summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNed Ludd <solar@gentoo.org>2004-01-20 09:33:44 +0000
committerNed Ludd <solar@gentoo.org>2004-01-20 09:33:44 +0000
commitcfe0e1fa8773d86f2c210d2be8e34ddc76dd59b5 (patch)
tree49102846645e7c0cb8f44d654d921c255c57192d
parentinitial commit, ebuild by robbat2@gentoo.org (Manifest recommit) (diff)
downloadgentoo-2-cfe0e1fa8773d86f2c210d2be8e34ddc76dd59b5.tar.gz
gentoo-2-cfe0e1fa8773d86f2c210d2be8e34ddc76dd59b5.tar.bz2
gentoo-2-cfe0e1fa8773d86f2c210d2be8e34ddc76dd59b5.zip
marking 0.6.1 stable on x86. Added a few more entrys to pageexec/segmexec exempt
-rw-r--r--sys-apps/chpax/ChangeLog8
-rw-r--r--sys-apps/chpax/chpax-0.6.1.ebuild4
-rw-r--r--sys-apps/chpax/files/pax-conf.d15
3 files changed, 19 insertions, 8 deletions
diff --git a/sys-apps/chpax/ChangeLog b/sys-apps/chpax/ChangeLog
index 35a05c90a9d0..c5ad4123f7b8 100644
--- a/sys-apps/chpax/ChangeLog
+++ b/sys-apps/chpax/ChangeLog
@@ -1,6 +1,10 @@
# ChangeLog for sys-apps/chpax
-# Copyright 2000-2003 Gentoo Technologies, Inc.; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sys-apps/chpax/ChangeLog,v 1.15 2004/01/02 08:43:29 solar Exp $
+# Copyright 2000-2004 Gentoo Technologies, Inc.; Distributed under the GPL v2
+# $Header: /var/cvsroot/gentoo-x86/sys-apps/chpax/ChangeLog,v 1.16 2004/01/20 09:33:44 solar Exp $
+
+ 20 Jan 2004; <solar@gentoo.org> chpax-0.6.1.ebuild, files/pax-conf.d:
+ marking 0.6.1 stable on x86. Added a few more entrys to pageexec/segmexec
+ exempt
*chpax-0.6.1 (02 Jan 2004)
diff --git a/sys-apps/chpax/chpax-0.6.1.ebuild b/sys-apps/chpax/chpax-0.6.1.ebuild
index 9af8968f948a..d6fc829b377c 100644
--- a/sys-apps/chpax/chpax-0.6.1.ebuild
+++ b/sys-apps/chpax/chpax-0.6.1.ebuild
@@ -1,6 +1,6 @@
# Copyright 1999-2004 Gentoo Technologies, Inc.
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-apps/chpax/chpax-0.6.1.ebuild,v 1.1 2004/01/02 08:43:29 solar Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-apps/chpax/chpax-0.6.1.ebuild,v 1.2 2004/01/20 09:33:44 solar Exp $
inherit flag-o-matic
@@ -8,7 +8,7 @@ DESCRIPTION="Manages various PaX related flags for ELF32, ELF64, and a.out binar
SRC_URI="mirror://chpax-${PV}.tar.bz2
http://dev.gentoo.org/~solar/pax/chpax/chpax-${PV}.tar.bz2"
HOMEPAGE="http://pax.grsecurity.net"
-KEYWORDS="~x86 ~amd64 ~sparc ~ppc ~hppa ~ia64 ~mips"
+KEYWORDS="x86 ~amd64 ~sparc ~ppc ~hppa ~ia64 ~mips"
LICENSE="public-domain"
SLOT="0"
diff --git a/sys-apps/chpax/files/pax-conf.d b/sys-apps/chpax/files/pax-conf.d
index 798d3dab675c..b269de2efd4a 100644
--- a/sys-apps/chpax/files/pax-conf.d
+++ b/sys-apps/chpax/files/pax-conf.d
@@ -1,5 +1,5 @@
####################################################################
-# Copyright 1999-2003 Gentoo Technologies, Inc. #
+# Copyright 1999-2004 Gentoo Technologies, Inc. #
# Distributed under the terms of the GNU General Public License v2 #
####################################################################
#
@@ -9,13 +9,20 @@
# m do not restrict mprotect()
# s do not enforce segmentation based non-executable pages
# x do not randomize ET_EXEC base [ELF only]
+# z zero flag mask
+
+JAVA=/opt/blackdown-jdk-*/jre/{java,java_vm,keytool,kinit,klist,ktab,orbd,policytool,rmid,rmiregistry,servertool,tnameserv}
+WINE=/usr/lib/wine/bin/wine/{wine,winebuild,wineclipsrv,winedump,winegcc,wineserver,winewrap}
+
+# most things that need pageexec need segmexec and or vice versa so we set both.
+PAGEEXEC_EXEMPT="/usr/X11R6/bin/XFree86 /usr/bin/xmms /usr/bin/mplayer /opt/OpenOffice*/program/soffice.bin \
+ /usr/bin/blender /usr/bin/gxine /usr/bin/totem /usr/bin/acme $JAVA $WINE"
-PAGEEXEC_EXEMPT="/usr/X11R6/bin/xinit /usr/X11R6/bin/XFree86 /opt/blackdown-jdk-*/jre/bin/[a-z]* /opt/blackdown-jdk-*/jre/[a-z]* /usr/bin/xmms /usr/bin/mplayer /usr/lib/wine/bin/wine /usr/bin/blender /usr/bin/gxine /usr/bin/totem /usr/bin/acme"
TRAMPOLINE_EXEMPT=""
MPROTECT_EXEMPT=""
RANDMMAP_EXEMPT=""
SEGMEXEC_EXEMPT="${PAGEEXEC_EXEMPT}"
-RANDEXEC_EXEMPT="/opt/blackdown-jdk-*/jre/bin/[a-z]* /opt/blackdown-jdk-*/jre/[a-z]*"
+RANDEXEC_EXEMPT="${JAVA}"
# when zero flag mask is set to "yes" it will remove all pax flags from all files on reboot/stop
-ZERO_FLAG_MASK=no
+ZERO_FLAG_MASK=yes