diff options
author | Ned Ludd <solar@gentoo.org> | 2003-06-14 05:21:25 +0000 |
---|---|---|
committer | Ned Ludd <solar@gentoo.org> | 2003-06-14 05:21:25 +0000 |
commit | 2da8a17380b5c74aba5b0f46665de454401416af (patch) | |
tree | 72ba0eff77198493e98a4d00c1199eb3fd812d71 | |
parent | Added support for grsec learning device, and changed default permissions on /... (diff) | |
download | gentoo-2-2da8a17380b5c74aba5b0f46665de454401416af.tar.gz gentoo-2-2da8a17380b5c74aba5b0f46665de454401416af.tar.bz2 gentoo-2-2da8a17380b5c74aba5b0f46665de454401416af.zip |
Added support for grsec learning device, and changed default permissions on /etc/grsec
-rw-r--r-- | sys-apps/gradm2/ChangeLog | 8 | ||||
-rw-r--r-- | sys-apps/gradm2/Manifest | 4 | ||||
-rw-r--r-- | sys-apps/gradm2/files/digest-gradm2-0.0_pre4-r1 | 1 | ||||
-rw-r--r-- | sys-apps/gradm2/gradm2-0.0_pre4-r1.ebuild | 96 |
4 files changed, 106 insertions, 3 deletions
diff --git a/sys-apps/gradm2/ChangeLog b/sys-apps/gradm2/ChangeLog index 849dbbb2982a..c363f558ff36 100644 --- a/sys-apps/gradm2/ChangeLog +++ b/sys-apps/gradm2/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for sys-apps/gradm2 # Copyright 2000-2003 Gentoo Technologies, Inc.; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sys-apps/gradm2/ChangeLog,v 1.2 2003/06/13 06:55:26 solar Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-apps/gradm2/ChangeLog,v 1.3 2003/06/14 05:20:44 solar Exp $ + +*gradm2-0.0_pre4-r1 (14 Jun 2003) + + 14 Jun 2003; <solar@gentoo.org> Manifest, gradm2-0.0_pre4-r1.ebuild: + Added support for grsec learning device, and changed default permissions on + /etc/grsec *gradm2-0.0_pre4 (11 Jun 2003) diff --git a/sys-apps/gradm2/Manifest b/sys-apps/gradm2/Manifest index 3cca6a3faddb..7952caca8c77 100644 --- a/sys-apps/gradm2/Manifest +++ b/sys-apps/gradm2/Manifest @@ -1,5 +1,5 @@ -MD5 40f55c141c5d509312ba342a4963078a ChangeLog 440 +MD5 c6c0a2d27a91a7a094f5998848d9454f ChangeLog 638 MD5 930cc6a237632de4123673aa505f6abb gradm2-0.0_pre4.ebuild 2877 -MD5 2b0b1b9f12d0fc5754690c06eb01aa08 gradm2-0.0_pre4-r1.ebuild 2872 +MD5 784c6f8f8e01e44399a9549284e3c998 gradm2-0.0_pre4-r1.ebuild 2875 MD5 7432a8b46c6440cc44b8a527a4fdd6c4 files/digest-gradm2-0.0_pre4 65 MD5 7432a8b46c6440cc44b8a527a4fdd6c4 files/digest-gradm2-0.0_pre4-r1 65 diff --git a/sys-apps/gradm2/files/digest-gradm2-0.0_pre4-r1 b/sys-apps/gradm2/files/digest-gradm2-0.0_pre4-r1 new file mode 100644 index 000000000000..89bb4c6cc6ec --- /dev/null +++ b/sys-apps/gradm2/files/digest-gradm2-0.0_pre4-r1 @@ -0,0 +1 @@ +MD5 d26cfdf1d7c6d3d6403aa40194105606 gradm-2.0-pre4.tar.gz 32249 diff --git a/sys-apps/gradm2/gradm2-0.0_pre4-r1.ebuild b/sys-apps/gradm2/gradm2-0.0_pre4-r1.ebuild new file mode 100644 index 000000000000..fa0d1e0a8a3b --- /dev/null +++ b/sys-apps/gradm2/gradm2-0.0_pre4-r1.ebuild @@ -0,0 +1,96 @@ +# Copyright 1999-2003 