Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/sys-kernel/hardened-sources
diff options
context:
space:
mode:
Diffstat (limited to 'sys-kernel/hardened-sources')
-rw-r--r--sys-kernel/hardened-sources/ChangeLog8
-rw-r--r--sys-kernel/hardened-sources/Manifest4
-rw-r--r--sys-kernel/hardened-sources/files/digest-hardened-sources-2.4.22-r12
-rw-r--r--sys-kernel/hardened-sources/hardened-sources-2.4.22-r1.ebuild68
4 files changed, 79 insertions, 3 deletions
diff --git a/sys-kernel/hardened-sources/ChangeLog b/sys-kernel/hardened-sources/ChangeLog
index a2458febf2d6..4da5b93c5d53 100644
--- a/sys-kernel/hardened-sources/ChangeLog
+++ b/sys-kernel/hardened-sources/ChangeLog
@@ -1,6 +1,12 @@
# ChangeLog for sys-kernel/hardened-sources
# Copyright 2000-2003 Gentoo Technologies, Inc.; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.15 2003/12/02 03:33:43 iggy Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.16 2003/12/02 07:11:23 iggy Exp $
+
+*hardened-sources-2.4.22-r1 (02 Dec 2003)
+
+ 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
+ hardened-sources-2.4.22-r1.ebuild:
+ version bump for do_brk vuln
01 Dec 2003; Brian Jackson <iggy@gentoo.org>
hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
diff --git a/sys-kernel/hardened-sources/Manifest b/sys-kernel/hardened-sources/Manifest
index a74c42ddb1d7..acc91384704c 100644
--- a/sys-kernel/hardened-sources/Manifest
+++ b/sys-kernel/hardened-sources/Manifest
@@ -2,8 +2,8 @@ MD5 e9c0aa77cea4cab0053913d6241e1a62 hardened-sources-2.4.20-r4.ebuild 2220
MD5 8cb999656e1d3b855adb13a56f9e1d61 hardened-sources-2.4.22.ebuild 2274
MD5 4e6ec0e040985b2bf3bd10c66e92eeda hardened-sources-2.4.20-r3.ebuild 2220
MD5 5bd722c8fee20760ec3f679e0edc0053 hardened-sources-2.4.21.ebuild 2480
-MD5 8cb999656e1d3b855adb13a56f9e1d61 hardened-sources-2.4.22-r1.ebuild 2274
-MD5 a357a534f1b1127470849e6d588422d7 ChangeLog 4758
+MD5 09d46798446b3eb0f40cf70a257027e3 hardened-sources-2.4.22-r1.ebuild 2277
+MD5 e0a059b2a3a1fa1fe92e77af50b913d7 ChangeLog 4917
MD5 724c01628b1dd03c8bfe196f0ae31368 metadata.xml 558
MD5 638b95442feba0a7c21a0088d4a65c14 hardened-sources-2.4.20-r2.ebuild 2302
MD5 e637c6fa41097ea2c4693d0766f2e1c5 files/do_brk_fix.patch 242
diff --git a/sys-kernel/hardened-sources/files/digest-hardened-sources-2.4.22-r1 b/sys-kernel/hardened-sources/files/digest-hardened-sources-2.4.22-r1
new file mode 100644
index 000000000000..ccfd14cb665f
--- /dev/null
+++ b/sys-kernel/hardened-sources/files/digest-hardened-sources-2.4.22-r1
@@ -0,0 +1,2 @@
+MD5 75dc85149b06ac9432106b8941eb9f7b linux-2.4.22.tar.bz2 29528612
+MD5 cb58e57bf9c2115eb71745761209df97 patches-2.4.22-hardened.tar.bz2 2592916
diff --git a/sys-kernel/hardened-sources/hardened-sources-2.4.22-r1.ebuild b/sys-kernel/hardened-sources/hardened-sources-2.4.22-r1.ebuild
new file mode 100644
index 000000000000..98e89bd0bb4e
--- /dev/null
+++ b/sys-kernel/hardened-sources/hardened-sources-2.4.22-r1.ebuild
@@ -0,0 +1,68 @@
+# Copyright 1999-2003 Gentoo Technologies, Inc.
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/hardened-sources-2.4.22-r1.ebuild,v 1.1 2003/12/02 07:11:23 iggy Exp $
+
+IUSE="build selinux"
+
+# OKV=original kernel version, KV=patched kernel version. They can be the same.
+
+ETYPE="sources"
+
+inherit kernel || die
+
+OKV=2.4.22
+EXTRAVERSION=-hardened
+KV=${OKV}${EXTRAVERSION}
+S=${WORKDIR}/linux-${KV}
+DESCRIPTION="Special Security Hardened Gentoo Linux Kernel"
+SRC_URI="http://www.kernel.org/pub/linux/kernel/v2.4/linux-${OKV}.tar.bz2
+ mirror://gentoo/patches-${KV}.tar.bz2"
+
+
+HOMEPAGE="http://www.kernel.org/ http://www.gentoo.org/proj/en/hardened/"
+KEYWORDS="~x86 ~ppc"
+SLOT="${KV}"
+
+src_unpack() {
+ unpack linux-${OKV}.tar.bz2 patches-${KV}.tar.bz2
+ mv linux-${OKV} linux-${KV} || die
+
+ cd ${KV}
+ # We can't use LSM/SELinux and GRSec in the same kernel. If USE=selinux, we will
+ # patch in LSM/SELinux and drop support for GRsec. Otherwise we will include GRSec.
+ if [ "`use selinux`" ]; then
+ einfo "Enabling SELinux support. This will drop GRSec2 support."
+ for file in *grsec*; do
+ einfo "Dropping ${file}.."
+ rm -f ${file}
+ done
+ else
+ einfo "Did not find \"selinux\" in use, building with GRSec2 support."
+ for file in *lsm* *selinux*; do
+ einfo "Dropping ${file}..."
+ rm -f ${file}
+ done
+ fi
+
+ epatch ${FILESDIR}/do_brk_fix.patch || die "failed to patch for do_brk vuln"
+
+ kernel_src_unpack
+}
+
+pkg_postinst() {
+ einfo "This kernel contains LSM/SElinux or GRSecurity, and Systrace"
+ einfo "Also included are various other performance and security related patches"
+ einfo "If you experience problems with this kernel please report them by"
+ einfo "assigning bugs on bugs.gentoo.org to frogger@gentoo.org"
+ if [ "`use selinux`" ]; then
+ einfo ""
+ einfo "Warning! This kernel contains the new SELinux API and currently"
+ einfo "does not support ReiserFS. If you need ReiserFS support, and are"
+ einfo "using SELinux, then do not use this kernel."
+ einfo ""
+ einfo "The new SELinux API contains many changes from the previous API,"
+ einfo "including new userspace utilities. Please see "
+ einfo "http://www.gentoo.org/proj/en/hardened/selinux for more info."
+ fi
+}
+