1 |
commit: f46d9288809e73b643f88c5c7b870fbfc9d8eaa8 |
2 |
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
3 |
AuthorDate: Sun Sep 25 13:35:21 2011 +0000 |
4 |
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
5 |
CommitDate: Sun Sep 25 13:35:21 2011 +0000 |
6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=dev/blueness.git;a=commit;h=f46d9288 |
7 |
|
8 |
sys-kernel/hardened-sources: testing patchset 20110924 |
9 |
|
10 |
(Portage version: 2.1.10.11/git/Linux x86_64, signed Manifest commit with key 0xD0455535) |
11 |
|
12 |
--- |
13 |
sys-kernel/hardened-sources/ChangeLog | 7 +++ |
14 |
sys-kernel/hardened-sources/Manifest | 20 +++++++-- |
15 |
.../hardened-sources-2.6.32-r69.ebuild | 48 ++++++++++++++++++++ |
16 |
.../hardened-sources-3.0.4-r4.ebuild | 48 ++++++++++++++++++++ |
17 |
4 files changed, 119 insertions(+), 4 deletions(-) |
18 |
|
19 |
diff --git a/sys-kernel/hardened-sources/ChangeLog b/sys-kernel/hardened-sources/ChangeLog |
20 |
index 8d7a56f..ed66d0e 100644 |
21 |
--- a/sys-kernel/hardened-sources/ChangeLog |
22 |
+++ b/sys-kernel/hardened-sources/ChangeLog |
23 |
@@ -1,5 +1,12 @@ |
24 |
|
25 |
|
26 |
+*hardened-sources-3.0.4-r4 (25 Sep 2011) |
27 |
+*hardened-sources-2.6.32-r69 (25 Sep 2011) |
28 |
+ |
29 |
+ 25 Sep 2011; Anthony G. Basile <blueness@g.o> |
30 |
+ +hardened-sources-2.6.32-r69.ebuild, +hardened-sources-3.0.4-r4.ebuild: |
31 |
+ testing patchset 20110924 |
32 |
+ |
33 |
22 Sep 2011; Anthony G. Basile <blueness@g.o> |
34 |
-hardened-sources-3.0.4-r3.ebuild: |
35 |
moved to tree |
36 |
|
37 |
diff --git a/sys-kernel/hardened-sources/Manifest b/sys-kernel/hardened-sources/Manifest |
38 |
index 086b8a5..a9e4c67 100644 |
39 |
--- a/sys-kernel/hardened-sources/Manifest |
40 |
+++ b/sys-kernel/hardened-sources/Manifest |
41 |
@@ -1,12 +1,24 @@ |
42 |
-----BEGIN PGP SIGNED MESSAGE----- |
43 |
Hash: SHA256 |
44 |
|
45 |
-MISC ChangeLog 5605 RMD160 0dcbeae27361f0610e9f6f9de4ad006126771fdd SHA1 12a8896af527a5d22b2e8dab369869ccaaaedd33 SHA256 d54fa0f1fa8873c78a74741918902fea62488131c6bc45e695977464a8f6f9ef |
46 |
+DIST deblob-2.6.32 84094 RMD160 394f46ec5b869638a7bc2e87beb118167c9bd6cb SHA1 1a2a1efb72126609d9e3b9be99ae5be2751efd06 SHA256 de625f0bd221c9c38d4453f1b709622f222d86a0ae9350d2b7b0e17795e6de6d |
47 |
+DIST deblob-check-2.6.32 247608 RMD160 840bf8a229ea79810519eee6241edb85b78a6562 SHA1 d45a24eb16e5ac956c0fcddbc1ac4d67e326c7b8 SHA256 da1aecdf3ab7f1207b90642d303e52262ccc2ed9e49739b729512b88950d17f3 |
48 |
+DIST genpatches-2.6.32-43.base.tar.bz2 979911 RMD160 d221c448adb8116fa328304f7cde9ce92f6c5432 SHA1 6038e46e09e8dccbf80563998fc9ebd14718d0e3 SHA256 92f71a7ac87fd7117ce28e1666e8c95473cd4b4701a78984c2ba4b87d0a8c705 |
