[gentoo-commits] dev/blueness:master commit in: sys-kernel/hardened-xtpax-sources/ - gentoo-commits

From:	"Anthony G. Basile" <blueness@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] dev/blueness:master commit in: sys-kernel/hardened-xtpax-sources/
Date:	Sun, 20 Nov 2011 22:27:45
Message-Id:	`6fe32b0eaa9c9be5e7029908435d8b86f948a039.blueness@gentoo`

1

commit:     6fe32b0eaa9c9be5e7029908435d8b86f948a039

2

Author:     Anthony G. Basile <blueness <AT> gentoo <DOT> org>

3

AuthorDate: Sun Nov 20 22:25:37 2011 +0000

4

Commit:     Anthony G. Basile <blueness <AT> gentoo <DOT> org>

5

CommitDate: Sun Nov 20 22:25:37 2011 +0000

6

URL:        http://git.overlays.gentoo.org/gitweb/?p=dev/blueness.git;a=commit;h=6fe32b0e

7

8

sys-kernel/hardened-xtpax-sources: initial commit XT_PAX based kernel

9

10

(Portage version: 2.1.10.11/git/Linux x86_64, signed Manifest commit with key 0xD0455535)

11

12

---

13

 sys-kernel/hardened-xtpax-sources/ChangeLog        |    8 +++

14

 sys-kernel/hardened-xtpax-sources/Manifest         |   19 +++++++

15

 .../hardened-xtpax-sources-3.1.1.ebuild            |   50 ++++++++++++++++++++

16

 sys-kernel/hardened-xtpax-sources/metadata.xml     |   17 +++++++

17

 4 files changed, 94 insertions(+), 0 deletions(-)

18

19

diff --git a/sys-kernel/hardened-xtpax-sources/ChangeLog b/sys-kernel/hardened-xtpax-sources/ChangeLog

20

new file mode 100644

21

index 0000000..897210a

22

--- /dev/null

23

+++ b/sys-kernel/hardened-xtpax-sources/ChangeLog

24

@@ -0,0 +1,8 @@

25

+

26

+

27

+*hardened-xtpax-sources-3.1.1 (20 Nov 2011)

28

+

29

+  20 Nov 2011; Anthony G. Basile <blueness@g.o>

30

+  +hardened-xtpax-sources-3.1.1.ebuild, +metadata.xml:

31

+  Initial commit XT_PAX based kernel

32

+

33

34

diff --git a/sys-kernel/hardened-xtpax-sources/Manifest b/sys-kernel/hardened-xtpax-sources/Manifest

35

new file mode 100644

36

index 0000000..b5605f6

37

--- /dev/null

38

+++ b/sys-kernel/hardened-xtpax-sources/Manifest

39

@@ -0,0 +1,19 @@

40

+-----BEGIN PGP SIGNED MESSAGE-----

41

+Hash: SHA256

42

+

43

+DIST deblob-3.1 103909 RMD160 723d36ef2574419417bbf30eda6a83aaa91922d7 SHA1 39d2c6e69f4e3b84e112b6e3e9389c983976fe4b SHA256 9dcf6f981cb3681f8afab0a4f814aebd6c2f46f8e635d2f35657d8344ef6b30e

44

+DIST deblob-check-3.1 405438 RMD160 da7efe959bc7c0017214daa764fcb486ff4434f2 SHA1 397157d3f6bf225f8cc4f48b6c05bc56482c2934 SHA256 77d125ae5466049fb3f1fe39ddb9320b66239de782a348c66133de591049db43

45

+DIST genpatches-3.1-4.base.tar.bz2 107620 RMD160 ffc262a61b4da49a60c09ee666b696405d956389 SHA1 1c8d681e62cf837295012369c2d28daabb1387f6 SHA256 8a025365b17b4b7ed4a5c2e03315932b3ce7c1aa76206a96a80157c57c95f6f4

46

+DIST genpatches-3.1-4.extras.tar.bz2 17200 RMD160 fa8aa6ba8bc1e554758017d371769536d025bdc1 SHA1 47240cdc21d69d2af05d0b2bd7dcbb1615508f86 SHA256 b108dbf3b5ddad1701cacd2f1c936a63b60d1a4cd86fd7f9311230e3bacac56b

