packages: kernel/kernel.spec, kernel/kernel-grsec-minimal.patch (REMOVED), ...
baggins
baggins at pld-linux.org
Sat Oct 23 15:02:22 CEST 2010
Author: baggins Date: Sat Oct 23 13:02:22 2010 GMT
Module: packages Tag: HEAD
---- Log message:
- killed grsec_minimal, and all that split, I and no one else don't care for it anymore
---- Files affected:
packages/kernel:
kernel.spec (1.846 -> 1.847) , kernel-grsec-minimal.patch (1.4 -> NONE) (REMOVED), kernel-grsec_minimal.config (1.2 -> NONE) (REMOVED)
---- Diffs:
================================================================
Index: packages/kernel/kernel.spec
diff -u packages/kernel/kernel.spec:1.846 packages/kernel/kernel.spec:1.847
--- packages/kernel/kernel.spec:1.846 Sat Oct 23 14:56:29 2010
+++ packages/kernel/kernel.spec Sat Oct 23 15:02:13 2010
@@ -3,8 +3,7 @@
# NOTE:
# the following bcond combos will not work
# - without_vserver and any of the following
-# - with_grsec_minimal
-# - with_grsec_full
+# - with_grsecurity
#
# LATEST VERSION CHECKER:
# # curl -s http://www.kernel.org/kdist/finger_banner
@@ -13,8 +12,6 @@
# - update aufs2 patch when final version for 2.6.36 exists
# - benchmark NO_HZ & HZ=1000 vs HZ=300 on i686
-# - update grsec_minimal patch1000:
-# fs/proc/base.c:1484: error: 'struct task_struct' has no member named 'uid'
#
# HOWTO update configuration files:
# - run build
@@ -32,8 +29,6 @@
%bcond_without reiser4 # support for reiser4 fs (experimental)
%bcond_without grsecurity # don't build grsecurity nor pax at all
-%bcond_without grsec_full # build full grsecurity
-%bcond_with grsec_minimal # build only minimal subset (proc,link,fifo,shm)
%bcond_with pax # build pax and full grsecurity (ie. grsec_full && pax)
%bcond_with fbcondecor # build fbcondecor (disable FB_TILEBLITTING and affected fb modules)
@@ -55,29 +50,14 @@
%{?debug:%define with_verbose 1}
%if %{without grsecurity}
-%unglobal with_grsec_full
-%unglobal with_grsec_minimal
%unglobal with_pax
%endif
%if %{with pax}
-%unglobal with_grsec_minimal
-%define with_grsec_full 1
%define with_grsecurity 1
%define with_pax 1
%endif
-%if %{with grsec_minimal}
-%unglobal with_pax
-%unglobal with_grsec_full
-%define with_grsecurity 1
-%endif
-
-%if %{with grsec_full}
-%unglobal with_grsec_minimal
-%define with_grsecurity 1
-%endif
-
%define have_drm 1
%define have_oss 1
%define have_sound 1
@@ -86,8 +66,6 @@
%if %{with rescuecd}
%unglobal with_tuxonice
%unglobal with_grsecurity
-%unglobal with_grsec_full
-%unglobal with_grsec_minimal
%unglobal with_pax
%unglobal with_vserver
%define have_drm 0
@@ -126,7 +104,7 @@
%endif
%else
%if %{without rescuecd}
-%define __alt_kernel %{?with_pax:pax}%{!?with_grsec_full:nogrsecurity}%{?with_pae:pae}
+%define __alt_kernel %{?with_pax:pax}%{!?with_grsecurity:nogrsecurity}%{?with_pae:pae}
%if "%{__alt_kernel}" != ""
%define alt_kernel %{__alt_kernel}
%endif
@@ -183,7 +161,6 @@
Source49: kernel-pax.config
Source50: kernel-no-pax.config
-Source51: kernel-grsec_minimal.config
Source55: kernel-imq.config
Source56: kernel-reiser4.config
Source57: kernel-wrr.config
@@ -307,8 +284,6 @@
# http://www.ssi.bg/~ja/routes-2.6.35-16.diff
Patch300: kernel-routes.patch
-Patch1000: kernel-grsec-minimal.patch
-
Patch2000: kernel-small_fixes.patch
Patch2001: kernel-pwc-uncompress.patch
Patch2003: kernel-regressions.patch
@@ -463,8 +438,7 @@
%define MakeOpts %{CrossOpts} HOSTCC="%{__cc}"
%define __features Netfilter module dated: %{netfilter_snap}\
-%{?with_grsec_full:Grsecurity support - enabled}\
-%{?with_grsec_minimal:Grsecurity minimal support /proc,link,fifo,shm/ - enabled}\
+%{?with_grsecurity:Grsecurity support - enabled}\
%{?with_pax:PaX support - enabled}\
%{?with_fbcondecor:Fbsplash/fbcondecor - enabled }\
%{?with_nfsroot:Root on NFS - enabled}\
@@ -813,14 +787,7 @@
# grsecurity & pax stuff
#
-# remember that we have the same config file for grsec_minimal and
-# grsec_full, but the patches are different.
-
%if %{with grsecurity}
-%if %{with grsec_minimal}
-%patch1000 -p1
-%else
-# grsec_full and/or pax
%patch9999 -p1
# aufs2 needs to modify those pointers
%patch147 -p1
@@ -904,7 +871,7 @@
# could use PAX_NO_ACL_FLAGS, but for testing the hooks setting will be used
# PAX_HOOK_ACL_FLAGS.
- %if %{with grsec_full}
+ %if %{with grsecurity}
# Hardening grsec options if with pax
CONFIG_GRKERNSEC_PROC_MEMMAP=y
# almost rational (see HIDESYM help)
@@ -1007,7 +974,7 @@
%endif
# Temporary disabled RELOCATABLE. Needed only on x86??
-%if %{with pax} || %{with grsec_full}
+%if %{with pax} || %{with grsecurity}
CONFIG_RELOCATABLE=n
%endif
EOCONFIG
@@ -1036,13 +1003,9 @@
%{SOURCE49} \
pax.config \
%else
- %if %{with grsec_full}
+ %if %{with grsecurity}
%{SOURCE45} \
%{SOURCE50} \
- %else
- %if %{with grsec_minimal}
- %{SOURCE51} \
- %endif
%endif
%endif
\
@@ -1577,6 +1540,9 @@
All persons listed below can be reached at <cvs_login>@pld-linux.org
$Log$
+Revision 1.847 2010/10/23 13:02:13 baggins
+- killed grsec_minimal, and all that split, I and no one else don't care for it anymore
+
Revision 1.846 2010/10/23 12:56:29 baggins
- removed commented out tahoe9xxx patch, no one cared to update it for years
================================================================
---- CVS-web:
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/kernel/kernel.spec?r1=1.846&r2=1.847&f=u
More information about the pld-cvs-commit
mailing list