From: "Anthony G. Basile" <blueness@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] dev/blueness:master commit in: sys-kernel/hardened-rsbac-sources/
Date: Sun, 4 Sep 2011 23:05:57 +0000 (UTC) [thread overview]
Message-ID: <31b7716f485915a67393a08651a3afb925813d51.blueness@gentoo> (raw)
commit: 31b7716f485915a67393a08651a3afb925813d51
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
AuthorDate: Sun Sep 4 23:05:49 2011 +0000
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
CommitDate: Sun Sep 4 23:05:49 2011 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=dev/blueness.git;a=commit;h=31b7716f
sys-kernel/hardened-rsbac-sources: initial commit
(Portage version: 2.1.10.11/git/Linux x86_64, signed Manifest commit with key 0xD0455535)
---
sys-kernel/hardened-rsbac-sources/ChangeLog | 8 +++
sys-kernel/hardened-rsbac-sources/Manifest | 17 +++++++
.../hardened-rsbac-sources-3.0.4.ebuild | 48 ++++++++++++++++++++
sys-kernel/hardened-rsbac-sources/metadata.xml | 17 +++++++
4 files changed, 90 insertions(+), 0 deletions(-)
diff --git a/sys-kernel/hardened-rsbac-sources/ChangeLog b/sys-kernel/hardened-rsbac-sources/ChangeLog
new file mode 100644
index 0000000..726039d
--- /dev/null
+++ b/sys-kernel/hardened-rsbac-sources/ChangeLog
@@ -0,0 +1,8 @@
+
+
+*hardened-rsbac-sources-3.0.4 (04 Sep 2011)
+
+ 04 Sep 2011; Anthony G. Basile <blueness@gentoo.org>
+ +hardened-rsbac-sources-3.0.4.ebuild, +metadata.xml:
+ Initial commit of GRSEC/PaX + RSBAC patched kernel
+
diff --git a/sys-kernel/hardened-rsbac-sources/Manifest b/sys-kernel/hardened-rsbac-sources/Manifest
new file mode 100644
index 0000000..e7e3044
--- /dev/null
+++ b/sys-kernel/hardened-rsbac-sources/Manifest
@@ -0,0 +1,17 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA256
+
+DIST genpatches-3.0-5.base.tar.bz2 112593 RMD160 0f0731dd5565622817c43cc15c133e02f53bf070 SHA1 89947def4e6a2ca55a73bb35fb80f04b081e8a75 SHA256 5a93e459e4e5fb1e38fc3d8a37533aaeee9e77fc00d45105d8d49584c1ae345e
+DIST genpatches-3.0-5.extras.tar.bz2 17207 RMD160 0f04fef1fe76c9b9cbe7c497faae19b015caff72 SHA1 89935647c22c0a8b98dd568e97312ca64378a263 SHA256 ec88ca4408c668a2c4d2d25c3d4a8c67fad4bb08133db91bbb929c0053305fda
+DIST hardened-rsbac-patches-3.0.4-1.extras.tar.bz2 867782 RMD160 8dfa7c018992a1b0e42520cb5168e2ccbf4f5112 SHA1 6fac9f5cd97585a882cae0dc9f2fdc3a27eb3bdd SHA256 92a35ae83d4b806a724919a2601ec6a3f41af81b066025e16a8cea54173b34de
+DIST linux-3.0.tar.bz2 76753134 RMD160 e20c9564ec0c8128e28a4c038986d4d93bbe34bb SHA1 45b64bffc860f70ab7956da4493c488010714650 SHA256 64b0228b54ce39b0b2df086109a7b737cde58e3df4f779506ddcaccee90356a0
+EBUILD hardened-rsbac-sources-3.0.4.ebuild 1737 RMD160 99fd471d97eb5b11858e3a231b4250f2466170d4 SHA1 ea753017e55ff61585ea7da380bc57ef51998960 SHA256 47c4da68c391a2c3ddbb487a9d1ab122a4ed5a1f338312a99a2ac8bf3914d1f9
+MISC ChangeLog 211 RMD160 c46365b24839b001e93f24de2fb1a3c91d75bbf7 SHA1 b93f84e6532a7029a2df38fac9f56db2337d4fda SHA256 da0f20fccd57a91fd3a85aec33411b185caf25ba32103b59e3ce0d37956185a8
+MISC metadata.xml 581 RMD160 3aa8f6dc75314d009c3803019c64ae309ff542bf SHA1 20f233bcb6e26f80a0e0950b522b16b4d4c1d22b SHA256 1c5b7d60e27191976596f931b82b1f67b2a12e05c48b444d9686280a0773ec12
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2.0.17 (GNU/Linux)
+
+iEYEAREIAAYFAk5kBE0ACgkQl5yvQNBFVTWuSwCfVB4lbhYVDWCQJ+8c3UDc8iXV
