diff options
author | Ned Ludd <solar@gentoo.org> | 2004-01-20 09:33:44 +0000 |
---|---|---|
committer | Ned Ludd <solar@gentoo.org> | 2004-01-20 09:33:44 +0000 |
commit | cfe0e1fa8773d86f2c210d2be8e34ddc76dd59b5 (patch) | |
tree | 49102846645e7c0cb8f44d654d921c255c57192d | |
parent | initial commit, ebuild by robbat2@gentoo.org (Manifest recommit) (diff) | |
download | gentoo-2-cfe0e1fa8773d86f2c210d2be8e34ddc76dd59b5.tar.gz gentoo-2-cfe0e1fa8773d86f2c210d2be8e34ddc76dd59b5.tar.bz2 gentoo-2-cfe0e1fa8773d86f2c210d2be8e34ddc76dd59b5.zip |
marking 0.6.1 stable on x86. Added a few more entrys to pageexec/segmexec exempt
-rw-r--r-- | sys-apps/chpax/ChangeLog | 8 | ||||
-rw-r--r-- | sys-apps/chpax/chpax-0.6.1.ebuild | 4 | ||||
-rw-r--r-- | sys-apps/chpax/files/pax-conf.d | 15 |
3 files changed, 19 insertions, 8 deletions
diff --git a/sys-apps/chpax/ChangeLog b/sys-apps/chpax/ChangeLog index 35a05c90a9d0..c5ad4123f7b8 100644 --- a/sys-apps/chpax/ChangeLog +++ b/sys-apps/chpax/ChangeLog @@ -1,6 +1,10 @@ # ChangeLog for sys-apps/chpax -# Copyright 2000-2003 Gentoo Technologies, Inc.; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sys-apps/chpax/ChangeLog,v 1.15 2004/01/02 08:43:29 solar Exp $ +# Copyright 2000-2004 Gentoo Technologies, Inc.; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/sys-apps/chpax/ChangeLog,v 1.16 2004/01/20 09:33:44 solar Exp $ + + 20 Jan 2004; <solar@gentoo.org> chpax-0.6.1.ebuild, files/pax-conf.d: + marking 0.6.1 stable on x86. Added a few more entrys to pageexec/segmexec + exempt *chpax-0.6.1 (02 Jan 2004) diff --git a/sys-apps/chpax/chpax-0.6.1.ebuild b/sys-apps/chpax/chpax-0.6.1.ebuild index 9af8968f948a..d6fc829b377c 100644 --- a/sys-apps/chpax/chpax-0.6.1.ebuild +++ b/sys-apps/chpax/chpax-0.6.1.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2004 Gentoo Technologies, Inc. # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-apps/chpax/chpax-0.6.1.ebuild,v 1.1 2004/01/02 08:43:29 solar Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-apps/chpax/chpax-0.6.1.ebuild,v 1.2 2004/01/20 09:33:44 solar Exp $ inherit flag-o-matic @@ -8,7 +8,7 @@ DESCRIPTION="Manages various PaX related flags for ELF32, ELF64, and a.out binar SRC_URI="mirror://chpax-${PV}.tar.bz2 http://dev.gentoo.org/~solar/pax/chpax/chpax-${PV}.tar.bz2" HOMEPAGE="http://pax.grsecurity.net" -KEYWORDS="~x86 ~amd64 ~sparc ~ppc ~hppa ~ia64 ~mips" +KEYWORDS="x86 ~amd64 ~sparc ~ppc ~hppa ~ia64 ~mips" LICENSE="public-domain" SLOT="0" diff --git a/sys-apps/chpax/files/pax-conf.d b/sys-apps/chpax/files/pax-conf.d index 798d3dab675c..b269de2efd4a 100644 --- a/sys-apps/chpax/files/pax-conf.d +++ b/sys-apps/chpax/files/pax-conf.d @@ -1,5 +1,5 @@ #################################################################### -# Copyright 1999-2003 Gentoo Technologies, Inc. # +# Copyright 1999-2004 Gentoo Technologies, Inc. # # Distributed under the terms of the GNU General Public License v2 # #################################################################### # @@ -9,13 +9,20 @@ # m do not restrict mprotect() # s do not enforce segmentation based non-executable pages # x do not randomize ET_EXEC base [ELF only] +# z zero flag mask + +JAVA=/opt/blackdown-jdk-*/jre/{java,java_vm,keytool,kinit,klist,ktab,orbd,policytool,rmid,rmiregistry,servertool,tnameserv} +WINE=/usr/lib/wine/bin/wine/{wine,winebuild,wineclipsrv,winedump,winegcc,wineserver,winewrap} + +# most things that need pageexec need segmexec and or vice versa so we set both. +PAGEEXEC_EXEMPT="/usr/X11R6/bin/XFree86 /usr/bin/xmms /usr/bin/mplayer /opt/OpenOffice*/program/soffice.bin \ + /usr/bin/blender /usr/bin/gxine /usr/bin/totem /usr/bin/acme $JAVA $WINE" -PAGEEXEC_EXEMPT="/usr/X11R6/bin/xinit /usr/X11R6/bin/XFree86 /opt/blackdown-jdk-*/jre/bin/[a-z]* /opt/blackdown-jdk-*/jre/[a-z]* /usr/bin/xmms /usr/bin/mplayer /usr/lib/wine/bin/wine /usr/bin/blender /usr/bin/gxine /usr/bin/totem /usr/bin/acme" TRAMPOLINE_EXEMPT="" MPROTECT_EXEMPT="" RANDMMAP_EXEMPT="" SEGMEXEC_EXEMPT="${PAGEEXEC_EXEMPT}" -RANDEXEC_EXEMPT="/opt/blackdown-jdk-*/jre/bin/[a-z]* /opt/blackdown-jdk-*/jre/[a-z]*" +RANDEXEC_EXEMPT="${JAVA}" # when zero flag mask is set to "yes" it will remove all pax flags from all files on reboot/stop -ZERO_FLAG_MASK=no +ZERO_FLAG_MASK=yes |