From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1Qq54W-0003mZ-LP for garchives@archives.gentoo.org; Sun, 07 Aug 2011 15:15:24 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id BFA9A21C097; Sun, 7 Aug 2011 15:15:16 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) by pigeon.gentoo.org (Postfix) with ESMTP id 8309321C097 for ; Sun, 7 Aug 2011 15:15:16 +0000 (UTC) Received: from pelican.gentoo.org (unknown [66.219.59.40]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id E5A401B4019 for ; Sun, 7 Aug 2011 15:15:15 +0000 (UTC) Received: from localhost.localdomain (localhost [127.0.0.1]) by pelican.gentoo.org (Postfix) with ESMTP id 3395E80040 for ; Sun, 7 Aug 2011 15:15:15 +0000 (UTC) From: "Anthony G. Basile" To: gentoo-commits@lists.gentoo.org Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Anthony G. Basile" Message-ID: Subject: [gentoo-commits] dev/blueness:master commit in: sys-kernel/hardened-sources/ X-VCS-Repository: dev/blueness X-VCS-Files: sys-kernel/hardened-sources/Manifest sys-kernel/hardened-sources/hardened-sources-2.6.32-r60.ebuild sys-kernel/hardened-sources/hardened-sources-2.6.39-r10.ebuild X-VCS-Directories: sys-kernel/hardened-sources/ X-VCS-Committer: blueness X-VCS-Committer-Name: Anthony G. Basile X-VCS-Revision: eb8100a2f18afcd4fcf57e337960ce4f51f10d07 Date: Sun, 7 Aug 2011 15:15:15 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: quoted-printable X-Archives-Salt: X-Archives-Hash: 4f311ac2fa43fa6c20d50a4b6653c763 commit: eb8100a2f18afcd4fcf57e337960ce4f51f10d07 Author: Anthony G. Basile gentoo org> AuthorDate: Sun Aug 7 15:14:06 2011 +0000 Commit: Anthony G. Basile gentoo org> CommitDate: Sun Aug 7 15:14:06 2011 +0000 URL: http://git.overlays.gentoo.org/gitweb/?p=3Ddev/blueness.git;a= =3Dcommit;h=3Deb8100a2 sys-kernel/hardened-sources: testing patchset 20110806 (Portage version: 2.1.10.3/git/Linux x86_64, signed Manifest commit with = key 0xD0455535) --- sys-kernel/hardened-sources/Manifest | 18 ++++++- .../hardened-sources-2.6.32-r60.ebuild | 48 ++++++++++++++= ++++++ .../hardened-sources-2.6.39-r10.ebuild | 48 ++++++++++++++= ++++++ 3 files changed, 111 insertions(+), 3 deletions(-) diff --git a/sys-kernel/hardened-sources/Manifest b/sys-kernel/hardened-s= ources/Manifest index d379719..65af594 100644 --- a/sys-kernel/hardened-sources/Manifest +++ b/sys-kernel/hardened-sources/Manifest @@ -1,12 +1,24 @@ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =20 +DIST deblob-2.6.32 84094 RMD160 394f46ec5b869638a7bc2e87beb118167c9bd6cb= SHA1 1a2a1efb72126609d9e3b9be99ae5be2751efd06 SHA256 de625f0bd221c9c38d4= 453f1b709622f222d86a0ae9350d2b7b0e17795e6de6d +DIST deblob-check-2.6.32 247608 RMD160 840bf8a229ea79810519eee6241edb85b= 78a6562 SHA1 d45a24eb16e5ac956c0fcddbc1ac4d67e326c7b8 SHA256 da1aecdf3ab7= f1207b90642d303e52262ccc2ed9e49739b729512b88950d17f3 +DIST genpatches-2.6.32-40.base.tar.bz2 954168 RMD160 09a4ab92cd4a0bb6200= a386182d60bf94fcea5dc SHA1 4b937d27ec83398efb5af8a71a8d2b893cfd56fc SHA25= 6 63caf952fa4351813db7c280751e71e635aa0df259ccfd153ecda5ad06960cbe +DIST genpatches-2.6.32-40.extras.tar.bz2 24897 RMD160 fac4ce9c15953ad811= b2c500b0145f2eebea5e2d SHA1 8f9cdf4bc06dc5e806698d93c002798faa53fda1 SHA2= 56 309841a94e96d7076bca7fb547caae9786e24258e032da242f64768a413ddbf0 +DIST genpatches-2.6.39-6.base.tar.bz2 129313 RMD160 020469bd8d91d7159b2a= 44782e64eb4e23a307c6 SHA1 46a3e1569d6f58f5f34e5e54d0947896f842d222 SHA256= fe605a0bc8a1206db73803692179413a605c98415bc35bdb16496afffe241b22 +DIST genpatches-2.6.39-6.extras.tar.bz2 17176 RMD160 daae29a8c922c4cce33= 8ee7ad2e7ea6b3fb7bed5 SHA1 382e3800895b1b56bc7d073808576a0060165bc2 SHA25= 6 6d2bbf1bd936088e10aecaa2f7d1050de72a21a8e4a05a8269caeaec8e8b3f09 +DIST hardened-patches-2.6.32-63.extras.tar.bz2 479640 RMD160 3a0d946c2cf= 8e8c9846d5fc183677fcb76a37c94 SHA1 889dd8c36f1b241882b3c586431d96cbf19a6b= 55 SHA256 ff48e09197aa7e2bfbc40aab64f105b8f68fcb91b878f4c9bc685f49e5ee210= 6 +DIST hardened-patches-2.6.39-11.extras.tar.bz2 444223 RMD160 e33852e4b0e= 5344b903776170ad0b08f3ebdcacc SHA1 daf476bdbe68df038506d7eae2def0a3c955fa= 36 SHA256 c30764d016b5a99983903b219dddd72b7f939a69ad21eede634c1b2fb2cc7ae= 1 +DIST linux-2.6.32.tar.bz2 64424138 RMD160 b93742cbaf8174f2200d2dbef0d47a= 26c618039c SHA1 410b4fc818023bfef60064e973ff0ab46d3bfb19 SHA256 5099786d8= 0b8407d98a619df00209c2353517f22d804fdd9533b362adcb4504e +DIST linux-2.6.39.tar.bz2 76096559 RMD160 feddc516bc15e78f12f611ff184d38= baa4eac4ee SHA1 68518112821e55f4ac1df64f2e0e809cedfcc5ef SHA256 584d17f2a= 3ee18a9501d7ff36907639e538cfdba4529978b8550c461d45c61f6 +EBUILD hardened-sources-2.6.32-r60.ebuild 1758 RMD160 2e403a2c9d43ba3095= c248baeffbc912a4ecf74e SHA1 d3e5ad7d1374a0fbd8707681c5d6fe08ded06c02 SHA2= 56 379ddb184b002623050195beae3b6887dd364599d99076fe3dda12d1905686f4 +EBUILD hardened-sources-2.6.39-r10.ebuild 1756 RMD160 0ec7128f41fe65e4c9= 4f63551967ff551d7ffcd5 SHA1 42c0a6d03a8c9aa0e43acfe1e8939dffcc636163 SHA2= 56 913faa152ebbc27b7efced9d30ac1516a61f85d3b5b7001df046b1e25fb254bd MISC ChangeLog 1508 RMD160 60f5fac174eb4ae7f95ad7f6e93e804b2a0a153c SHA1= 42a9af7f472d8adceb6ef45631d2e111efc3053b SHA256 ddc82ff33a4af0f0ecf2fc03= 2e5a1de38a7520c40a403b1add01fd5f3d139f11 MISC metadata.xml 578 RMD160 7ea189a37d0f863ae9c52170bb85df27d21686fb SH= A1 4765c25d7770a69f7b9dda2b1accc8ff27b74ad0 SHA256 64140e091b51002a5355d8= fcfd351f2f39ed63da68af3a5751fc2058d0d03813 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (GNU/Linux) =20 -iEYEAREIAAYFAk49++gACgkQl5yvQNBFVTWO9QCZAQXTHXrBYqM2LhIq7cFMnODd -ErUAoJxAmuyCD/KtnjBCyiZshevKmwPK -=3DBEto +iEYEAREIAAYFAk4+q74ACgkQl5yvQNBFVTXbqACePAgeitZrVcFENEZUj9iYZqvU +JEAAoJGhhCVvDY4y3brFEfFandJqgHSi +=3DlIEI -----END PGP SIGNATURE----- diff --git a/sys-kernel/hardened-sources/hardened-sources-2.6.32-r60.ebui= ld b/sys-kernel/hardened-sources/hardened-sources-2.6.32-r60.ebuild new file mode 100644 index 0000000..e695da3 --- /dev/null +++ b/sys-kernel/hardened-sources/hardened-sources-2.6.32-r60.ebuild @@ -0,0 +1,48 @@ +# Copyright 1999-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/hardened-= sources-2.6.32-r59.ebuild,v 1.1 2011/08/07 02:38:26 blueness Exp $ + +EAPI=3D"4" + +ETYPE=3D"sources" +K_WANT_GENPATCHES=3D"base extras" +K_GENPATCHES_VER=3D"40" + +inherit kernel-2 +detect_version + +HGPV=3D"${KV_MAJOR}.${KV_MINOR}.${KV_PATCH}-63" +HGPV_URI=3D"http://dev.gentoo.org/~blueness/hardened-sources/hardened-pa= tches/hardened-patches-${HGPV}.extras.tar.bz2" +SRC_URI=3D"${KERNEL_URI} ${HGPV_URI} ${GENPATCHES_URI} ${ARCH_URI}" + +UNIPATCH_LIST=3D"${DISTDIR}/hardened-patches-${HGPV}.extras.tar.bz2" +UNIPATCH_EXCLUDE=3D"4200_fbcondecor-0.9.6.patch" + +DESCRIPTION=3D"Hardened kernel sources (kernel series ${KV_MAJOR}.${KV_M= INOR})" +HOMEPAGE=3D"http://www.gentoo.org/proj/en/hardened/" +IUSE=3D"" + +KEYWORDS=3D"~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86" + +pkg_postinst() { + kernel-2_pkg_postinst + + local GRADM_COMPAT=3D"sys-apps/gradm-2.2.2*" + + ewarn + ewarn "Hardened Gentoo provides three different predefined grsecurity l= evel:" + ewarn "[server], [workstation], and [virtualization]." + ewarn + ewarn "Those who intend to use one of these predefined grsecurity level= s" + ewarn "should read the help associated with the level. Users importing= a" + ewarn "kernel configuration from a kernel prior to ${PN}-2.6.32," + ewarn "should review their selected grsecurity/PaX options carefully." + ewarn + ewarn "Users of grsecurity's RBAC system must ensure they are using" + ewarn "${GRADM_COMPAT}, which is compatible with ${PF}." + ewarn "It is strongly recommended that the following command is issued" + ewarn "prior to booting a ${PF} kernel for the first time:" + ewarn + ewarn "emerge -na =3D${GRADM_COMPAT}" + ewarn +} diff --git a/sys-kernel/hardened-sources/hardened-sources-2.6.39-r10.ebui= ld b/sys-kernel/hardened-sources/hardened-sources-2.6.39-r10.ebuild new file mode 100644 index 0000000..8d1241e --- /dev/null +++ b/sys-kernel/hardened-sources/hardened-sources-2.6.39-r10.ebuild @@ -0,0 +1,48 @@ +# Copyright 1999-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/hardened-= sources-2.6.39-r9.ebuild,v 1.1 2011/08/07 02:41:37 blueness Exp $ + +EAPI=3D"4" + +ETYPE=3D"sources" +K_WANT_GENPATCHES=3D"base extras" +K_GENPATCHES_VER=3D"6" + +inherit kernel-2 +detect_version + +HGPV=3D"${KV_MAJOR}.${KV_MINOR}.${KV_PATCH}-11" +HGPV_URI=3D"http://dev.gentoo.org/~blueness/hardened-sources/hardened-pa= tches/hardened-patches-${HGPV}.extras.tar.bz2" +SRC_URI=3D"${KERNEL_URI} ${HGPV_URI} ${GENPATCHES_URI} ${ARCH_URI}" + +UNIPATCH_LIST=3D"${DISTDIR}/hardened-patches-${HGPV}.extras.tar.bz2" +UNIPATCH_EXCLUDE=3D"4200_fbcondecor-0.9.6.patch" + +DESCRIPTION=3D"Hardened kernel sources (kernel series ${KV_MAJOR}.${KV_M= INOR})" +HOMEPAGE=3D"http://www.gentoo.org/proj/en/hardened/" +IUSE=3D"" + +KEYWORDS=3D"~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86" + +pkg_postinst() { + kernel-2_pkg_postinst + + local GRADM_COMPAT=3D"sys-apps/gradm-2.2.2*" + + ewarn + ewarn "Hardened Gentoo provides three different predefined grsecurity l= evel:" + ewarn "[server], [workstation], and [virtualization]." + ewarn + ewarn "Those who intend to use one of these predefined grsecurity level= s" + ewarn "should read the help associated with the level. Users importing= a" + ewarn "kernel configuration from a kernel prior to ${PN}-2.6.32," + ewarn "should review their selected grsecurity/PaX options carefully." + ewarn + ewarn "Users of grsecurity's RBAC system must ensure they are using" + ewarn "${GRADM_COMPAT}, which is compatible with ${PF}." + ewarn "It is strongly recommended that the following command is issued" + ewarn "prior to booting a ${PF} kernel for the first time:" + ewarn + ewarn "emerge -na =3D${GRADM_COMPAT}" + ewarn +}