diff options
| author |   Matt Rickard <frogger@gentoo.org> | 2003-09-14 18:07:12 +0000 |
|---|---|---|
| committer | Matt Rickard <frogger@gentoo.org> | 2003-09-14 18:07:12 +0000 |
| commit | 338fcd7015d9678470e0d6a35aa94f66c8cc6940 (patch) | |
| tree | 5ce86f12120bb1be2de18e1b10ed00e2d0554271 /sys-kernel/hardened-sources | |
| parent | 2.4.21 based hardened-sources -- Thanks to Phil West. (diff) | |
| download | historical-338fcd7015d9678470e0d6a35aa94f66c8cc6940.tar.gz historical-338fcd7015d9678470e0d6a35aa94f66c8cc6940.tar.bz2 historical-338fcd7015d9678470e0d6a35aa94f66c8cc6940.zip | |
2.4.21 based hardened-sources -- Thanks to Phil West.
Diffstat (limited to 'sys-kernel/hardened-sources')
4 files changed, 89 insertions, 3 deletions
diff --git a/sys-kernel/hardened-sources/Manifest b/sys-kernel/hardened-sources/Manifest index 369ad799cd8c..338c0f6b63b8 100644 --- a/sys-kernel/hardened-sources/Manifest +++ b/sys-kernel/hardened-sources/Manifest @@ -1,8 +1,7 @@ MD5 b5a1c56ff94472c026d1437a5f6662e6 hardened-sources-2.4.20-r4.ebuild 2145 MD5 1b321c5f39f11f56a77118555670747c hardened-sources-2.4.20-r3.ebuild 2145 -MD5 f78bf4a14b9023647cc6e807d43dbf70 .hardened-sources-2.4.21.ebuild.swp 12288 -MD5 097272e7227bcf5af8cdfa3ca6cb3c6a hardened-sources-2.4.21.ebuild 2407 -MD5 04212e8dbd27310243ae649f533d8a91 ChangeLog 3883 +MD5 8d8b5683212f6ef7e251bc6abb028266 hardened-sources-2.4.21.ebuild 2404 +MD5 1577bb7ff544068f7f3b77227057f697 ChangeLog 3883 MD5 724c01628b1dd03c8bfe196f0ae31368 metadata.xml 558 MD5 c7e011900c8c6ea5dc332d2f10c25733 hardened-sources-2.4.20-r2.ebuild 2227 MD5 e8b051baa93e07c4185474fb0e94e3af files/digest-hardened-sources-2.4.20-r2 147 diff --git a/sys-kernel/hardened-sources/files/digest-hardened-sources-2.4.21 b/sys-kernel/hardened-sources/files/digest-hardened-sources-2.4.21 new file mode 100644 index 000000000000..1079572c8892 --- /dev/null +++ b/sys-kernel/hardened-sources/files/digest-hardened-sources-2.4.21 @@ -0,0 +1,2 @@ +MD5 f51e12efa18bb828cf57d9d4a81b2fb1 linux-2.4.21.tar.bz2 28533733 +MD5 59b255d4a72ed88ca801301b0bcce0e6 patches-2.4.21-hardened.tar.bz2 1751699 diff --git a/sys-kernel/hardened-sources/hardened-sources-2.4.21.ebuild b/sys-kernel/hardened-sources/hardened-sources-2.4.21.ebuild new file mode 100644 index 000000000000..afea33f7bac5 --- /dev/null +++ b/sys-kernel/hardened-sources/hardened-sources-2.4.21.ebuild @@ -0,0 +1,74 @@ +# Copyright 1999-2003 Gentoo Technologies, Inc. +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/hardened-sources-2.4.21.ebuild,v 1.1 2003/09/14 18:07:06 frogger Exp $ + +IUSE="build selinux" + +# OKV=original kernel version, KV=patched kernel version. They can be the same. + +ETYPE="sources" + +inherit kernel || die + +OKV=2.4.21 +EXTRAVERSION=-hardened +KV=${OKV}${EXTRAVERSION} +S=${WORKDIR}/linux-${KV} +DESCRIPTION="Special Security Hardened Gentoo Linux Kernel" +SRC_URI="http://www.kernel.org/pub/linux/kernel/v2.4/linux-${OKV}.tar.bz2 + mirror://gentoo/patches-${KV}.tar.bz2" + + +HOMEPAGE="http://www.kernel.org/ http://www.gentoo.org/proj/en/hardened/" +KEYWORDS="~x86 ~ppc ~sparc" +SLOT="${KV}" + +src_unpack() { + unpack linux-${OKV}.tar.bz2 patches-${KV}.tar.bz2 + mv linux-${OKV} linux-${KV} || die + + cd ${KV} + # We can't use LSM/SELinux and GRSec in the same kernel. If USE=selinux, we will + # patch in LSM/SELinux and drop support for GRsec. Otherwise we will include GRSec. + if [ "`use selinux`" ]; then + einfo "Enabling SELinux support. This will drop GRSec2 support." + for file in *grsec*; do + einfo "Dropping ${file}.." + rm -f ${file} + done + else + einfo "Did not find \"selinux\" in use, building with GRSec2 support." + for file in *lsm* *selinux*; do + einfo "Dropping ${file}..." + rm -f ${file} + done + fi + + kernel_src_unpack +} + +src_install() { + if [ "`use selinux`" ]; then + insinto /usr/flask + doins ${S}/security/selinux/flask/access_vectors + doins ${S}/security/selinux/flask/security_classes + doins ${S}/security/selinux/flask/initial_sids + insinto /usr/include/linux/flask + doins ${S}/security/selinux/include/linux/flask/*.h + insinto /usr/include/asm/flask + doins ${S}/security/selinux/include/asm/flask/uninstd.h + fi + + kernel_src_install +} + +pkg_postinst() { + einfo "This kernel contains LSM/SElinux or GRSecurity, and Systrace" + einfo "Also included are various other performance and security related patches" + einfo "If you experience problems with this kernel please report them by" + einfo "assigning bugs on bugs.gentoo.org to frogger@gentoo.org" + einfo "" + einfo "Please note that this kernel should be treated as highly experimental on" + einfo "non-x86 architectures such as PPC or sparc. If you are able to test" + einfo "on these platforms, feedback would be greatly appreciated." +} diff --git a/sys-kernel/hardened-sources/metadata.xml b/sys-kernel/hardened-sources/metadata.xml new file mode 100644 index 000000000000..18b9126dfba0 --- /dev/null +++ b/sys-kernel/hardened-sources/metadata.xml @@ -0,0 +1,11 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<herd>hardened</herd> +<maintainer> + <email>frogger@gentoo.org</email> + <name>Matthew Rickard</name> + <description>Primary Maintainer</description> +</maintainer> +<longdescription>This kernel source contains a security hardened version of the Gentoo Linux Kernel. It contains either LSM/SELinux or GRSecurity. It also contains Systrace and various other security and performance enhancing patches.</longdescription> +</pkgmetadata> |