+U04AoIckfRYJCy6PTzSY02hqGPpZjeym
+=YzKH
+-----END PGP SIGNATURE-----
diff --git a/sys-kernel/hardened-rsbac-sources/hardened-rsbac-sources-3.0.4.ebuild b/sys-kernel/hardened-rsbac-sources/hardened-rsbac-sources-3.0.4.ebuild
new file mode 100644
index 0000000..11806e6
--- /dev/null
+++ b/sys-kernel/hardened-rsbac-sources/hardened-rsbac-sources-3.0.4.ebuild
@@ -0,0 +1,48 @@
+# Copyright 1999-2011 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/hardened-sources-3.0.4-r1.ebuild,v 1.1 2011/09/04 20:42:00 blueness Exp $
+
+EAPI="4"
+
+ETYPE="sources"
+K_WANT_GENPATCHES="base extras"
+K_GENPATCHES_VER="5"
+
+inherit kernel-2
+detect_version
+
+HGPV="${KV_MAJOR}.${KV_MINOR}.${KV_PATCH}-1"
+HGPV_URI="http://dev.gentoo.org/~blueness/hardened-sources/hardened-rsbac-patches/hardened-rsbac-patches-${HGPV}.extras.tar.bz2"
+SRC_URI="${KERNEL_URI} ${HGPV_URI} ${GENPATCHES_URI} ${ARCH_URI}"
+
+UNIPATCH_LIST="${DISTDIR}/hardened-rsbac-patches-${HGPV}.extras.tar.bz2"
+UNIPATCH_EXCLUDE="4200_fbcondecor-0.9.6.patch"
+
+DESCRIPTION="Hardened + RSBAC kernel sources (kernel series ${KV_MAJOR}.${KV_MINOR})"
+HOMEPAGE="http://www.gentoo.org/proj/en/hardened/"
+IUSE=""
+
+KEYWORDS="~amd64 ~x86"
+
+pkg_postinst() {
+ kernel-2_pkg_postinst
+
+ local GRADM_COMPAT="sys-apps/gradm-2.2.2*"
+
+ ewarn
+ ewarn "Hardened Gentoo provides three different predefined grsecurity level:"
+ ewarn "[server], [workstation], and [virtualization]."
+ ewarn
+ ewarn "Those who intend to use one of these predefined grsecurity levels"
+ ewarn "should read the help associated with the level. Users importing a"
+ ewarn "kernel configuration from a kernel prior to ${PN}-2.6.32,"
+ ewarn "should review their selected grsecurity/PaX options carefully."
+ ewarn
+ ewarn "Users of grsecurity's RBAC system must ensure they are using"
+ ewarn "${GRADM_COMPAT}, which is compatible with ${PF}."
+ ewarn "It is strongly recommended that the following command is issued"
+ ewarn "prior to booting a ${PF} kernel for the first time:"
+ ewarn
+ ewarn "emerge -na =${GRADM_COMPAT}"
+ ewarn
+}
diff --git a/sys-kernel/hardened-rsbac-sources/metadata.xml b/sys-kernel/hardened-rsbac-sources/metadata.xml
new file mode 100644
index 0000000..a326b7e
--- /dev/null
+++ b/sys-kernel/hardened-rsbac-sources/metadata.xml
@@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+ <herd>kernel</herd>
+ <herd>hardened</herd>
+ <maintainer>
+ <email>blueness@gentoo.org</email>
+ <name>Anthony G. Basile</name>
+ </maintainer>
+ <longdescription>
+ hardened-rsbac-sources adds the grsecurity/PaX patch from http://www.grsecurity.net,
+ and the RSBAC patch from http://www.rsbac.org/
+ </longdescription>
+ <use>
+ <flag name='deblob'>Remove binary blobs from kernel sources to provide libre license compliance.</flag>
+ </use>
+</pkgmetadata>
next reply other threads:[~2011-09-04 23:06 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-09-04 23:05 Anthony G. Basile [this message]
-- strict thread matches above, loose matches on Subject: below --
2011-11-05 23:01 [gentoo-commits] dev/blueness:master commit in: sys-kernel/hardened-rsbac-sources/ Anthony G. Basile
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=31b7716f485915a67393a08651a3afb925813d51.blueness@gentoo \
--to=blueness@gentoo.org \
--cc=gentoo-commits@lists.gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox