commit: 6a45b5731e114b4d48e902eb96ff3664550e4a1f parent: a21c407052f0c13ec121034bc0ce41fd8e4ff284 Author: Haelwenn (lanodan) Monnier <contact@hacktivis.me> Date: Wed, 21 Feb 2018 23:39:35 +0100 sys-kernel/hardened-sources: Init (4.14.19)Diffstat:
A | sys-kernel/hardened-sources/Manifest | 3 | +++ |
A | sys-kernel/hardened-sources/hardened-sources-4.14.19.ebuild | 48 | ++++++++++++++++++++++++++++++++++++++++++++++++ |
A | sys-kernel/hardened-sources/metadata.xml | 11 | +++++++++++ |
3 files changed, 62 insertions(+), 0 deletions(-)
diff --git a/sys-kernel/hardened-sources/Manifest b/sys-kernel/hardened-sources/Manifest @@ -0,0 +1,3 @@ +DIST genpatches-4.14-24.base.tar.xz 574580 SHA256 8608f349f1aef671a72acb83e30af1570c1eefbf5b5deb57470dcc2f411e89ec SHA512 cbb921e7b8338380ff07b926c5c80ce1996136afb5d30f085e27c4ebd37780aba12dad6d043633089c47478e93539a1294fc1d109376d661d5966c00767b543a WHIRLPOOL 552b67b31289984bc3dc37c467bd835f739c36862fe58635a5ad09fdf3083105d2be9664239288eb5506da826ed64ff967b6d51765d1913e569a4e05434eb608 +DIST linux-4.14.tar.xz 100770500 SHA256 f81d59477e90a130857ce18dc02f4fbe5725854911db1e7ba770c7cd350f96a7 SHA512 77e43a02d766c3d73b7e25c4aafb2e931d6b16e870510c22cef0cdb05c3acb7952b8908ebad12b10ef982c6efbe286364b1544586e715cf38390e483927904d8 WHIRLPOOL fee10d54ecb210156aa55364ecc15867127819e9f7ff9ec5f6ef159b1013e2ae3d3a28d35c62d663886cbe826b996a1387671766093be002536309045a8e4d10 +DIST linux-hardened-4.14.19.a.patch 89900 SHA256 c0109b9231e65a7627581ff393fb3a740637fe2b924729f54ac24f53cdc4278a SHA512 0689878c8f1a6d07673d3b64f7a58c7710048a26f77e733dba608b2add9afebf113a22d8f0a10bbc5338416d4d1676eb371a57f3b16583c3e6b0cfbd9aeca895 WHIRLPOOL 7a853739d3ab4846c41bf87ab4105e725383fef95e3c73d41171a4f6cc447a98225ac348965f8c01440484bbfd2a43cee012581c557d53dfa3d4931c888e238c diff --git a/sys-kernel/hardened-sources/hardened-sources-4.14.19.ebuild b/sys-kernel/hardened-sources/hardened-sources-4.14.19.ebuild @@ -0,0 +1,48 @@ +# Copyright 1999-2018 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" + +ETYPE="sources" +K_WANT_GENPATCHES="base" +K_GENPATCHES_VER="24" + +inherit kernel-2 +detect_version +detect_arch + +HGPV="${KV_MAJOR}.${KV_MINOR}.${KV_PATCH}.a" +HGPV_URI="https://github.com/copperhead/linux-hardened/releases/download/${HGPV}/linux-hardened-${HGPV}.patch" +SRC_URI="${KERNEL_URI} ${HGPV_URI} ${GENPATCHES_URI} ${ARCH_URI}" + +UNIPATCH_LIST="${DISTDIR}/linux-hardened-${HGPV}.patch:1" +UNIPATCH_EXCLUDE=" + 1500_XATTR_USER_PREFIX.patch + 1510_fs-enable-link-security-restrictions-by-default.patch + 2300_enable-poweroff-on-Mac-Pro-11.patch + 2500_usb-storage-Disable-UAS-on-JMicron-SATA-enclosure.patch + 2600_enable-key-swapping-for-apple-mac.patch + 2900_dev-root-proc-mount-fix.patch" + +DESCRIPTION="CopperHead Linux-Hardened kernel sources (kernel series ${KV_MAJOR}.${KV_MINOR})" +HOMEPAGE="http://www.gentoo.org/proj/en/hardened/" +IUSE="" + +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" + +RDEPEND=">=sys-devel/gcc-4.5" + +pkg_postinst() { + kernel-2_pkg_postinst + + local GRADM_COMPAT="sys-apps/gradm-3.1*" + + ewarn + ewarn "Users of grsecurity's RBAC system must ensure they are using" + ewarn "${GRADM_COMPAT}, which is compatible with ${PF}." + ewarn "It is strongly recommended that the following command is issued" + ewarn "prior to booting a ${PF} kernel for the first time:" + ewarn + ewarn "emerge -na =${GRADM_COMPAT}" + ewarn +} diff --git a/sys-kernel/hardened-sources/metadata.xml b/sys-kernel/hardened-sources/metadata.xml @@ -0,0 +1,11 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<maintainer type="person"> + <email>contact@hacktivis.me</email> + <name>Haelwenn (lanodan) Monnier</name> +</maintainer> +<upstream> + <remote-id type="cpe">cpe:/o:linux:linux_kernel</remote-id> +</upstream> +</pkgmetadata>