From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1SRjGQ-0008Ap-NN for garchives@archives.gentoo.org; Tue, 08 May 2012 12:11:35 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id CB794E073F; Tue, 8 May 2012 12:11:06 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) by pigeon.gentoo.org (Postfix) with ESMTP id 89B87E073F for ; Tue, 8 May 2012 12:11:06 +0000 (UTC) Received: from hornbill.gentoo.org (hornbill.gentoo.org [94.100.119.163]) (using TLSv1 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id C4CEF1B403D for ; Tue, 8 May 2012 12:11:05 +0000 (UTC) Received: from localhost.localdomain (localhost [127.0.0.1]) by hornbill.gentoo.org (Postfix) with ESMTP id 5D075E542D for ; Tue, 8 May 2012 12:11:04 +0000 (UTC) From: "Anthony G. Basile" To: gentoo-commits@lists.gentoo.org Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Anthony G. Basile" Message-ID: <1336479055.8c95350ff55d0bf27c49bfa998e9e1bf64603f1b.blueness@gentoo> Subject: [gentoo-commits] dev/blueness:master commit in: sys-kernel/hardened-sources/ X-VCS-Repository: dev/blueness X-VCS-Files: sys-kernel/hardened-sources/ChangeLog sys-kernel/hardened-sources/Manifest sys-kernel/hardened-sources/hardened-sources-2.6.32-r103.ebuild sys-kernel/hardened-sources/hardened-sources-3.2.16-r2.ebuild sys-kernel/hardened-sources/hardened-sources-3.3.5.ebuild X-VCS-Directories: sys-kernel/hardened-sources/ X-VCS-Committer: blueness X-VCS-Committer-Name: Anthony G. Basile X-VCS-Revision: 8c95350ff55d0bf27c49bfa998e9e1bf64603f1b X-VCS-Branch: master Date: Tue, 8 May 2012 12:11:04 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: quoted-printable X-Archives-Salt: cef89382-3d4b-4497-8417-377b90decb9e X-Archives-Hash: c88e778aac2822efa4266899fc7d355b commit: 8c95350ff55d0bf27c49bfa998e9e1bf64603f1b Author: Anthony G. Basile gentoo org> AuthorDate: Tue May 8 12:10:55 2012 +0000 Commit: Anthony G. Basile gentoo org> CommitDate: Tue May 8 12:10:55 2012 +0000 URL: http://git.overlays.gentoo.org/gitweb/?p=3Ddev/blueness.git;a= =3Dcommit;h=3D8c95350f sys-kernel/hardened-sources: testing patchset 20120507 (Portage version: 2.1.10.49/git/Linux x86_64, signed Manifest commit with= key 0xD0455535) --- sys-kernel/hardened-sources/ChangeLog | 9 ++++ sys-kernel/hardened-sources/Manifest | 29 ++++++++++-- .../hardened-sources-2.6.32-r103.ebuild | 51 ++++++++++++++= ++++++ .../hardened-sources-3.2.16-r2.ebuild | 50 ++++++++++++++= +++++ .../hardened-sources/hardened-sources-3.3.5.ebuild | 50 ++++++++++++++= +++++ 5 files changed, 185 insertions(+), 4 deletions(-) diff --git a/sys-kernel/hardened-sources/ChangeLog b/sys-kernel/hardened-= sources/ChangeLog index 9e814c8..cf0a73c 100644 --- a/sys-kernel/hardened-sources/ChangeLog +++ b/sys-kernel/hardened-sources/ChangeLog @@ -1,5 +1,14 @@ =20 =20 +*hardened-sources-3.3.5 (08 May 2012) +*hardened-sources-3.2.16-r2 (08 May 2012) +*hardened-sources-2.6.32-r103 (08 May 2012) + + 08 May 2012; Anthony G. Basile + +hardened-sources-2.6.32-r103.ebuild, +hardened-sources-3.2.16-r2.ebui= ld, + +hardened-sources-3.3.5.ebuild: + testing patchset 20120507 + 02 May 2012; Anthony G. Basile -hardened-sources-2.6.32-r102.ebuild, -hardened-sources-3.2.16-r1.ebui= ld, -hardened-sources-3.3.4.ebuild: diff --git a/sys-kernel/hardened-sources/Manifest b/sys-kernel/hardened-s= ources/Manifest index 9b34e62..5fe45fd 100644 --- a/sys-kernel/hardened-sources/Manifest +++ b/sys-kernel/hardened-sources/Manifest @@ -1,12 +1,33 @@ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =20 -MISC ChangeLog 21243 RMD160 5c9fd9ed7740c189580340783b6b3a449e7c3fed SHA= 1 3e5b80d1cfdcc2147f2bdc7c80a469ab99b5826a SHA256 add4838ae71c2bd1a74cc1d= 45a2145e36966e0c1a7f49711650b199fcc55d268 +DIST deblob-2.6.32 84094 RMD160 394f46ec5b869638a7bc2e87beb118167c9bd6cb= SHA1 1a2a1efb72126609d9e3b9be99ae5be2751efd06 SHA256 de625f0bd221c9c38d4= 453f1b709622f222d86a0ae9350d2b7b0e17795e6de6d +DIST deblob-3.2 107602 RMD160 56f1dfe4f0254c802b49ea5220c4f67e56649852 S= HA1 83421184d88d02e24de2adbc5debfb03454a7f4b SHA256 5db88405af6d51a77d843= 54afc3b2bdf673b1a5dcff37bb8db4ccbd12d91db20 +DIST deblob-3.3 107222 RMD160 2796d93a1a0e3034af752ac8684f935cfeff024c S= HA1 787e17b058a678f54a4f951510206bc8d72c3d5c SHA256 09a4ee54faf7d96a9ca15= 0bfa3a7a2234d589457bac40f03a6e19b5774b1ef5c +DIST deblob-check-2.6.32 247608 RMD160 840bf8a229ea79810519eee6241edb85b= 78a6562 SHA1 d45a24eb16e5ac956c0fcddbc1ac4d67e326c7b8 SHA256 da1aecdf3ab7= f1207b90642d303e52262ccc2ed9e49739b729512b88950d17f3 +DIST deblob-check-3.2 423268 RMD160 8cb0c1b4a289db94543396c4445c4c7a35d2= ba70 SHA1 01e50f824a577d15749f24643fdd136180342808 SHA256 9e67dd0885aa8ef= 356dbc15d487c8dea5a54f74c5b03a5d7946b65ee43f12638 +DIST deblob-check-3.3 427140 RMD160 98998624c083205452cdc22df60d60d06b80= 7315 SHA1 61161f84859542cd3bfe8e961fc75bf6f72031f7 SHA256 ed8fab94c7f01d8= 9a3007135a1260553b71fa1d8e0b4e42bdecb3ffbba81b3fd +DIST genpatches-2.6.32-48.base.tar.bz2 1033142 RMD160 c42b6a5edbb9965391= bbcf6ee40bb79c2080f497 SHA1 95e90447ecd875228121fa32e8cf89eaabde5fa6 SHA2= 56 7438e7b7c0ef32e0c639cf89c4f53a3bc7917ca466b1fcf3931adb65ad05b583 +DIST genpatches-2.6.32-48.extras.tar.bz2 24939 RMD160 055706793fb532caeb= 3d364c5e1bd0ad46aff4b2 SHA1 2a966a4d5f9a718a0d43c25df563d0377154996f SHA2= 56 ee714d14310fd5242ce2e28a8f8e5fda63ba18957960814876506f8754b9d2a0 +DIST genpatches-3.2-14.base.tar.bz2 312010 RMD160 4c16517dcac6ef2a80cdc0= eb69e149fbb519b127 SHA1 2d15924f45942b98e38fd407b55136cc52857804 SHA256 4= 4f761e24376e75acc9160bbef85127121609e8fe435f55cac0e047a3e883d17 +DIST genpatches-3.2-14.extras.tar.bz2 17208 RMD160 8324da51ce71afb0d375f= 34b0dd05209079bd7a3 SHA1 c2f4e029aebbc0ae82221aa2643de06a2d08cbd8 SHA256 = 7f60ab18e2965d024b7a36327577bcc771061f2cfac221ed475a6fd6b2ab89c7 +DIST genpatches-3.3-5.base.tar.bz2 138337 RMD160 b467091a5b1242da46280e2= 190aa0cb0fe0f9571 SHA1 afad24b7484163c2de116065bf4f2a97ec4e8b71 SHA256 6b= 9f19e91db0b2f612be6a3815be4ebcd2193ca3afefdc62de3302576838ee07 +DIST genpatches-3.3-5.extras.tar.bz2 17205 RMD160 