47

+DIST hardened-xtpax-patches-3.1.1-1.extras.tar.bz2 487296 RMD160 e62d01dc0fb48305ccbd7a39631e8f1fe3ef4aae SHA1 98f150993b5c8885a06f3b7f268c5cd11c8e58e8 SHA256 d4599de9c992e3fe858baf59df295576cae89fd20e459d062a1795eb292577cb

48

+DIST linux-3.1.tar.bz2 77190238 RMD160 f9a3ce57b9f20a1402ef340792d3c223140ce1d2 SHA1 ac792701561b1cd4279302b8bb8f474731762ad1 SHA256 2573d2378c754b0c602b57586e9311e5b38c5d1e6c137f02873833633a4b9359

49

+EBUILD hardened-xtpax-sources-3.1.1.ebuild 1886 RMD160 82c89bbc478da97f2d529b655602ee71804cafd0 SHA1 85388383028c87a89fd750c0d611ed0cecea9e39 SHA256 9f7036b45c60c4b523667709689ceb33f0d89023ae582db8b5c8a91406630063

50

+MISC ChangeLog 195 RMD160 6d70ae65eea1d8f864c59a96725be4478e8d91e0 SHA1 a04d3c0ac18b978cf03644173988742d9e8fadc9 SHA256 1f4134a6599e698c0e74667ac4da38201072e5ef96261fdf8c690afc37be8370

51

+MISC metadata.xml 578 RMD160 7ea189a37d0f863ae9c52170bb85df27d21686fb SHA1 4765c25d7770a69f7b9dda2b1accc8ff27b74ad0 SHA256 64140e091b51002a5355d8fcfd351f2f39ed63da68af3a5751fc2058d0d03813

52

+-----BEGIN PGP SIGNATURE-----

53

+Version: GnuPG v2.0.17 (GNU/Linux)

54

+

55

+iEYEAREIAAYFAk7JfmEACgkQl5yvQNBFVTXQpwCfY4zT6BjQ9MJkhvMWg64mOOGO

56

+Db0AnRdlgdONnxgb5dODq67+6XUT+p1O

57

+=OfDK

58

+-----END PGP SIGNATURE-----

59

60

diff --git a/sys-kernel/hardened-xtpax-sources/hardened-xtpax-sources-3.1.1.ebuild b/sys-kernel/hardened-xtpax-sources/hardened-xtpax-sources-3.1.1.ebuild

61

new file mode 100644

62

index 0000000..df3834f

63

--- /dev/null

64

+++ b/sys-kernel/hardened-xtpax-sources/hardened-xtpax-sources-3.1.1.ebuild

65

@@ -0,0 +1,50 @@

66

+# Copyright 1999-2011 Gentoo Foundation

67

+# Distributed under the terms of the GNU General Public License v2

68

+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/hardened-sources-3.1.1.ebuild,v 1.1 2011/11/19 18:57:05 blueness Exp $

69

+

70

+EAPI="4"

71

+

72

+ETYPE="sources"

73

+K_WANT_GENPATCHES="base extras"

74

+K_GENPATCHES_VER="4"

75

+K_DEBLOB_AVAILABLE="1"

76

+

77

+inherit kernel-2

78

+detect_version

79

+

80

+HGPV="${KV_MAJOR}.${KV_MINOR}.${KV_PATCH}-1"

81

+HGPV_URI="http://dev.gentoo.org/~blueness/hardened-sources/hardened-patches/hardened-xtpax-patches-${HGPV}.extras.tar.bz2"

82

+SRC_URI="${KERNEL_URI} ${HGPV_URI} ${GENPATCHES_URI} ${ARCH_URI}"

83

+

84

+UNIPATCH_LIST="${DISTDIR}/hardened-xtpax-patches-${HGPV}.extras.tar.bz2"

85

+#UNIPATCH_EXCLUDE="1700_i386-bigsmp-early-lapicid-override.patch 4200_fbcondecor-0.9.6.patch"

86

+UNIPATCH_EXCLUDE="4200_fbcondecor-0.9.6.patch"

87

+

88

+DESCRIPTION="Hardened kernel sources (kernel series ${KV_MAJOR}.${KV_MINOR})"

89

+HOMEPAGE="http://www.gentoo.org/proj/en/hardened/"

90

+IUSE="deblob"

91

+

92

+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86"

93

+

94

+pkg_postinst() {

95

+	kernel-2_pkg_postinst

96

+

97

+	local GRADM_COMPAT="sys-apps/gradm-2.2.2*"

98

+

99

+	ewarn

100

+	ewarn "Hardened Gentoo provides three different predefined grsecurity level:"

101

+	ewarn "[server], [workstation], and [virtualization]."