49 |
+DIST genpatches-2.6.32-43.extras.tar.bz2 24897 RMD160 fac4ce9c15953ad811b2c500b0145f2eebea5e2d SHA1 8f9cdf4bc06dc5e806698d93c002798faa53fda1 SHA256 309841a94e96d7076bca7fb547caae9786e24258e032da242f64768a413ddbf0 |
50 |
+DIST genpatches-3.0-5.base.tar.bz2 112593 RMD160 0f0731dd5565622817c43cc15c133e02f53bf070 SHA1 89947def4e6a2ca55a73bb35fb80f04b081e8a75 SHA256 5a93e459e4e5fb1e38fc3d8a37533aaeee9e77fc00d45105d8d49584c1ae345e |
51 |
+DIST genpatches-3.0-5.extras.tar.bz2 17207 RMD160 0f04fef1fe76c9b9cbe7c497faae19b015caff72 SHA1 89935647c22c0a8b98dd568e97312ca64378a263 SHA256 ec88ca4408c668a2c4d2d25c3d4a8c67fad4bb08133db91bbb929c0053305fda |
52 |
+DIST hardened-patches-2.6.32-72.extras.tar.bz2 487640 RMD160 2841b03804fc2c94d3afe0f847df01869e402a65 SHA1 240f6de67520472172abbaca1e4f073e85c99b18 SHA256 dd55d1d83d789f3c71db3f0241d452a6d5f7ddd7d0939d1610615528cdc1d0c4 |
53 |
+DIST hardened-patches-3.0.4-5.extras.tar.bz2 459054 RMD160 df0a027d7288f96af2a71a41bda8e80db6efe46a SHA1 9d5c7eb8fdce2f4243478301d678d9dd998573a9 SHA256 138b24fa43b1c93e72c6e1301269f662401299d28c7452a965ecc4aeac05b507 |
54 |
+DIST linux-2.6.32.tar.bz2 64424138 RMD160 b93742cbaf8174f2200d2dbef0d47a26c618039c SHA1 410b4fc818023bfef60064e973ff0ab46d3bfb19 SHA256 5099786d80b8407d98a619df00209c2353517f22d804fdd9533b362adcb4504e |
55 |
+DIST linux-3.0.tar.bz2 76753134 RMD160 e20c9564ec0c8128e28a4c038986d4d93bbe34bb SHA1 45b64bffc860f70ab7956da4493c488010714650 SHA256 64b0228b54ce39b0b2df086109a7b737cde58e3df4f779506ddcaccee90356a0 |
56 |
+EBUILD hardened-sources-2.6.32-r69.ebuild 1806 RMD160 341da13cc3f9635a26e50a917a6e46515da9fcd1 SHA1 991d1307f3c2a2de0244e5fb5b3eab215774e496 SHA256 2b4d30cdc101b668e29e259a30ec8fc03483d8b2881bf35c8683e9519d9476cc |
57 |
+EBUILD hardened-sources-3.0.4-r4.ebuild 1754 RMD160 ef4b00ec5fa820c473f44db519a4a370d6b3db70 SHA1 74931625997dc589a55dc9f04f0979f4c8610a93 SHA256 175a67802100fe654b3df79edcb37f1b3c6ffc6c647304889b0d636fb5557b49 |
58 |
+MISC ChangeLog 5848 RMD160 61e6113b18a55c24880a2b84bd3ccaec4604012f SHA1 62160962ca742643b0dd40dc2dfd4014c44c280d SHA256 63eaf8de582ac03b810be11af7a7217f4100f97c08340d0d8c7c86fdce979dda |
59 |
MISC metadata.xml 578 RMD160 7ea189a37d0f863ae9c52170bb85df27d21686fb SHA1 4765c25d7770a69f7b9dda2b1accc8ff27b74ad0 SHA256 64140e091b51002a5355d8fcfd351f2f39ed63da68af3a5751fc2058d0d03813 |
60 |
-----BEGIN PGP SIGNATURE----- |
61 |
Version: GnuPG v2.0.17 (GNU/Linux) |
62 |
|
63 |
-iEYEAREIAAYFAk57QDkACgkQl5yvQNBFVTV10wCgknrhu/MetJmrZV9nkRCUVnk3 |
64 |