eb3141c66ffb16282c2e2e= f0fb5227a13172464d SHA1 4376fe5995aaa058cdd9081c003aeef56d099b5e SHA256 9= 356a196eb8aa74110165bc9d04674785693393c34f4a088d60bb0091ceb1bdc +DIST hardened-patches-2.6.32-105.extras.tar.bz2 732530 RMD160 3aae4ff98a= dac15da4c3ca2720025852973f17a9 SHA1 c0dab4296d4d38f73177555fa953c5d7abe84= 49f SHA256 6a0345f556971e83d9601c1c53ff56710b7f273551e877d0f55bcb1802031d= d2 +DIST hardened-patches-3.2.16-3.extras.tar.bz2 548778 RMD160 43a4ec89d63f= df3b0074214f4ad28d80312341ef SHA1 21c718d8715c3ddc61d1077ba0314947ee46b49= 0 SHA256 e3a192241a26ad780378aece9594b460705f3d7976a2281db46f913512adb8b7 +DIST hardened-patches-3.3.5-1.extras.tar.bz2 570633 RMD160 a95dfd0a54e87= a9fb506ed80c27e92c1f5a676b4 SHA1 c058eef7bd940740b07a8eafbd677f9d51e9c92f= SHA256 934532c1a7ad3d16292c7210d995d28ea19dc233962ddd562dcee139c09839bc +DIST linux-2.6.32.tar.bz2 64424138 RMD160 b93742cbaf8174f2200d2dbef0d47a= 26c618039c SHA1 410b4fc818023bfef60064e973ff0ab46d3bfb19 SHA256 5099786d8= 0b8407d98a619df00209c2353517f22d804fdd9533b362adcb4504e +DIST linux-3.2.tar.bz2 78147838 RMD160 15eb022305dfc8b0e1d59e396911fa86e= b9c3bdf SHA1 3460afa971049aa79b8f914e1bfd619eedd19f55 SHA256 c881fc2b53cf= 0da7ca4538aa44623a7de043a41f76fd5d0f51a31f6ed699d463 +DIST linux-3.3.tar.bz2 78963640 RMD160 2bdb25e5af4549a43d8b202508b858370= 05146e5 SHA1 dc10fd59e5afbe0f74de06862435dd8bed07ca6a SHA256 8fd669b4e481= 81b8d44644a45bf421a84bb8d5ec273ef36349796443e442f333 +EBUILD hardened-sources-2.6.32-r103.ebuild 1818 RMD160 b7342bec52b057261= 8ccbb199c97511e5143bc24 SHA1 1e5bdc03ea74454856bea880f67c0b305945ce6c SHA= 256 dc14074e126af6b1f305c98190b9e53d184366295e31a24a391cafe93e2419bc +EBUILD hardened-sources-3.2.16-r2.ebuild 1814 RMD160 a5f74b8a169206136e5= 7f1d67d66214703c2dd57 SHA1 a00d289ca6185fd0a4ff7fcf166f66b4e4945b27 SHA25= 6 add8876759d5d49cbddd4a56bb6da2f97dd88f7dcc571ecae6b8c428bc6211ed +EBUILD hardened-sources-3.3.5.ebuild 1839 RMD160 a94b9099cdeb2cbbd59b3e5= 5baa17895542d5568 SHA1 9fdc2185d92e73340ff9ce1848da56dff829d499 SHA256 90= 467ee2a147785d3f72ce913e48ee3ee0c467fa030816f0a29859eb9eba1d4f +MISC ChangeLog 21562 RMD160 daae3403eec908a9f07ba22a2ab266a89d76ccc0 SHA= 1 053d769c0f9d922e7f678156fc16584f30cf8585 SHA256 1f9c73568b770c5388ce5b2= 618ff593d9b524468db908282e06fd0cb64c96209 MISC metadata.xml 576 RMD160 f3d34140c6074436e3861275202f48ba32be6ccc SH= A1 d1a11f53284e9ff098b6a5f14eaac6756e238588 SHA256 53e0d3bfb958bcbf62457a= 89abe76a7a6f5a2b1df5decb04bf8b840184cc5828 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (GNU/Linux) =20 -iEYEAREIAAYFAk+hDSoACgkQl5yvQNBFVTXMdACdFwGWw2f4qmZvluHX1tMEtRPm -aN4AnifETvzToAf0OALCYu2jKWJ9+3jy -=3DufxJ +iEYEAREIAAYFAk+pDU8ACgkQl5yvQNBFVTUW8ACgojRCA8DY1psySxDLUeEjpn+D +GGIAoIlpcJ3JFBhgPnLJjpHX2VYJwKbG +=3DA3uO -----END PGP SIGNATURE----- diff --git a/sys-kernel/hardened-sources/hardened-sources-2.6.32-r103.ebu= ild b/sys-kernel/hardened-sources/hardened-sources-2.6.32-r103.ebuild new file mode 100644 index 0000000..1d9ec6f --- /dev/null +++ b/sys-kernel/hardened-sources/hardened-sources-2.6.32-r103.ebuild @@ -0,0 +1,51 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/hardened-= sources-2.6.32-r102.ebuild,v 1.1 2012/05/02 10:24:31 blueness Exp $ + +EAPI=3D"4" + +ETYPE=3D"sources" +K_WANT_GENPATCHES=3D"base extras" +K_GENPATCHES_VER=3D"48" +K_DEBLOB_AVAILABLE=3D"1" + +inherit kernel-2 +detect_version + +HGPV=3D"${KV_MAJOR}.