102

+	ewarn

103

+	ewarn "Those who intend to use one of these predefined grsecurity levels"

104

+	ewarn "should read the help associated with the level.  Users importing a"

105

+	ewarn "kernel configuration from a kernel prior to ${PN}-2.6.32,"

106

+	ewarn "should review their selected grsecurity/PaX options carefully."

107

+	ewarn

108

+	ewarn "Users of grsecurity's RBAC system must ensure they are using"

109

+	ewarn "${GRADM_COMPAT}, which is compatible with ${PF}."

110

+	ewarn "It is strongly recommended that the following command is issued"

111

+	ewarn "prior to booting a ${PF} kernel for the first time:"

112

+	ewarn

113

+	ewarn "emerge -na =${GRADM_COMPAT}"

114

+	ewarn

115

+}

116

117

diff --git a/sys-kernel/hardened-xtpax-sources/metadata.xml b/sys-kernel/hardened-xtpax-sources/metadata.xml

118

new file mode 100644

119

index 0000000..6fa414d

120

--- /dev/null

121

+++ b/sys-kernel/hardened-xtpax-sources/metadata.xml

122

@@ -0,0 +1,17 @@

123

+<?xml version="1.0" encoding="UTF-8"?>

124

+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">

125

+<pkgmetadata>

126

+	<herd>kernel</herd>

127

+	<herd>hardened</herd>

128

+	<maintainer>

129

+		<email>blueness@g.o</email>

130

+		<name>Anthony G. Basile</name>

131

+	</maintainer>

132

+	<longdescription>

133

+		hardened-sources is based upon genpatches, and adds the grsecurity

134

+		patch from http://www.grsecurity.net, which also includes PaX.

135

+	</longdescription>

136

+	<use>

137

+		<flag name='deblob'>Remove binary blobs from kernel sources to provide libre license compliance.</flag>

