summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNed Ludd <solar@gentoo.org>2003-06-14 05:21:25 +0000
committerNed Ludd <solar@gentoo.org>2003-06-14 05:21:25 +0000
commit2da8a17380b5c74aba5b0f46665de454401416af (patch)
tree72ba0eff77198493e98a4d00c1199eb3fd812d71
parentAdded support for grsec learning device, and changed default permissions on /... (diff)
downloadgentoo-2-2da8a17380b5c74aba5b0f46665de454401416af.tar.gz
gentoo-2-2da8a17380b5c74aba5b0f46665de454401416af.tar.bz2
gentoo-2-2da8a17380b5c74aba5b0f46665de454401416af.zip
Added support for grsec learning device, and changed default permissions on /etc/grsec
-rw-r--r--sys-apps/gradm2/ChangeLog8
-rw-r--r--sys-apps/gradm2/Manifest4
-rw-r--r--sys-apps/gradm2/files/digest-gradm2-0.0_pre4-r11
-rw-r--r--sys-apps/gradm2/gradm2-0.0_pre4-r1.ebuild96
4 files changed, 106 insertions, 3 deletions
diff --git a/sys-apps/gradm2/ChangeLog b/sys-apps/gradm2/ChangeLog
index 849dbbb2982a..c363f558ff36 100644
--- a/sys-apps/gradm2/ChangeLog
+++ b/sys-apps/gradm2/ChangeLog
@@ -1,6 +1,12 @@
# ChangeLog for sys-apps/gradm2
# Copyright 2000-2003 Gentoo Technologies, Inc.; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sys-apps/gradm2/ChangeLog,v 1.2 2003/06/13 06:55:26 solar Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-apps/gradm2/ChangeLog,v 1.3 2003/06/14 05:20:44 solar Exp $
+
+*gradm2-0.0_pre4-r1 (14 Jun 2003)
+
+ 14 Jun 2003; <solar@gentoo.org> Manifest, gradm2-0.0_pre4-r1.ebuild:
+ Added support for grsec learning device, and changed default permissions on
+ /etc/grsec
*gradm2-0.0_pre4 (11 Jun 2003)
diff --git a/sys-apps/gradm2/Manifest b/sys-apps/gradm2/Manifest
index 3cca6a3faddb..7952caca8c77 100644
--- a/sys-apps/gradm2/Manifest
+++ b/sys-apps/gradm2/Manifest
@@ -1,5 +1,5 @@
-MD5 40f55c141c5d509312ba342a4963078a ChangeLog 440
+MD5 c6c0a2d27a91a7a094f5998848d9454f ChangeLog 638
MD5 930cc6a237632de4123673aa505f6abb gradm2-0.0_pre4.ebuild 2877
-MD5 2b0b1b9f12d0fc5754690c06eb01aa08 gradm2-0.0_pre4-r1.ebuild 2872
+MD5 784c6f8f8e01e44399a9549284e3c998 gradm2-0.0_pre4-r1.ebuild 2875
MD5 7432a8b46c6440cc44b8a527a4fdd6c4 files/digest-gradm2-0.0_pre4 65
MD5 7432a8b46c6440cc44b8a527a4fdd6c4 files/digest-gradm2-0.0_pre4-r1 65
diff --git a/sys-apps/gradm2/files/digest-gradm2-0.0_pre4-r1 b/sys-apps/gradm2/files/digest-gradm2-0.0_pre4-r1
new file mode 100644
index 000000000000..89bb4c6cc6ec
--- /dev/null
+++ b/sys-apps/gradm2/files/digest-gradm2-0.0_pre4-r1
@@ -0,0 +1 @@
+MD5 d26cfdf1d7c6d3d6403aa40194105606 gradm-2.0-pre4.tar.gz 32249
diff --git a/sys-apps/gradm2/gradm2-0.0_pre4-r1.ebuild b/sys-apps/gradm2/gradm2-0.0_pre4-r1.ebuild
new file mode 100644
index 000000000000..fa0d1e0a8a3b
--- /dev/null
+++ b/sys-apps/gradm2/gradm2-0.0_pre4-r1.ebuild
@@ -0,0 +1,96 @@
+# Copyright 1999-2003 Gentoo Technologies, Inc.
