From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1O8Uqd-0007Ab-Uu for garchives@archives.gentoo.org; Sun, 02 May 2010 08:48:29 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 49576E05C1; Sun, 2 May 2010 08:48:18 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) by pigeon.gentoo.org (Postfix) with ESMTP id 2CA6DE05C1 for ; Sun, 2 May 2010 08:48:18 +0000 (UTC) Received: from corvid.gentoo.org (corvid.gentoo.org [208.92.234.79]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTP id D11821B4050 for ; Sun, 2 May 2010 08:48:17 +0000 (UTC) Received: by corvid.gentoo.org (Postfix, from userid 544) id 04E552C1E5; Sun, 2 May 2010 08:48:16 +0000 (UTC) From: "Robin H. Johnson (robbat2)" To: gentoo-commits@lists.gentoo.org Reply-To: gentoo-dev@lists.gentoo.org, robbat2@gentoo.org Subject: [gentoo-commits] gentoo-x86 commit in eclass: kernel-2.eclass X-VCS-Repository: gentoo-x86 X-VCS-Files: kernel-2.eclass X-VCS-Directories: eclass X-VCS-Committer: robbat2 X-VCS-Committer-Name: Robin H. Johnson Content-Type: text/plain; charset=utf8 Message-Id: <20100502084817.04E552C1E5@corvid.gentoo.org> Date: Sun, 2 May 2010 08:48:16 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: quoted-printable X-Archives-Salt: 3b517665-f2db-4ddf-b1a3-bba41e1bd9c4 X-Archives-Hash: 1c30ebb75ef5025f85bb3914af174aa6 robbat2 10/05/02 08:48:16 Modified: kernel-2.eclass Log: Bug #318095: Improve K_SECURITY_UNSUPPORTED messages for deblobbing. Ba= sed a patch by Ulrich M=C3=BCller . Revision Changes Path 1.232 eclass/kernel-2.eclass file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/eclass/kernel-2.ec= lass?rev=3D1.232&view=3Dmarkup plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/eclass/kernel-2.ec= lass?rev=3D1.232&content-type=3Dtext/plain diff : http://sources.gentoo.org/viewcvs.py/gentoo-x86/eclass/kernel-2.ec= lass?r1=3D1.231&r2=3D1.232 Index: kernel-2.eclass =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /var/cvsroot/gentoo-x86/eclass/kernel-2.eclass,v retrieving revision 1.231 retrieving revision 1.232 diff -p -w -b -B -u -u -r1.231 -r1.232 --- kernel-2.eclass 26 Apr 2010 08:05:10 -0000 1.231 +++ kernel-2.eclass 2 May 2010 08:48:16 -0000 1.232 @@ -1,6 +1,6 @@ # Copyright 1999-2009 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/eclass/kernel-2.eclass,v 1.231 2010/0= 4/26 08:05:10 robbat2 Exp $ +# $Header: /var/cvsroot/gentoo-x86/eclass/kernel-2.eclass,v 1.232 2010/0= 5/02 08:48:16 robbat2 Exp $ =20 # Description: kernel.eclass rewrite for a clean base regarding the 2.6 # series of kernel with back-compatibility for 2.4 @@ -669,7 +669,7 @@ postinst_sources() { # if we're using a deblobbed kernel, it's not supported [[ $K_DEBLOB_AVAILABLE =3D=3D 1 ]] && \ use deblob && \ - K_SECURITY_UNSUPPORTED=3D1 + K_SECURITY_UNSUPPORTED=3Ddeblob =20 # if we are to forcably symlink, delete it if it already exists first. if [[ ${K_SYMLINK} > 0 ]]; then @@ -714,9 +714,14 @@ postinst_sources() { fi =20 # optionally display security unsupported message - if [[ -n ${K_SECURITY_UNSUPPORTED} ]]; then - echo + # Start with why + if [[ ${K_SECURITY_UNSUPPORTED} =3D deblob ]]; then + ewarn "Deblobbed kernels are UNSUPPORTED by Gentoo Security" + elif [[ -n ${K_SECURITY_UNSUPPORTED} ]]; then ewarn "${PN} is UNSUPPORTED by Gentoo Security." + fi + # And now the general message. + if [[ -n ${K_SECURITY_UNSUPPORTED} ]]; then ewarn "This means that it is likely to be vulnerable to recent securit= y issues." ewarn "For specific information on why this kernel is unsupported, ple= ase read:" ewarn "http://www.gentoo.org/proj/en/security/kernel.xml"