138

+  	</use>

139

+</pkgmetadata>

1	commit: 6fe32b0eaa9c9be5e7029908435d8b86f948a039
2	Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
3	AuthorDate: Sun Nov 20 22:25:37 2011 +0000
4	Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
5	CommitDate: Sun Nov 20 22:25:37 2011 +0000
6	URL: http://git.overlays.gentoo.org/gitweb/?p=dev/blueness.git;a=commit;h=6fe32b0e
7
8	sys-kernel/hardened-xtpax-sources: initial commit XT_PAX based kernel
9
10	(Portage version: 2.1.10.11/git/Linux x86_64, signed Manifest commit with key 0xD0455535)
11
12	---
13	sys-kernel/hardened-xtpax-sources/ChangeLog \| 8 +++
14	sys-kernel/hardened-xtpax-sources/Manifest \| 19 +++++++
15	.../hardened-xtpax-sources-3.1.1.ebuild \| 50 ++++++++++++++++++++
16	sys-kernel/hardened-xtpax-sources/metadata.xml \| 17 +++++++
17	4 files changed, 94 insertions(+), 0 deletions(-)
18
19	diff --git a/sys-kernel/hardened-xtpax-sources/ChangeLog b/sys-kernel/hardened-xtpax-sources/ChangeLog
20	new file mode 100644
21	index 0000000..897210a
22	--- /dev/null
23	+++ b/sys-kernel/hardened-xtpax-sources/ChangeLog
24	@@ -0,0 +1,8 @@
25	+
26	+
27	+*hardened-xtpax-sources-3.1.1 (20 Nov 2011)
28	+
29	+ 20 Nov 2011; Anthony G. Basile <blueness@g.o>
30	+ +hardened-xtpax-sources-3.1.1.ebuild, +metadata.xml:
31	+ Initial commit XT_PAX based kernel
32	+
33
34	diff --git a/sys-kernel/hardened-xtpax-sources/Manifest b/sys-kernel/hardened-xtpax-sources/Manifest
35	new file mode 100644
36	index 0000000..b5605f6
37	--- /dev/null
38	+++ b/sys-kernel/hardened-xtpax-sources/Manifest
39	@@ -0,0 +1,19 @@
40	+-----BEGIN PGP SIGNED MESSAGE-----
41	+Hash: SHA256
42	+
43	+DIST deblob-3.1 103909 RMD160 723d36ef2574419417bbf30eda6a83aaa91922d7 SHA1 39d2c6e69f4e3b84e112b6e3e9389c983976fe4b SHA256 9dcf6f981cb3681f8afab0a4f814aebd6c2f46f8e635d2f35657d8344ef6b30e
44	+DIST deblob-check-3.1 405438 RMD160 da7efe959bc7c0017214daa764fcb486ff4434f2 SHA1 397157d3f6bf225f8cc4f48b6c05bc56482c2934 SHA256 77d125ae5466049fb3f1fe39ddb9320b66239de782a348c66133de591049db43
45	+DIST genpatches-3.1-4.base.tar.bz2 107620 RMD160 ffc262a61b4da49a60c09ee666b696405d956389 SHA1 1c8d681e62cf837295012369c2d28daabb1387f6 SHA256 8a025365b17b4b7ed4a5c2e03315932b3ce7c1aa76206a96a80157c57c95f6f4
46	+DIST genpatches-3.1-4.extras.tar.bz2 17200 RMD160 fa8aa6ba8bc1e554758017d371769536d025bdc1 SHA1 47240cdc21d69d2af05d0b2bd7dcbb1615508f86 SHA256 b108dbf3b5ddad1701cacd2f1c936a63b60d1a4cd86fd7f9311230e3bacac56b
47	+DIST hardened-xtpax-patches-3.1.1-1.extras.tar.bz2 487296 RMD160 e62d01dc0fb48305ccbd7a39631e8f1fe3ef4aae SHA1 98f150993b5c8885a06f3b7f268c5cd11c8e58e8 SHA256 d4599de9c992e3fe858baf59df295576cae89fd20e459d062a1795eb292577cb
48	+DIST linux-3.1.tar.bz2 77190238 RMD160 f9a3ce57b9f20a1402ef340792d3c223140ce1d2 SHA1 ac792701561b1cd4279302b8bb8f474731762ad1 SHA256 2573d2378c754b0c602b57586e9311e5b38c5d1e6c137f02873833633a4b9359
49	+EBUILD hardened-xtpax-sources-3.1.1.ebuild 1886 RMD160 82c89bbc478da97f2d529b655602ee71804cafd0 SHA1 85388383028c87a89fd750c0d611ed0cecea9e39 SHA256 9f7036b45c60c4b523667709689ceb33f0d89023ae582db8b5c8a91406630063
50	+MISC ChangeLog 195 RMD160 6d70ae65eea1d8f864c59a96725be4478e8d91e0 SHA1 a04d3c0ac18b978cf03644173988742d9e8fadc9 SHA256 1f4134a6599e698c0e74667ac4da38201072e5ef96261fdf8c690afc37be8370
51	+MISC metadata.xml 578 RMD160 7ea189a37d0f863ae9c52170bb85df27d21686fb SHA1 4765c25d7770a69f7b9dda2b1accc8ff27b74ad0 SHA256 64140e091b51002a5355d8fcfd351f2f39ed63da68af3a5751fc2058d0d03813
52	+-----BEGIN PGP SIGNATURE-----