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-apps/gradm2/gradm2-0.0_pre4-r1.ebuild,v 1.1 2003/06/14 05:20:44 solar Exp $
+
+MY_PV=2.0-pre4
+
+MAINTAINER="solar@gentoo.org"
+DESCRIPTION="Administrative interface for grsecuritys2 access control lists"
+SRC_URI="http://www.grsecurity.net/gradm-${MY_PV}.tar.gz"
+HOMEPAGE="http://www.grsecurity.net/"
+LICENSE="GPL-2"
+KEYWORDS="~x86 ~sparc"
+SLOT="0"
+
+IUSE=""
+DEPEND="virtual/glibc
+ sys-devel/bison
+ sys-devel/flex
+ sys-apps/chpax"
+
+S="${WORKDIR}/${PN}"
+
+src_unpack() {
+ unpack ${A} || die "Cant unpack ${A}"
+ cd ${S}
+ mv Makefile{,.orig}
+ ebegin "Patching Makefile to use gentoo CFLAGS"
+ sed -e "s|-O2|${CFLAGS}|" Makefile.orig > Makefile
+ eend $?
+ ebegin "Patching manpage"
+ sed -e "s:gradm:gradm2:" -e "s:GRADM:GRADM2:" < gradm.8 > gradm2.8
+ eend $?
+ for f in Makefile acl gradm_defs.h grlearn.c; do
+ [ -f ${f} ] && {
+ ebegin "Patching ${f} to use /etc/grsec2"
+ sed -e "s:/etc/grsec:/etc/grsec2:" \
+ < ${f} > ${f}~ && cp ${f}~ ${f}
+ eend $?
+ }
+ done
+ # rm *~
+}
+
+src_compile() {
+ cd ${S}
+ emake CC="${CC}" || die "compile problem"
+}
+
+src_install() {
+ cd ${S}
+ # Were not ready for init.d,script functions yet.
+ #exeinto /etc/init.d
+ #newexe ${FILESDIR}/grsecurity2.rc grsecurity2
+ #insinto /etc/conf.d
+ #doins ${FILESDIR}/grsecurity2
+
+ mkdir -p -m 755 ${D}/dev/
+ mknod -m 0622 ${D}/dev/grsec c 1 10 || die "Cant mknod for grsec learning device"
+ mkdir -p -m 700 ${D}/etc/grsec2
+ doman gradm2.8
+ dodoc acl
+
+ into /
+ mv gradm{,2}
+ dosbin grlearn
+ dosbin gradm2
+
+ # Normal users can authenticate to special roles now and thus
+ # need execution permission on gradm2. We remove group,other readable bits
+ # to help ensure that our gradm2 binary is as protected from misbehaving users.
+ fperms 711 ${D}/sbin/gradm2
+}
+
+pkg_setup() {
+ if [ -e /usr/src/linux/grsecurity ]; then
+ [ ! -e /usr/src/linux/grsecurity/gracl_learn.c ] && {
+ ewarn "gradm2 was designed to be used with grsecurity2 but it looks like your using grsecurity1"
+ ewarn "we hope you know what your doing"
+ einfo "(hint try emerge sys-apps/gradm) If you need support for grsecurity 1.x"
+ echo
+ }
+ else
+ ewarn "Your going to need to a grsecurity2 enabled kernel to take advantage of the tool"
+ fi
+}
+
+pkg_postinst() {
+ [ ! -d /proc/sys/kernel/grsecurity ] && ewarn "This kernel does not seem to be a grsec enabled kernel (or we are in chroot install?)"
+ if [ ! -f /usr/src/linux/grsecurity/gracl_learn.c ]; then
+ ewarn "It does not seem that your are running a grsec2 enabled kernel"
+ einfo "(hint >=hardened-sources-2.4.20-r3) was the first kernel to include support"
+ else
+ einfo "Everything looks good and you seem to be using a grsec2 enabled kernel"
+ fi
+ einfo "Bugs can be reported to <${MAINTAINER}> using http://bugs.gentoo.org"
+}