SPECS (LINUX_2_6): kernel.spec - added grsec-minimal patch with gr...

baggins baggins at pld-linux.org
Tue Aug 30 18:20:52 CEST 2005 

Author: baggins                      Date: Tue Aug 30 16:20:52 2005 GMT
Module: SPECS                         Tag: LINUX_2_6
---- Log message:
- added grsec-minimal patch with grsec_basic bcond,
  let /proc, link and fifo restrictions be always enabled

---- Files affected:
SPECS:
   kernel.spec (1.441.2.1172 -> 1.441.2.1173) 

---- Diffs:

================================================================
Index: SPECS/kernel.spec
diff -u SPECS/kernel.spec:1.441.2.1172 SPECS/kernel.spec:1.441.2.1173
--- SPECS/kernel.spec:1.441.2.1172	Tue Aug 30 00:25:22 2005
+++ SPECS/kernel.spec	Tue Aug 30 18:20:45 2005
@@ -10,6 +10,7 @@
 %bcond_without	source		# don't build kernel-source package
 %bcond_without	pcmcia		# don't build pcmcia
 %bcond_with	grsecurity	# enable grsecurity
+%bcond_without	grsec_basic	# enable basic grsecurity functionality (proc,link,fifo)
 %bcond_with	pax		# enable PaX (depends on grsecurity)
 %bcond_with	omosix		# enable openMosix (conflicts with grsecurity/vserver)
 %bcond_with	vserver		# enable vserver (conflicts with grsecurity/omosix)
@@ -105,7 +106,7 @@
 %define		_procps_ver		3.2.0
 %define		_oprofile_ver		0.5.3
 
-%define		_rel		0.1
+%define		_rel		0.2
 
 %define		_netfilter_snap		20050801
 
@@ -262,6 +263,7 @@
 # derived from http://www.spinics.net/lists/vfl/msg15217.html
 Patch145:       linux-2.6-cx88-blackbird.patch
 
+Patch199:	linux-2.6-grsec-minimal.patch
 # derived from http://www.grsecurity.net/grsecurity-2.1.5-2.6.11.7-200504111924.patch.gz
 Patch200:	grsecurity-2.1.5-2.6.11.7-200504111924.patch
 # http://openmosix.snarc.org/files/releases/2.6/
@@ -706,6 +708,8 @@
 echo Grsecurity not implemented
 ##patch200 -p1
 exit 1
+%else
+%{?with_grsec_basic:%patch199 -p1}
 %endif
 %if %{with omosix}
 %{__patch} -p1 -F3 < %{PATCH201}
@@ -851,6 +855,10 @@
 
 %if %{with grsecurity}
 	cat %{!?with_pax:%{SOURCE90}}%{?with_pax:%{SOURCE91}} >> arch/%{_target_base_arch}/defconfig
+%else
+%if %{with grsec_basic}
+	cat %{SOURCE90} >> arch/%{_target_base_arch}/defconfig
+%endif
 %endif
 %if %{with omosix}
 	cat %{SOURCE92} >> arch/%{_target_base_arch}/defconfig
@@ -1489,6 +1497,10 @@
 All persons listed below can be reached at <cvs_login>@pld-linux.org
 
 $Log$
+Revision 1.441.2.1173  2005/08/30 16:20:45  baggins
+- added grsec-minimal patch with grsec_basic bcond,
+  let /proc, link and fifo restrictions be always enabled
+
 Revision 1.441.2.1172  2005/08/29 22:25:22  arekm
 - fix grsec bcond (fail on it)
 
================================================================

---- CVS-web:
    http://cvs.pld-linux.org/SPECS/kernel.spec?r1=1.441.2.1172&r2=1.441.2.1173&f=u

More information about the pld-cvs-commit mailing list