53	+Version: GnuPG v2.0.17 (GNU/Linux)
54	+
55	+iEYEAREIAAYFAk7JfmEACgkQl5yvQNBFVTXQpwCfY4zT6BjQ9MJkhvMWg64mOOGO
56	+Db0AnRdlgdONnxgb5dODq67+6XUT+p1O
57	+=OfDK
58	+-----END PGP SIGNATURE-----
59
60	diff --git a/sys-kernel/hardened-xtpax-sources/hardened-xtpax-sources-3.1.1.ebuild b/sys-kernel/hardened-xtpax-sources/hardened-xtpax-sources-3.1.1.ebuild
61	new file mode 100644
62	index 0000000..df3834f
63	--- /dev/null
64	+++ b/sys-kernel/hardened-xtpax-sources/hardened-xtpax-sources-3.1.1.ebuild
65	@@ -0,0 +1,50 @@
66	+# Copyright 1999-2011 Gentoo Foundation
67	+# Distributed under the terms of the GNU General Public License v2
68	+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/hardened-sources-3.1.1.ebuild,v 1.1 2011/11/19 18:57:05 blueness Exp $
69	+
70	+EAPI="4"
71	+
72	+ETYPE="sources"
73	+K_WANT_GENPATCHES="base extras"
74	+K_GENPATCHES_VER="4"
75	+K_DEBLOB_AVAILABLE="1"
76	+
77	+inherit kernel-2
78	+detect_version
79	+
80	+HGPV="${KV_MAJOR}.${KV_MINOR}.${KV_PATCH}-1"
81	+HGPV_URI="http://dev.gentoo.org/~blueness/hardened-sources/hardened-patches/hardened-xtpax-patches-${HGPV}.extras.tar.bz2"
82	+SRC_URI="${KERNEL_URI} ${HGPV_URI} ${GENPATCHES_URI} ${ARCH_URI}"
83	+
84	+UNIPATCH_LIST="${DISTDIR}/hardened-xtpax-patches-${HGPV}.extras.tar.bz2"
85	+#UNIPATCH_EXCLUDE="1700_i386-bigsmp-early-lapicid-override.patch 4200_fbcondecor-0.9.6.patch"
86	+UNIPATCH_EXCLUDE="4200_fbcondecor-0.9.6.patch"
87	+
88	+DESCRIPTION="Hardened kernel sources (kernel series ${KV_MAJOR}.${KV_MINOR})"
89	+HOMEPAGE="http://www.gentoo.org/proj/en/hardened/"
90	+IUSE="deblob"
91	+
92	+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86"
93	+
94	+pkg_postinst() {
95	+ kernel-2_pkg_postinst
96	+
97	+ local GRADM_COMPAT="sys-apps/gradm-2.2.2*"
98	+
99	+ ewarn
100	+ ewarn "Hardened Gentoo provides three different predefined grsecurity level:"
101	+ ewarn "[server], [workstation], and [virtualization]."
102	+ ewarn
103	+ ewarn "Those who intend to use one of these predefined grsecurity levels"
104	+ ewarn "should read the help associated with the level. Users importing a"
105	+ ewarn "kernel configuration from a kernel prior to ${PN}-2.6.32,"
106	+ ewarn "should review their selected grsecurity/PaX options carefully."
107	+ ewarn
108	+ ewarn "Users of grsecurity's RBAC system must ensure they are using"
109	+ ewarn "${GRADM_COMPAT}, which is compatible with ${PF}."
110	+ ewarn "It is strongly recommended that the following command is issued"
111	+ ewarn "prior to booting a ${PF} kernel for the first time:"
112	+ ewarn
113	+ ewarn "emerge -na =${GRADM_COMPAT}"
114	+ ewarn
115	+}
116
117	diff --git a/sys-kernel/hardened-xtpax-sources/metadata.xml b/sys-kernel/hardened-xtpax-sources/metadata.xml
118	new file mode 100644
119	index 0000000..6fa414d
120	--- /dev/null
121	+++ b/sys-kernel/hardened-xtpax-sources/metadata.xml
122	@@ -0,0 +1,17 @@
123	+<?xml version="1.0" encoding="UTF-8"?>
124	+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
125	+<pkgmetadata>
126	+ <herd>kernel</herd>
127	+ <herd>hardened</herd>
128	+ <maintainer>
129	+ <email>blueness@g.o</email>
130	+ <name>Anthony G. Basile</name>
131	+ </maintainer>
132	+ <longdescription>
133	+ hardened-sources is based upon genpatches, and adds the grsecurity
134	+ patch from http://www.grsecurity.net, which also includes PaX.
135	+ </longdescription>
136	+ <use>
137	+ <flag name='deblob'>Remove binary blobs from kernel sources to provide libre license compliance.</flag>
138	+ </use>
139	+</pkgmetadata>

Gentoo Archives: gentoo-commits