-4kcAoKgAAgz9MaceJgDH6Y/4f6OzwfEQ |
65 |
-=R6YZ |
66 |
+iEYEAREIAAYFAk5/LhkACgkQl5yvQNBFVTWF0gCdG+hYhebvrPtgDaAIceo1uGEr |
67 |
+1EsAoIbRRogryj0Y3bB5q4h1fEwt9/TE |
68 |
+=8uij |
69 |
-----END PGP SIGNATURE----- |
70 |
|
71 |
diff --git a/sys-kernel/hardened-sources/hardened-sources-2.6.32-r69.ebuild b/sys-kernel/hardened-sources/hardened-sources-2.6.32-r69.ebuild |
72 |
new file mode 100644 |
73 |
index 0000000..296c376 |
74 |
--- /dev/null |
75 |
+++ b/sys-kernel/hardened-sources/hardened-sources-2.6.32-r69.ebuild |
76 |
@@ -0,0 +1,48 @@ |
77 |
+# Copyright 1999-2011 Gentoo Foundation |
78 |
+# Distributed under the terms of the GNU General Public License v2 |
79 |
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/hardened-sources-2.6.32-r68.ebuild,v 1.1 2011/09/15 22:07:26 blueness Exp $ |
80 |
+ |
81 |
+EAPI="4" |
82 |
+ |
83 |
+ETYPE="sources" |
84 |
+K_WANT_GENPATCHES="base extras" |
85 |
+K_GENPATCHES_VER="43" |
86 |
+ |
87 |
+inherit kernel-2 |
88 |
+detect_version |
89 |
+ |
90 |
+HGPV="${KV_MAJOR}.${KV_MINOR}.${KV_PATCH}-72" |
91 |
+HGPV_URI="http://dev.gentoo.org/~blueness/hardened-sources/hardened-patches/hardened-patches-${HGPV}.extras.tar.bz2" |
92 |
+SRC_URI="${KERNEL_URI} ${HGPV_URI} ${GENPATCHES_URI} ${ARCH_URI}" |
93 |
+ |
94 |
+UNIPATCH_LIST="${DISTDIR}/hardened-patches-${HGPV}.extras.tar.bz2" |
95 |
+UNIPATCH_EXCLUDE="2000_fix-broken-backport-for-ipv6-tunnels.patch 4200_fbcondecor-0.9.6.patch" |
96 |
+ |
97 |
+DESCRIPTION="Hardened kernel sources (kernel series ${KV_MAJOR}.${KV_MINOR})" |
98 |
+HOMEPAGE="http://www.gentoo.org/proj/en/hardened/" |
99 |
+IUSE="" |
100 |
+ |
101 |
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86" |
102 |
+ |
103 |
+pkg_postinst() { |
104 |
+ kernel-2_pkg_postinst |
105 |
+ |
106 |
+ local GRADM_COMPAT="sys-apps/gradm-2.2.2*" |
107 |
+ |
108 |
+ ewarn |
109 |
+ ewarn "Hardened Gentoo provides three different predefined grsecurity level:" |
110 |
+ ewarn "[server], [workstation], and [virtualization]." |
111 |
+ ewarn |
112 |
+ ewarn "Those who intend to use one of these predefined grsecurity levels" |
113 |
+ ewarn "should read the help associated with the level. Users importing a" |
114 |
+ ewarn "kernel configuration from a kernel prior to ${PN}-2.6.32," |
115 |
+ ewarn "should review their selected grsecurity/PaX options carefully." |
116 |
+ ewarn |
117 |
+ ewarn "Users of grsecurity's RBAC system must ensure they are using" |
118 |
+ ewarn "${GRADM_COMPAT}, which is compatible with ${PF}." |
119 |
+ ewarn "It is strongly recommended that the following command is issued" |
120 |
+ ewarn "prior to booting a ${PF} kernel for the first time:" |
