diff options
| author |   Joshua Brindle <method@gentoo.org> | 2003-05-17 02:33:38 +0000 |
|---|---|---|
| committer | Joshua Brindle <method@gentoo.org> | 2003-05-17 02:33:38 +0000 |
| commit | 92adeace76aab1230b9efbff9bf9630e950ad1dd (patch) | |
| tree | fe5f3ab104f338c5064f3bf31c5481f315c14424 /sys-apps/gradm | |
| parent | new better stronger faster gradm (diff) | |
| download | gentoo-2-92adeace76aab1230b9efbff9bf9630e950ad1dd.tar.gz gentoo-2-92adeace76aab1230b9efbff9bf9630e950ad1dd.tar.bz2 gentoo-2-92adeace76aab1230b9efbff9bf9630e950ad1dd.zip | |
new better stronger faster gradm
Diffstat (limited to 'sys-apps/gradm')
| -rw-r--r-- | sys-apps/gradm/ChangeLog | 9 | ||||
| -rw-r--r-- | sys-apps/gradm/Manifest | 6 | ||||
| -rw-r--r-- | sys-apps/gradm/files/digest-gradm-1.9.9h-r1 | 1 | ||||
| -rw-r--r-- | sys-apps/gradm/files/gradm_parse.c-1.9.9h.patch | 13 | ||||
| -rw-r--r-- | sys-apps/gradm/files/grsecurity | 21 | ||||
| -rw-r--r-- | sys-apps/gradm/files/grsecurity.rc | 2 | ||||
| -rw-r--r-- | sys-apps/gradm/gradm-1.9.9h-r1.ebuild | 43 |
7 files changed, 87 insertions, 8 deletions
diff --git a/sys-apps/gradm/ChangeLog b/sys-apps/gradm/ChangeLog index 30562fe3e644..4cc9e397b18d 100644 --- a/sys-apps/gradm/ChangeLog +++ b/sys-apps/gradm/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for sys-apps/gradm # Copyright 2002-2003 Gentoo Technologies, Inc.; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sys-apps/gradm/ChangeLog,v 1.17 2003/05/11 14:56:34 method Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-apps/gradm/ChangeLog,v 1.18 2003/05/17 02:33:34 method Exp $ + +*gradm-1.9.9h-r1 (16 May 2003) + + 16 May 2003; Joshua Brindle <method@gentoo.org> Manifest, + gradm-1.9.9h-r1.ebuild, files/grsecurity, files/grsecurity.rc: + Uses new method of installing ACL's ala sys-apps/grsecurity-base-policy + courtesy of solarx <solar@linbsd.net> *gradm-1.9.9h (11 May 2003) diff --git a/sys-apps/gradm/Manifest b/sys-apps/gradm/Manifest index a607af302abb..8e1cbcd582b8 100644 --- a/sys-apps/gradm/Manifest +++ b/sys-apps/gradm/Manifest @@ -1,11 +1,11 @@ MD5 532b41e0dd644dc74f01604807ab6791 gradm-1.5a.ebuild 1059 MD5 a06e3696bec1c4f6a6d0096dcc05f3cd gradm-1.9.9g.ebuild 1155 -MD5 f6193bc3ecfa93ddcad4c8d62097c99b gradm-1.9.9h-r1.ebuild 951 -MD5 2df76907e4fa9562d444bbb97e9f861f ChangeLog 1725 +MD5 3b3a771e0d6d0fb4eca5d1ab796ee6e7 gradm-1.9.9h-r1.ebuild 960 +MD5 aebb47c42fdd8f84e76be1b64fb8326d ChangeLog 1997 MD5 0b3845dfb6f51ba3dfdca7a36e793e3d gradm-1.9.9h.ebuild 1155 MD5 a83bd475e9c57d2ee01a6ea8503f3a5a gradm-1.6.ebuild 984 MD5 2e720d74ab505928c734da3a006579c9 gradm-1.7b.ebuild 983 -MD5 af8e21c58e1251636c5f4ca832612e80 files/grsecurity.rc 1637 +MD5 dd6f9b0f356971bf28701750b951524f files/grsecurity.rc 1646 MD5 19f513de16672643532b502ab8c12d46 files/gradm-1.6-chpax.c 7256 MD5 145c932638d6ed1903a8f9995a181643 files/grsecurity 1816 MD5 98f02df513a8f9f3dcb55c48780e60c5 files/digest-gradm-1.5a 61 diff --git a/sys-apps/gradm/files/digest-gradm-1.9.9h-r1 b/sys-apps/gradm/files/digest-gradm-1.9.9h-r1 new file mode 100644 index 000000000000..d6b226712487 --- /dev/null +++ b/sys-apps/gradm/files/digest-gradm-1.9.9h-r1 @@ -0,0 +1 @@ +MD5 7c5dce62271942dc932b2c08848d9163 gradm-1.9.9h.tar.gz 36878 diff --git a/sys-apps/gradm/files/gradm_parse.c-1.9.9h.patch b/sys-apps/gradm/files/gradm_parse.c-1.9.9h.patch new file mode 100644 index 000000000000..7281e7b6c248 --- /dev/null +++ b/sys-apps/gradm/files/gradm_parse.c-1.9.9h.patch @@ -0,0 +1,13 @@ +--- gradm_parse.c 2003-05-13 01:41:26.000000000 -0400 ++++ gradm_parse_gentoo.c 2003-05-13 01:51:17.000000000 -0400 +@@ -677,8 +677,8 @@ + n = scandir(dir, &namelist, 0, alphasort); + if (n >= 0) { + while (n--) { +- if (strcmp(namelist[n]->d_name, ".") +- && strcmp(namelist[n]->d_name, "..")) { ++ /* ignore files and directorys that start with . */ ++ if (namelist[n]->d_name[0] != '.') { + memset(&path, 0, sizeof (path)); + snprintf(path, PATH_MAX - 1, "%s/%s", + dir, namelist[n]->d_name); diff --git a/sys-apps/gradm/files/grsecurity b/sys-apps/gradm/files/grsecurity index 241d81db25d7..88858b57ba75 100644 --- a/sys-apps/gradm/files/grsecurity +++ b/sys-apps/gradm/files/grsecurity @@ -2,7 +2,7 @@ # # Files that we should remove PAGE_EXEC enforcement from -PAGE_EXEC_EXEMPT="/usr/X11R6/bin/XFree86 /usr/bin/wine" +PAGE_EXEC_EXEMPT="/usr/X11R6/bin/XFree86 /usr/lib/wine/bin/wine" # Files we should turn off trampoline emmulation for TRAMPOLINE_EXEMPT="" @@ -13,12 +13,17 @@ MPROTECT_EXEMPT="" # Files we should not randomize mmap for MMAP_EXEMPT="" -# Kernel options are: +# +# Check your running kernel for valid options. +# "sysctl -a | grep kernel.grsecurity. | cut -d '.' -f 3 | awk '{print $1}'" +# +# Some of the kernel options may be: # # allow_ptrace_group # alt_ipc_perms # altered_pings # audit_chdir +# audit_gid # audit_group # audit_ipc # audit_mount @@ -27,24 +32,33 @@ MMAP_EXEMPT="" # chroot_deny_chdir # chroot_deny_chmod # chroot_deny_chroot +# chroot_deny_fchdir # chroot_deny_mknod # chroot_deny_mount +# chroot_deny_pivot # chroot_deny_ptrace +# chroot_deny_shmat +# chroot_deny_sysctl +# chroot_deny_unix +# chroot_enforce_chdir # chroot_execlog +# chroot_findtask # chroot_restrict_nice # chroot_restrict_sigs # coredump # deny_phys_root -# deny_serial_root # deny_pseudo_root +# deny_serial_root # dmesg # exec_logging # execve_limiting # fifo_restrictions # fork_bomb_prot # forkfail_logging +# grsec_lock # linking_restrictions # rand_ip_ids +# rand_isns # rand_pids # rand_rpc # rand_tcp_src_ports @@ -62,6 +76,7 @@ MMAP_EXEMPT="" # tpe # tpe_glibc # tpe_restrict_all + ENABLED="" # Set when allow_ptrace_group is enabled diff --git a/sys-apps/gradm/files/grsecurity.rc b/sys-apps/gradm/files/grsecurity.rc index 1cb988ebe76f..0baee1e32644 100644 --- a/sys-apps/gradm/files/grsecurity.rc +++ b/sys-apps/gradm/files/grsecurity.rc @@ -1,7 +1,7 @@ #!/sbin/runscript # Copyright 1999-2003 Gentoo Technologies, Inc. # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-apps/gradm/files/grsecurity.rc,v 1.5 2003/02/14 23:25:43 vapier Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-apps/gradm/files/grsecurity.rc,v 1.6 2003/05/17 02:33:34 method Exp $ PROCDIR=/proc/sys/kernel/grsecurity diff --git a/sys-apps/gradm/gradm-1.9.9h-r1.ebuild b/sys-apps/gradm/gradm-1.9.9h-r1.ebuild new file mode 100644 index 000000000000..586a8e2f95ae --- /dev/null +++ b/sys-apps/gradm/gradm-1.9.9h-r1.ebuild @@ -0,0 +1,43 @@ +# Copyright 1999-2003 Gentoo Technologies, Inc. +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-apps/gradm/gradm-1.9.9h-r1.ebuild,v 1.1 2003/05/17 02:33:34 method Exp $ + +DESCRIPTION="Administrative interface for grsecuritys access control lists" +SRC_URI="http://www.grsecurity.net/${P}.tar.gz" +HOMEPAGE="http://www.grsecurity.net/" + +LICENSE="GPL-2" +KEYWORDS="~x86" +SLOT="0" + +IUSE="" +DEPEND="sys-devel/bison + sys-devel/flex" + +RDEPEND="sys-apps/chpax" + +S="${WORKDIR}/${PN}" + +src_unpack() { + unpack ${A} + cd ${S} + epatch ${FILESDIR}/gradm_parse.c-${PV}.patch + mv Makefile{,.orig} + sed -e "s|-O2|${CFLAGS}|" Makefile.orig > Makefile +} + +src_compile() { + emake CC="${CC}" || die "compile problem" +} + +src_install() { + doman gradm.8 + dodoc acl + exeinto /etc/init.d + newexe ${FILESDIR}/grsecurity.rc grsecurity + insinto /etc/conf.d + doins ${FILESDIR}/grsecurity + into / + dosbin gradm + fperms 700 /sbin/gradm +} |