${KV_MINOR}.${KV_PATCH}-105" +HGPV_URI=3D"http://dev.gentoo.org/~blueness/hardened-sources/hardened-pa= tches/hardened-patches-${HGPV}.extras.tar.bz2" +SRC_URI=3D"${KERNEL_URI} ${HGPV_URI} ${GENPATCHES_URI} ${ARCH_URI}" + +UNIPATCH_LIST=3D"${DISTDIR}/hardened-patches-${HGPV}.extras.tar.bz2" +UNIPATCH_EXCLUDE=3D"4200_fbcondecor-0.9.6.patch" + +DESCRIPTION=3D"Hardened kernel sources (kernel series ${KV_MAJOR}.${KV_M= INOR})" +HOMEPAGE=3D"http://www.gentoo.org/proj/en/hardened/" +IUSE=3D"deblob" + +KEYWORDS=3D"~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86" + +RDEPEND=3D">=3Dsys-devel/gcc-4.5" + +pkg_postinst() { + kernel-2_pkg_postinst + + local GRADM_COMPAT=3D"sys-apps/gradm-2.9*" + + ewarn + ewarn "Hardened Gentoo provides three different predefined grsecurity l= evel:" + ewarn "[server], [workstation], and [virtualization]." + ewarn + ewarn "Those who intend to use one of these predefined grsecurity level= s" + ewarn "should read the help associated with the level. Users importing= a" + ewarn "kernel configuration from a kernel prior to ${PN}-2.6.32," + ewarn "should review their selected grsecurity/PaX options carefully." + ewarn + ewarn "Users of grsecurity's RBAC system must ensure they are using" + ewarn "${GRADM_COMPAT}, which is compatible with ${PF}." + ewarn "It is strongly recommended that the following command is issued" + ewarn "prior to booting a ${PF} kernel for the first time:" + ewarn + ewarn "emerge -na =3D${GRADM_COMPAT}" + ewarn +} diff --git a/sys-kernel/hardened-sources/hardened-sources-3.2.16-r2.ebuil= d b/sys-kernel/hardened-sources/hardened-sources-3.2.16-r2.ebuild new file mode 100644 index 0000000..69d8cbc --- /dev/null +++ b/sys-kernel/hardened-sources/hardened-sources-3.2.16-r2.ebuild @@ -0,0 +1,50 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/hardened-= sources-3.2.16-r1.ebuild,v 1.1 2012/05/02 10:26:43 blueness Exp $ + +EAPI=3D"4" + +ETYPE=3D"sources" +K_WANT_GENPATCHES=3D"base extras" +K_GENPATCHES_VER=3D"14" +K_DEBLOB_AVAILABLE=3D"1" + +inherit kernel-2 +detect_version + +HGPV=3D"${KV_MAJOR}.${KV_MINOR}.${KV_PATCH}-3" +HGPV_URI=3D"http://dev.gentoo.org/~blueness/hardened-sources/hardened-pa= tches/hardened-patches-${HGPV}.extras.tar.bz2" +SRC_URI=3D"${KERNEL_URI} ${HGPV_URI} ${GENPATCHES_URI} ${ARCH_URI}" + +UNIPATCH_LIST=3D"${DISTDIR}/hardened-patches-${HGPV}.extras.tar.bz2" +UNIPATCH_EXCLUDE=3D"4200_fbcondecor-0.9.6.patch" + +DESCRIPTION=3D"Hardened kernel sources (kernel series ${KV_MAJOR}.