SPECS (LINUX_2_6): kernel.spec - added grsec-minimal patch with gr...

[baggins]

Author: baggins                      Date: Tue Aug 30 16:20:52 2005 GMT
Module: SPECS                         Tag: LINUX_2_6
---- Log message:
- added grsec-minimal patch with grsec_basic bcond,
  let /proc, link and fifo restrictions be always enabled

---- Files affected:
SPECS:
   kernel.spec (1.441.2.1172 -> 1.441.2.1173) 

---- Diffs:

================================================================
Index: SPECS/kernel.spec
diff -u SPECS/kernel.spec:1.441.2.1172 SPECS/kernel.spec:1.441.2.1173
--- SPECS/kernel.spec:1.441.2.1172      Tue Aug 30 00:25:22 2005
+++ SPECS/kernel.spec   Tue Aug 30 18:20:45 2005
@@ -10,6 +10,7 @@
 %bcond_without source          # don't build kernel-source package
 %bcond_without pcmcia          # don't build pcmcia
 %bcond_with    grsecurity      # enable grsecurity
+%bcond_without grsec_basic     # enable basic grsecurity functionality 
(proc,link,fifo)
 %bcond_with    pax             # enable PaX (depends on grsecurity)
 %bcond_with    omosix          # enable openMosix (conflicts with 
grsecurity/vserver)
 %bcond_with    vserver         # enable vserver (conflicts with 
grsecurity/omosix)
@@ -105,7 +106,7 @@
 %define                _procps_ver             3.2.0
 %define                _oprofile_ver           0.5.3
 
-%define                _rel            0.1
+%define                _rel            0.2
 
 %define                _netfilter_snap         20050801
 
@@ -262,6 +263,7 @@
 # derived from http://www.spinics.net/lists/vfl/msg15217.html
 Patch145:       linux-2.6-cx88-blackbird.patch
 
+Patch199:      linux-2.6-grsec-minimal.patch
 # derived from 
http://www.grsecurity.net/grsecurity-2.1.5-2.6.11.7-200504111924.patch.gz
 Patch200:      grsecurity-2.1.5-2.6.11.7-200504111924.patch
 # http://openmosix.snarc.org/files/releases/2.6/
@@ -706,6 +708,8 @@
 echo Grsecurity not implemented
 ##patch200 -p1
 exit 1
+%else
+%{?with_grsec_basic:%patch199 -p1}
 %endif
 %if %{with omosix}
 %{__patch} -p1 -F3 < %{PATCH201}
@@ -851,6 +855,10 @@
 
 %if %{with grsecurity}
        cat %{!?with_pax:%{SOURCE90}}%{?with_pax:%{SOURCE91}} >> 
arch/%{_target_base_arch}/defconfig
+%else
+%if %{with grsec_basic}
+       cat %{SOURCE90} >> arch/%{_target_base_arch}/defconfig
+%endif
 %endif
 %if %{with omosix}
        cat %{SOURCE92} >> arch/%{_target_base_arch}/defconfig
@@ -1489,6 +1497,10 @@
 All persons listed below can be reached at <cvs_login>@pld-linux.org
 
 $Log$
+Revision 1.441.2.1173  2005/08/30 16:20:45  baggins
+- added grsec-minimal patch with grsec_basic bcond,
+  let /proc, link and fifo restrictions be always enabled
+
 Revision 1.441.2.1172  2005/08/29 22:25:22  arekm
 - fix grsec bcond (fail on it)
 
================================================================

---- CVS-web:
    
http://cvs.pld-linux.org/SPECS/kernel.spec?r1=1.441.2.1172&r2=1.441.2.1173&f=u

_______________________________________________
pld-cvs-commit mailing list
pld-cvs-commit@lists.pld-linux.org
http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit