-apps/gradm-2.2.2*" |
166 |
+ |
167 |
+ ewarn |
168 |
+ ewarn "Hardened Gentoo provides three different predefined grsecurity level:" |
169 |
+ ewarn "[server], [workstation], and [virtualization]." |
170 |
+ ewarn |
171 |
+ ewarn "Those who intend to use one of these predefined grsecurity levels" |
172 |
+ ewarn "should read the help associated with the level. Users importing a" |
173 |
+ ewarn "kernel configuration from a kernel prior to ${PN}-2.6.32," |
174 |
+ ewarn "should review their selected grsecurity/PaX options carefully." |
175 |
+ ewarn |
176 |
+ ewarn "Users of grsecurity's RBAC system must ensure they are using" |
177 |
+ ewarn "${GRADM_COMPAT}, which is compatible with ${PF}." |
178 |
+ ewarn "It is strongly recommended that the following command is issued" |
179 |
+ ewarn "prior to booting a ${PF} kernel for the first time:" |
180 |
+ ewarn |
181 |
+ ewarn "emerge -na =${GRADM_COMPAT}" |
182 |
+ ewarn |
183 |
+} |