${KV_M= INOR})" +HOMEPAGE=3D"http://www.gentoo.org/proj/en/hardened/" +IUSE=3D"deblob" + +KEYWORDS=3D"~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86" + +RDEPEND=3D">=3Dsys-devel/gcc-4.5" + +pkg_postinst() { + kernel-2_pkg_postinst + + local GRADM_COMPAT=3D"sys-apps/gradm-2.9" + + ewarn + ewarn "Hardened Gentoo provides three different predefined grsecurity l= evel:" + ewarn "[server], [workstation], and [virtualization]. Those who intend= to" + ewarn "use one of these predefined grsecurity levels should read the he= lp" + ewarn "associated with the level. Because some options require >=3Dgcc= -4.5," + ewarn "users with more, than one version of gcc installed should use gc= c-config" + ewarn "to select a compatible version." + ewarn + ewarn "Users of grsecurity's RBAC system must ensure they are using" + ewarn "${GRADM_COMPAT}, which is compatible with ${PF}." + ewarn "It is strongly recommended that the following command is issued" + ewarn "prior to booting a ${PF} kernel for the first time:" + ewarn + ewarn "emerge -na =3D${GRADM_COMPAT}*" + ewarn +} diff --git a/sys-kernel/hardened-sources/hardened-sources-3.3.5.ebuild b/= sys-kernel/hardened-sources/hardened-sources-3.3.5.ebuild new file mode 100644 index 0000000..4a5812b --- /dev/null +++ b/sys-kernel/hardened-sources/hardened-sources-3.3.5.ebuild @@ -0,0 +1,50 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/hardened-= sources-3.3.4.ebuild,v 1.1 2012/05/02 10:29:55 blueness Exp $ + +EAPI=3D"4" + +ETYPE=3D"sources" +K_WANT_GENPATCHES=3D"base extras" +K_GENPATCHES_VER=3D"5" +K_DEBLOB_AVAILABLE=3D"1" + +inherit kernel-2 +detect_version + +HGPV=3D"${KV_MAJOR}.${KV_MINOR}.${KV_PATCH}-1" +HGPV_URI=3D"http://dev.gentoo.org/~blueness/hardened-sources/hardened-pa= tches/hardened-patches-${HGPV}.extras.tar.bz2" +SRC_URI=3D"${KERNEL_URI} ${HGPV_URI} ${GENPATCHES_URI} ${ARCH_URI}" + +UNIPATCH_LIST=3D"${DISTDIR}/hardened-patches-${HGPV}.extras.tar.bz2" +UNIPATCH_EXCLUDE=3D"1800_nohz-load-acct-fix.patch 4200_fbcondecor-0.9.6.= patch" + +DESCRIPTION=3D"Hardened kernel sources (kernel series ${KV_MAJOR}.${KV_M= INOR})" +HOMEPAGE=3D"http://www.gentoo.org/proj/en/hardened/" +IUSE=3D"deblob" + +KEYWORDS=3D"~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86" + +RDEPEND=3D">=3Dsys-devel/gcc-4.5" + +pkg_postinst() { + kernel-2_pkg_postinst + + local GRADM_COMPAT=3D"sys-apps/gradm-2.9" + + ewarn + ewarn "Hardened Gentoo provides three different predefined grsecurity l= evel:" + ewarn "[server], [workstation], and [virtualization]. Those who intend= to" + ewarn "use one of these predefined grsecurity levels should read the he= lp" + ewarn "associated with the level. Because some options require >=3Dgcc= -4.5," + ewarn "users with more, than one version of gcc installed should use gc= c-config" + ewarn "to select a compatible version." + ewarn + ewarn "Users of grsecurity's RBAC system must ensure they are using" + ewarn "${GRADM_COMPAT}, which is compatible with ${PF}." + ewarn "It is strongly recommended that the following command is issued" + ewarn "prior to booting a ${PF} kernel for the first time:" + ewarn + ewarn "emerge -na =3D${GRADM_COMPAT}*" + ewarn +}