1 |
commit: 6fe32b0eaa9c9be5e7029908435d8b86f948a039 |
2 |
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
3 |
AuthorDate: Sun Nov 20 22:25:37 2011 +0000 |
4 |
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
5 |
CommitDate: Sun Nov 20 22:25:37 2011 +0000 |
6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=dev/blueness.git;a=commit;h=6fe32b0e |
7 |
|
8 |
sys-kernel/hardened-xtpax-sources: initial commit XT_PAX based kernel |
9 |
|
10 |
(Portage version: 2.1.10.11/git/Linux x86_64, signed Manifest commit with key 0xD0455535) |
11 |
|
12 |
--- |
13 |
sys-kernel/hardened-xtpax-sources/ChangeLog | 8 +++ |
14 |
sys-kernel/hardened-xtpax-sources/Manifest | 19 +++++++ |
15 |
.../hardened-xtpax-sources-3.1.1.ebuild | 50 ++++++++++++++++++++ |
16 |
sys-kernel/hardened-xtpax-sources/metadata.xml | 17 +++++++ |
17 |
4 files changed, 94 insertions(+), 0 deletions(-) |
18 |
|
19 |
diff --git a/sys-kernel/hardened-xtpax-sources/ChangeLog b/sys-kernel/hardened-xtpax-sources/ChangeLog |
20 |
new file mode 100644 |
21 |
index 0000000..897210a |
22 |
--- /dev/null |
23 |
+++ b/sys-kernel/hardened-xtpax-sources/ChangeLog |
24 |
@@ -0,0 +1,8 @@ |
25 |
+ |
26 |
+ |
27 |
+*hardened-xtpax-sources-3.1.1 (20 Nov 2011) |
28 |
+ |
29 |
+ 20 Nov 2011; Anthony G. Basile <blueness@g.o> |
30 |
+ +hardened-xtpax-sources-3.1.1.ebuild, +metadata.xml: |
31 |
+ Initial commit XT_PAX based kernel |
32 |
+ |
33 |
|
34 |
diff --git a/sys-kernel/hardened-xtpax-sources/Manifest b/sys-kernel/hardened-xtpax-sources/Manifest |
35 |
new file mode 100644 |
36 |
index 0000000..b5605f6 |
37 |
--- /dev/null |
38 |
+++ b/sys-kernel/hardened-xtpax-sources/Manifest |
39 |
@@ -0,0 +1,19 @@ |
40 |
+-----BEGIN PGP SIGNED MESSAGE----- |
41 |
+Hash: SHA256 |
42 |
+ |
43 |
+DIST deblob-3.1 103909 RMD160 723d36ef2574419417bbf30eda6a83aaa91922d7 SHA1 39d2c6e69f4e3b84e112b6e3e9389c983976fe4b SHA256 9dcf6f981cb3681f8afab0a4f814aebd6c2f46f8e635d2f35657d8344ef6b30e |
44 |
+DIST deblob-check-3.1 405438 RMD160 da7efe959bc7c0017214daa764fcb486ff4434f2 SHA1 397157d3f6bf225f8cc4f48b6c05bc56482c2934 SHA256 77d125ae5466049fb3f1fe39ddb9320b66239de782a348c66133de591049db43 |
45 |
+DIST genpatches-3.1-4.base.tar.bz2 107620 RMD160 ffc262a61b4da49a60c09ee666b696405d956389 SHA1 1c8d681e62cf837295012369c2d28daabb1387f6 SHA256 8a025365b17b4b7ed4a5c2e03315932b3ce7c1aa76206a96a80157c57c95f6f4 |
46 |
+DIST genpatches-3.1-4.extras.tar.bz2 17200 RMD160 fa8aa6ba8bc1e554758017d371769536d025bdc1 SHA1 47240cdc21d69d2af05d0b2bd7dcbb1615508f86 SHA256 b108dbf3b5ddad1701cacd2f1c936a63b60d1a4cd86fd7f9311230e3bacac56b |
47 |
+DIST hardened-xtpax-patches-3.1.1-1.extras.tar.bz2 487296 RMD160 e62d01dc0fb48305ccbd7a39631e8f1fe3ef4aae SHA1 98f150993b5c8885a06f3b7f268c5cd11c8e58e8 SHA256 d4599de9c992e3fe858baf59df295576cae89fd20e459d062a1795eb292577cb |
48 |
+DIST linux-3.1.tar.bz2 77190238 RMD160 f9a3ce57b9f20a1402ef340792d3c223140ce1d2 SHA1 ac792701561b1cd4279302b8bb8f474731762ad1 SHA256 2573d2378c754b0c602b57586e9311e5b38c5d1e6c137f02873833633a4b9359 |
49 |
+EBUILD hardened-xtpax-sources-3.1.1.ebuild 1886 RMD160 82c89bbc478da97f2d529b655602ee71804cafd0 SHA1 85388383028c87a89fd750c0d611ed0cecea9e39 SHA256 9f7036b45c60c4b523667709689ceb33f0d89023ae582db8b5c8a91406630063 |
50 |
+MISC ChangeLog 195 RMD160 6d70ae65eea1d8f864c59a96725be4478e8d91e0 SHA1 a04d3c0ac18b978cf03644173988742d9e8fadc9 SHA256 1f4134a6599e698c0e74667ac4da38201072e5ef96261fdf8c690afc37be8370 |
51 |
+MISC metadata.xml 578 RMD160 7ea189a37d0f863ae9c52170bb85df27d21686fb SHA1 4765c25d7770a69f7b9dda2b1accc8ff27b74ad0 SHA256 64140e091b51002a5355d8fcfd351f2f39ed63da68af3a5751fc2058d0d03813 |
52 |
+-----BEGIN PGP SIGNATURE----- |
53 |
+Version: GnuPG v2.0.17 (GNU/Linux) |
54 |
+ |
55 |
+iEYEAREIAAYFAk7JfmEACgkQl5yvQNBFVTXQpwCfY4zT6BjQ9MJkhvMWg64mOOGO |
56 |
+Db0AnRdlgdONnxgb5dODq67+6XUT+p1O |
57 |
+=OfDK |
58 |
+-----END PGP SIGNATURE----- |
59 |
|
60 |
diff --git a/sys-kernel/hardened-xtpax-sources/hardened-xtpax-sources-3.1.1.ebuild b/sys-kernel/hardened-xtpax-sources/hardened-xtpax-sources-3.1.1.ebuild |
61 |
new file mode 100644 |
62 |
index 0000000..df3834f |
63 |
--- /dev/null |
64 |
+++ b/sys-kernel/hardened-xtpax-sources/hardened-xtpax-sources-3.1.1.ebuild |
65 |
@@ -0,0 +1,50 @@ |
66 |
+# Copyright 1999-2011 Gentoo Foundation |
67 |
+# Distributed under the terms of the GNU General Public License v2 |
68 |
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/hardened-sources-3.1.1.ebuild,v 1.1 2011/11/19 18:57:05 blueness Exp $ |
69 |
+ |
70 |
+EAPI="4" |
71 |
+ |
72 |
+ETYPE="sources" |
73 |
+K_WANT_GENPATCHES="base extras" |
74 |
+K_GENPATCHES_VER="4" |
75 |
+K_DEBLOB_AVAILABLE="1" |
76 |
+ |
77 |
+inherit kernel-2 |
78 |
+detect_version |
79 |
+ |
80 |
+HGPV="${KV_MAJOR}.${KV_MINOR}.${KV_PATCH}-1" |
81 |
+HGPV_URI="http://dev.gentoo.org/~blueness/hardened-sources/hardened-patches/hardened-xtpax-patches-${HGPV}.extras.tar.bz2" |
82 |
+SRC_URI="${KERNEL_URI} ${HGPV_URI} ${GENPATCHES_URI} ${ARCH_URI}" |
83 |
+ |
84 |
+UNIPATCH_LIST="${DISTDIR}/hardened-xtpax-patches-${HGPV}.extras.tar.bz2" |
85 |
+#UNIPATCH_EXCLUDE="1700_i386-bigsmp-early-lapicid-override.patch 4200_fbcondecor-0.9.6.patch" |
86 |
+UNIPATCH_EXCLUDE="4200_fbcondecor-0.9.6.patch" |
87 |
+ |
88 |
+DESCRIPTION="Hardened kernel sources (kernel series ${KV_MAJOR}.${KV_MINOR})" |
89 |
+HOMEPAGE="http://www.gentoo.org/proj/en/hardened/" |
90 |
+IUSE="deblob" |
91 |
+ |
92 |
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86" |
93 |
+ |
94 |
+pkg_postinst() { |
95 |
+ kernel-2_pkg_postinst |
96 |
+ |
97 |
+ local GRADM_COMPAT="sys-apps/gradm-2.2.2*" |
98 |
+ |
99 |
+ ewarn |
100 |
+ ewarn "Hardened Gentoo provides three different predefined grsecurity level:" |
101 |
+ ewarn "[server], [workstation], and [virtualization]." |
102 |
+ ewarn |
103 |
+ ewarn "Those who intend to use one of these predefined grsecurity levels" |
104 |
+ ewarn "should read the help associated with the level. Users importing a" |
105 |
+ ewarn "kernel configuration from a kernel prior to ${PN}-2.6.32," |
106 |
+ ewarn "should review their selected grsecurity/PaX options carefully." |
107 |
+ ewarn |
108 |
+ ewarn "Users of grsecurity's RBAC system must ensure they are using" |
109 |
+ ewarn "${GRADM_COMPAT}, which is compatible with ${PF}." |
110 |
+ ewarn "It is strongly recommended that the following command is issued" |
111 |
+ ewarn "prior to booting a ${PF} kernel for the first time:" |
112 |
+ ewarn |
113 |
+ ewarn "emerge -na =${GRADM_COMPAT}" |
114 |
+ ewarn |
115 |
+} |
116 |
|
117 |
diff --git a/sys-kernel/hardened-xtpax-sources/metadata.xml b/sys-kernel/hardened-xtpax-sources/metadata.xml |
118 |
new file mode 100644 |
119 |
index 0000000..6fa414d |
120 |
--- /dev/null |
121 |
+++ b/sys-kernel/hardened-xtpax-sources/metadata.xml |
122 |
@@ -0,0 +1,17 @@ |
123 |
+<?xml version="1.0" encoding="UTF-8"?> |
124 |
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> |
125 |
+<pkgmetadata> |
126 |
+ <herd>kernel</herd> |
127 |
+ <herd>hardened</herd> |
128 |
+ <maintainer> |
129 |
+ <email>blueness@g.o</email> |
130 |
+ <name>Anthony G. Basile</name> |
131 |
+ </maintainer> |
132 |
+ <longdescription> |
133 |
+ hardened-sources is based upon genpatches, and adds the grsecurity |
134 |
+ patch from http://www.grsecurity.net, which also includes PaX. |
135 |
+ </longdescription> |
136 |
+ <use> |
137 |
+ <flag name='deblob'>Remove binary blobs from kernel sources to provide libre license compliance.</flag> |
138 |
+ </use> |
139 |
+</pkgmetadata> |