Gentoo Technologies, Inc. +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-apps/gradm2/gradm2-0.0_pre4-r1.ebuild,v 1.1 2003/06/14 05:20:44 solar Exp $ + +MY_PV=2.0-pre4 + +MAINTAINER="solar@gentoo.org" +DESCRIPTION="Administrative interface for grsecuritys2 access control lists" +SRC_URI="http://www.grsecurity.net/gradm-${MY_PV}.tar.gz" +HOMEPAGE="http://www.grsecurity.net/" +LICENSE="GPL-2" +KEYWORDS="~x86 ~sparc" +SLOT="0" + +IUSE="" +DEPEND="virtual/glibc + sys-devel/bison + sys-devel/flex + sys-apps/chpax" + +S="${WORKDIR}/${PN}" + +src_unpack() { + unpack ${A} || die "Cant unpack ${A}" + cd ${S} + mv Makefile{,.orig} + ebegin "Patching Makefile to use gentoo CFLAGS" + sed -e "s|-O2|${CFLAGS}|" Makefile.orig > Makefile + eend $? + ebegin "Patching manpage" + sed -e "s:gradm:gradm2:" -e "s:GRADM:GRADM2:" < gradm.8 > gradm2.8 + eend $? + for f in Makefile acl gradm_defs.h grlearn.c; do + [ -f ${f} ] && { + ebegin "Patching ${f} to use /etc/grsec2" + sed -e "s:/etc/grsec:/etc/grsec2:" \ + < ${f} > ${f}~ && cp ${f}~ ${f} + eend $? + } + done + # rm *~ +} + +src_compile() { + cd ${S} + emake CC="${CC}" || die "compile problem" +} + +src_install() { + cd ${S} + # Were not ready for init.d,script functions yet. + #exeinto /etc/init.d + #newexe ${FILESDIR}/grsecurity2.rc grsecurity2 + #insinto /etc/conf.d + #doins ${FILESDIR}/grsecurity2 + + mkdir -p -m 755 ${D}/dev/ + mknod -m 0622 ${D}/dev/grsec c 1 10 || die "Cant mknod for grsec learning device" + mkdir -p -m 700 ${D}/etc/grsec2 + doman gradm2.8 + dodoc acl + + into / + mv gradm{,2} + dosbin grlearn + dosbin gradm2 + + # Normal users can authenticate to special roles now and thus + # need execution permission on gradm2. We remove group,other readable bits + # to help ensure that our gradm2 binary is as protected from misbehaving users. + fperms 711 ${D}/sbin/gradm2 +} + +pkg_setup() { + if [ -e /usr/src/linux/grsecurity ]; then + [ ! -e /usr/src/linux/grsecurity/gracl_learn.c ] && { + ewarn "gradm2 was designed to be used with grsecurity2 but it looks like your using grsecurity1" + ewarn "we hope you know what your doing" + einfo "(hint try emerge sys-apps/gradm) If you need support for grsecurity 1.x" + echo + } + else + ewarn "Your going to need to a grsecurity2 enabled kernel to take advantage of the tool" + fi +} + +pkg_postinst() { + [ ! -d /proc/sys/kernel/grsecurity ] && ewarn "This kernel does not seem to be a grsec enabled kernel (or we are in chroot install?)" + if [ ! -f /usr/src/linux/grsecurity/gracl_learn.c ]; then + ewarn "It does not seem that your are running a grsec2 enabled kernel" + einfo "(hint >=hardened-sources-2.4.20-r3) was the first kernel to include support" + else + einfo "Everything looks good and you seem to be using a grsec2 enabled kernel" + fi + einfo "Bugs can be reported to <${MAINTAINER}> using http://bugs.gentoo.org" +} |