KBrown/gentoo-overlay
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

sys-kernel/dappersec-sources: EAPI 7

Browse source
This commit is contained in:
Sandino Araico Sanchez 2022-07-23 21:50:07 -05:00
parent 681646d741
commit 04ca667d6d
4 changed files with 98 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

23
sys-kernel/dappersec-sources/ChangeLog Normal file
View file

@ -0,0 +1,23 @@
04 Oct 2019; Agostino Sarubbo <ago@gentoo.org>
-dappersec-sources-4.9.131.ebuild, -dappersec-sources-4.9.132.ebuild:
sys-kernel/dappersec-sources: Remove old
*dappersec-sources-4.9.135 (26 Oct 2018)
26 Oct 2018; <ago@gentoo.org> +dappersec-sources-4.9.135.ebuild:
sys-kernel/dappersec-sources: version bump to 4.9.135
*dappersec-sources-4.9.132 (15 Oct 2018)
15 Oct 2018; <ago@gentoo.org> +dappersec-sources-4.9.132.ebuild:
sys-kernel/dappersec-sources: version bump to 4.9.132
10 Oct 2018; <ago@gentoo.org> dappersec-sources-4.9.131.ebuild:
sys-kernel/dappersec-sources: fix HOMEPAGE/DESCRIPTION, add the ewarn about
the absence of Meltdown and Spectre fixes
*dappersec-sources-4.9.131 (10 Oct 2018)
10 Oct 2018; <ago@gentoo.org> +dappersec-sources-4.9.131.ebuild,
+metadata.xml:
sys-kernel/dappersec-sources: initial commit

5
sys-kernel/dappersec-sources/Manifest Normal file
View file

@ -0,0 +1,5 @@
DIST dappersec-sources-4.9.135.tar.xz 3758804 BLAKE2B d2e710150bb297afe3dd01cebb069c7068c009eec02ee6ab430d18858d2e5eec98e2ce4bf84d30971a19e19256ddfd8736741630a628d65a6d8edf16b9fde672 SHA512 3e70b610ac1bb1808c2e07fa3c33045090feeae6e396aa05ba6540779e3130b06a3fb68367243bfd9cfcce9ba003b4e597c143a579bdb4949766b3e730f25ad4
DIST linux-4.9.tar.xz 93192404 BLAKE2B 83ae310b17d47f1f18d6d28537c31e10f3e60458c5954c4611158ca99e71cc0da2e051272eabf27d5887df4a7cb4a5dd66ff993077c11d2221e92d300a0b48d7 SHA512 bf67ff812cc3cb7e5059e82cc5db0d9a7c5637f7ed9a42e4730c715bf7047c81ed3a571225f92a33ef0b6d65f35595bc32d773356646df2627da55e9bc7f1f1a
EBUILD dappersec-sources-4.9.135.ebuild 1998 BLAKE2B da2e8ac323e10f8f021ce56d87e098bcc73b2e176fe496a87ea0fae0a9322c799db896744c9f895a2d057406df3e950052c595851836fd25ca4187fd945c8bee SHA512 d7908f1d542bcb270df96758a84da964c6e793174661f28a3dd91239fabd953016d64196ae9bb7deb17326ae9fa8daaf2039f492b4b443f5492fbfdc4e215d2d
MISC ChangeLog 863 BLAKE2B ec36a63bffab458334968fb343ae64ef43f5a9a9b76b563f7979adc35f71e0cf2ee548e92022d1ee68db7d7a4185183d79ab4b41e748c42e88ca28ed8d6e43ff SHA512 dca3353677e6e20e59ce0ce867f5d8f8d53b97d78a4cd9a4d9b4f5e23eb33a65ed87ba2fc2314fd3fe97165cc59dc7d5d64c99ab819248a117ac54b3e9f69b11
MISC metadata.xml 767 BLAKE2B 624dca3aa73538025efef0d1464bf3df5a2a135fed9c91402bf205ac3f90f45e067bd2d41b759e2a401dd78ce529e715d784e386ddeabc5e2989588754a6bed2 SHA512 75816e8158a51fa142702f6d17dc5057b9fa61c77e6faea3b17d0ee0795e7fcc71ce7a80dfb549af3a0d3e54a68cbf351972d24b9090a015bfe3ecb941600e7e

51
sys-kernel/dappersec-sources/dappersec-sources-4.9.135.ebuild Normal file
View file

@ -0,0 +1,51 @@
# Copyright 1999-2020 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
# See https://blogs.gentoo.org/ago/2017/08/21/sys-kernel-grsecurity-sources-available
EAPI="7"
ETYPE="sources"
K_GENPATCHES_VER="not-empty" # Set to not-empty to avoid the useless download of patch-*.xz
inherit kernel-2
detect_version
detect_arch
GRSECURITY_URI="https://dev.gentoo.org/~ago/distfiles/${PN}/${PN}-${PV}.tar.xz"
SRC_URI="${KERNEL_URI} ${GRSECURITY_URI} ${ARCH_URI}"
UNIPATCH_LIST="${DISTDIR}/${PN}-${PV}.tar.xz"
DESCRIPTION="Dapper's version of the last public grsecurity patch plus Gentoo patchset"
HOMEPAGE="https://github.com/dapperlinux/dapper-secure-kernel-patchset-stable"
IUSE="deblob"
KEYWORDS="-* ~amd64"
RDEPEND=">=sys-devel/gcc-4.5"
pkg_postinst() {
kernel-2_pkg_postinst
local GRADM_COMPAT="sys-apps/gradm-3.1*"
ewarn
ewarn "Users of grsecurity's RBAC system must ensure they are using"
ewarn "${GRADM_COMPAT}, which is compatible with ${PF}."
ewarn "It is strongly recommended that the following command is issued"
ewarn "prior to booting a ${PF} kernel for the first time:"
ewarn
ewarn "emerge -na =${GRADM_COMPAT}"
ewarn
ewarn
ewarn "From: https://github.com/dapperlinux/dapper-secure-kernel-patchset-stable/releases :"
ewarn
ewarn "WARNING: Meltdown and Spectre fixes have been OMITTED from this patchset."
ewarn "Reptoline is also OMITTED. This patchset works with all other fixes included at this patchlevel."
ewarn "If you are not comfortable with being vulnerable to meltdown and spectre, then use an upstream kernel."
ewarn "If you are still using the 4.9.74 patchset or later, and still wish to get the latest fixes, then use this patchset."
ewarn "Meltdown and Spectre fixes are proving to be extremely difficult to get this patchset booting."
ewarn "There might be a small chance that they will be included in the future, and I will let you know."
ewarn "Until then, assume that it will be months / years / never."
ewarn
}

19
sys-kernel/dappersec-sources/metadata.xml Normal file
View file

@ -0,0 +1,19 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
<maintainer type="person">
<email>ago@gentoo.org</email>
<name>Agostino Sarubbo</name>
<description>Maintainer. Assign bugs to him</description>
</maintainer>
<upstream>
<remote-id type="github">dapperlinux/dapper-secure-kernel-patchset-stable</remote-id>
</upstream>
<longdescription>
dappersec-sources is based upon genpatches, and adds the grsecurity unofficial
patch from https://github.com/dapperlinux/dapper-secure-kernel-patchset-stable, which also includes PaX.
</longdescription>
<use>
<flag name="deblob">Remove binary blobs from kernel sources to provide libre license compliance.</flag>
</use>
</pkgmetadata>