KBrown/gentoo-overlay
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
gentoo-overlay/sys-kernel/dappersec-sources/dappersec-sources-4.9.135.ebuild

51 lines
2 KiB
Bash
Raw Permalink Blame History

# Copyright 1999-2020 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
# See https://blogs.gentoo.org/ago/2017/08/21/sys-kernel-grsecurity-sources-available
EAPI="8"
ETYPE="sources"
K_GENPATCHES_VER="not-empty" # Set to not-empty to avoid the useless download of patch-*.xz
inherit kernel-2
detect_version
detect_arch
GRSECURITY_URI="https://dev.gentoo.org/~ago/distfiles/${PN}/${PN}-${PV}.tar.xz"
SRC_URI="${KERNEL_URI} ${GRSECURITY_URI} ${ARCH_URI}"
UNIPATCH_LIST="${DISTDIR}/${PN}-${PV}.tar.xz"
DESCRIPTION="Dapper's version of the last public grsecurity patch plus Gentoo patchset"
HOMEPAGE="https://github.com/dapperlinux/dapper-secure-kernel-patchset-stable"
IUSE="deblob"
KEYWORDS="-* ~amd64"
RDEPEND=">=sys-devel/gcc-4.5"
pkg_postinst() {
kernel-2_pkg_postinst
local GRADM_COMPAT="sys-apps/gradm-3.1*"
ewarn
ewarn "Users of grsecurity's RBAC system must ensure they are using"
ewarn "${GRADM_COMPAT}, which is compatible with ${PF}."
ewarn "It is strongly recommended that the following command is issued"
ewarn "prior to booting a ${PF} kernel for the first time:"
ewarn
ewarn "emerge -na =${GRADM_COMPAT}"
ewarn
ewarn
ewarn "From: https://github.com/dapperlinux/dapper-secure-kernel-patchset-stable/releases :"
ewarn
ewarn "WARNING: Meltdown and Spectre fixes have been OMITTED from this patchset."
ewarn "Reptoline is also OMITTED. This patchset works with all other fixes included at this patchlevel."
ewarn "If you are not comfortable with being vulnerable to meltdown and spectre, then use an upstream kernel."
ewarn "If you are still using the 4.9.74 patchset or later, and still wish to get the latest fixes, then use this patchset."
ewarn "Meltdown and Spectre fixes are proving to be extremely difficult to get this patchset booting."
ewarn "There might be a small chance that they will be included in the future, and I will let you know."
ewarn "Until then, assume that it will be months / years / never."
ewarn
}
Reference in a new issue View git blame Copy permalink