Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/sys-kernel/hardened-sources
diff options
context:
space:
mode:
authorMatt Rickard <frogger@gentoo.org>2003-09-14 18:07:12 +0000
committerMatt Rickard <frogger@gentoo.org>2003-09-14 18:07:12 +0000
commit4a8a838e5ec0acc7aef89d849356a87175bb6a29 (patch)
tree7b413a76588bb391c02767ebabfe34912fa1e1a8 /sys-kernel/hardened-sources
parent2.4.21 based hardened-sources -- Thanks to Phil West. (diff)
downloadgentoo-2-4a8a838e5ec0acc7aef89d849356a87175bb6a29.tar.gz
gentoo-2-4a8a838e5ec0acc7aef89d849356a87175bb6a29.tar.bz2
gentoo-2-4a8a838e5ec0acc7aef89d849356a87175bb6a29.zip
2.4.21 based hardened-sources -- Thanks to Phil West.
Diffstat (limited to 'sys-kernel/hardened-sources')
-rw-r--r--sys-kernel/hardened-sources/ChangeLog15
-rw-r--r--sys-kernel/hardened-sources/Manifest5
-rw-r--r--sys-kernel/hardened-sources/files/digest-hardened-sources-2.4.212
-rw-r--r--sys-kernel/hardened-sources/hardened-sources-2.4.21.ebuild74
-rw-r--r--sys-kernel/hardened-sources/metadata.xml11
5 files changed, 103 insertions, 4 deletions
diff --git a/sys-kernel/hardened-sources/ChangeLog b/sys-kernel/hardened-sources/ChangeLog
index 2a8bea58b6ea..9243b3cafc04 100644
--- a/sys-kernel/hardened-sources/ChangeLog
+++ b/sys-kernel/hardened-sources/ChangeLog
@@ -1,7 +1,20 @@
# ChangeLog for sys-kernel/hardened-sources
# Copyright 2000-2003 Gentoo Technologies, Inc.; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.11 2003/06/17 03:15:50 frogger Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.12 2003/09/14 18:07:06 frogger Exp $
+*hardened-sources-2.4.21 (14 Sep 2003)
+
+ 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
+ Updated hardened-sources based on the 2.4.21 Linux kernel.
+ This includes updates to most major components such as:
+ -ck-base-0306300059
+ -selinux-2.4-2003071106
+ -grsecurity-2.0-rc1
+ -Updated IPTables patch-o-matic
+ -Updated SuperFreeS/WAN
+ Thanks to Phil West <pwest@computer.org> for his work in getting this
+ updated patch set ready for the 2.4.21 based kernel.
+
16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
Initial import of hardened-sources-2.4.20-r4. This revision
includes only a few changes, but one of these is an important
diff --git a/sys-kernel/hardened-sources/Manifest b/sys-kernel/hardened-sources/Manifest
index 369ad799cd8c..338c0f6b63b8 100644
--- a/sys-kernel/hardened-sources/Manifest
+++ b/sys-kernel/hardened-sources/Manifest
@@ -1,8 +1,7 @@
MD5 b5a1c56ff94472c026d1437a5f6662e6 hardened-sources-2.4.20-r4.ebuild 2145
MD5 1b321c5f39f11f56a77118555670747c hardened-sources-2.4.20-r3.ebuild 2145
-MD5 f78bf4a14b9023647cc6e807d43dbf70 .hardened-sources-2.4.21.ebuild.swp 12288
-MD5 097272e7227bcf5af8cdfa3ca6cb3c6a hardened-sources-2.4.21.ebuild 2407
-MD5 04212e8dbd27310243ae649f533d8a91 ChangeLog 3883
+MD5 8d8b5683212f6ef7e251bc6abb028266 hardened-sources-2.4.21.ebuild 2404
+MD5 1577bb7ff544068f7f3b77227057f697 ChangeLog 3883
MD5 724c01628b1dd03c8bfe196f0ae31368 metadata.xml 558
MD5 c7e011900c8c6ea5dc332d2f10c25733 hardened-sources-2.4.20-r2.ebuild 2227
MD5 e8b051baa93e07c4185474fb0e94e3af files/digest-hardened-sources-2.4.20-r2 147
diff --git a/sys-kernel/hardened-sources/files/digest-hardened-sources-2.4.21 b/sys-kernel/hardened-sources/files/digest-hardened-sources-2.4.21
new file mode 100644
index 000000000000..1079572c8892
--- /dev/null
+++ b/sys-kernel/hardened-sources/files/digest-hardened-sources-2.4.21
@@ -0,0 +1,2 @@
+MD5 f51e12efa18bb828cf57d9d4a81b2fb1 linux-2.4.21.tar.bz2 28533733
+MD5 59b255d4a72ed88ca801301b0bcce0e6 patches-2.4.21-hardened.tar.bz2 1751699
diff --git a/sys-kernel/hardened-sources/hardened-sources-2.4.21.ebuild b/sys-kernel/hardened-sources/hardened-sources-2.4.21.ebuild
new file mode 100644
index 000000000000..afea33f7bac5
--- /dev/null
+++ b/sys-kernel/hardened-sources/hardened-sources-2.4.21.ebuild
@@ -0,0 +1,74 @@
+# Copyright 1999-2003 Gentoo Technologies, Inc.