121 |
+ ewarn |
122 |
+ ewarn "emerge -na =${GRADM_COMPAT}" |
123 |
+ ewarn |
124 |
+} |
125 |
|
126 |
diff --git a/sys-kernel/hardened-sources/hardened-sources-3.0.4-r4.ebuild b/sys-kernel/hardened-sources/hardened-sources-3.0.4-r4.ebuild |
127 |
new file mode 100644 |
128 |
index 0000000..0e99119 |
129 |
--- /dev/null |
130 |
+++ b/sys-kernel/hardened-sources/hardened-sources-3.0.4-r4.ebuild |
131 |
@@ -0,0 +1,48 @@ |
132 |
+# Copyright 1999-2011 Gentoo Foundation |
133 |
+# Distributed under the terms of the GNU General Public License v2 |
134 |
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/hardened-sources-3.0.4-r3.ebuild,v 1.1 2011/09/22 13:07:01 blueness Exp $ |
135 |
+ |
136 |
+EAPI="4" |
137 |
+ |
138 |
+ETYPE="sources" |
139 |
+K_WANT_GENPATCHES="base extras" |
140 |
+K_GENPATCHES_VER="5" |
141 |
+ |
142 |
+inherit kernel-2 |
143 |
+detect_version |
144 |
+ |
145 |
+HGPV="${KV_MAJOR}.${KV_MINOR}.${KV_PATCH}-5" |
146 |
+HGPV_URI="http://dev.gentoo.org/~blueness/hardened-sources/hardened-patches/hardened-patches-${HGPV}.extras.tar.bz2" |
147 |
+SRC_URI="${KERNEL_URI} ${HGPV_URI} ${GENPATCHES_URI} ${ARCH_URI}" |
148 |
+ |
149 |
+UNIPATCH_LIST="${DISTDIR}/hardened-patches-${HGPV}.extras.tar.bz2" |
150 |
+UNIPATCH_EXCLUDE="4200_fbcondecor-0.9.6.patch" |
151 |
+ |
152 |
+DESCRIPTION="Hardened kernel sources (kernel series ${KV_MAJOR}.${KV_MINOR})" |
153 |
+HOMEPAGE="http://www.gentoo.org/proj/en/hardened/" |
154 |
+IUSE="" |
155 |
+ |
156 |
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86" |
157 |
+ |
158 |
+pkg_postinst() { |
159 |
+ kernel-2_pkg_postinst |
160 |
+ |
161 |
+ local GRADM_COMPAT="sys-apps/gradm-2.2.2*" |
162 |
+ |
163 |
+ ewarn |
164 |
+ ewarn "Hardened Gentoo provides three different predefined grsecurity level:" |
165 |
+ ewarn "[server], [workstation], and [virtualization]." |
166 |
+ ewarn |
167 |
+ ewarn "Those who intend to use one of these predefined grsecurity levels" |
168 |
+ ewarn "should read the help associated with the level. Users importing a" |
169 |
+ ewarn "kernel configuration from a kernel prior to ${PN}-2.6.32," |
170 |
+ ewarn "should review their selected grsecurity/PaX options carefully." |
171 |
+ ewarn |
172 |
+ ewarn "Users of grsecurity's RBAC system must ensure they are using" |
173 |
+ ewarn "${GRADM_COMPAT}, which is compatible with ${PF}." |
174 |
+ ewarn "It is strongly recommended that the following command is issued" |
175 |
+ ewarn "prior to booting a ${PF} kernel for the first time:" |
176 |
+ ewarn |
177 |
+ ewarn "emerge -na =${GRADM_COMPAT}" |
178 |
+ ewarn |
179 |
+} |