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/hardened-sources-2.4.21.ebuild,v 1.1 2003/09/14 18:07:06 frogger Exp $
+
+IUSE="build selinux"
+
+# OKV=original kernel version, KV=patched kernel version. They can be the same.
+
+ETYPE="sources"
+
+inherit kernel || die
+
+OKV=2.4.21
+EXTRAVERSION=-hardened
+KV=${OKV}${EXTRAVERSION}
+S=${WORKDIR}/linux-${KV}
+DESCRIPTION="Special Security Hardened Gentoo Linux Kernel"
+SRC_URI="http://www.kernel.org/pub/linux/kernel/v2.4/linux-${OKV}.tar.bz2
+ mirror://gentoo/patches-${KV}.tar.bz2"
+
+
+HOMEPAGE="http://www.kernel.org/ http://www.gentoo.org/proj/en/hardened/"
+KEYWORDS="~x86 ~ppc ~sparc"
+SLOT="${KV}"
+
+src_unpack() {
+ unpack linux-${OKV}.tar.bz2 patches-${KV}.tar.bz2
+ mv linux-${OKV} linux-${KV} || die
+
+ cd ${KV}
+ # We can't use LSM/SELinux and GRSec in the same kernel. If USE=selinux, we will
+ # patch in LSM/SELinux and drop support for GRsec. Otherwise we will include GRSec.
+ if [ "`use selinux`" ]; then
+ einfo "Enabling SELinux support. This will drop GRSec2 support."
+ for file in *grsec*; do
+ einfo "Dropping ${file}.."
+ rm -f ${file}
+ done
+ else
+ einfo "Did not find \"selinux\" in use, building with GRSec2 support."
+ for file in *lsm* *selinux*; do
+ einfo "Dropping ${file}..."
+ rm -f ${file}
+ done
+ fi
+
+ kernel_src_unpack
+}
+
+src_install() {
+ if [ "`use selinux`" ]; then
+ insinto /usr/flask
+ doins ${S}/security/selinux/flask/access_vectors
+ doins ${S}/security/selinux/flask/security_classes
+ doins ${S}/security/selinux/flask/initial_sids
+ insinto /usr/include/linux/flask
+ doins ${S}/security/selinux/include/linux/flask/*.h
+ insinto /usr/include/asm/flask
+ doins ${S}/security/selinux/include/asm/flask/uninstd.h
+ fi
+
+ kernel_src_install
+}
+
+pkg_postinst() {
+ einfo "This kernel contains LSM/SElinux or GRSecurity, and Systrace"
+ einfo "Also included are various other performance and security related patches"
+ einfo "If you experience problems with this kernel please report them by"
+ einfo "assigning bugs on bugs.gentoo.org to frogger@gentoo.org"
+ einfo ""
+ einfo "Please note that this kernel should be treated as highly experimental on"
+ einfo "non-x86 architectures such as PPC or sparc. If you are able to test"
+ einfo "on these platforms, feedback would be greatly appreciated."
+}
diff --git a/sys-kernel/hardened-sources/metadata.xml b/sys-kernel/hardened-sources/metadata.xml
new file mode 100644
index 000000000000..18b9126dfba0
--- /dev/null
+++ b/sys-kernel/hardened-sources/metadata.xml
@@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+<herd>hardened</herd>
+<maintainer>
+ <email>frogger@gentoo.org</email>
+ <name>Matthew Rickard</name>
+ <description>Primary Maintainer</description>
+</maintainer>
+<longdescription>This kernel source contains a security hardened version of the Gentoo Linux Kernel. It contains either LSM/SELinux or GRSecurity. It also contains Systrace and various other security and performance enhancing patches.</longdescription>
+</pkgmetadata>