Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/sys-kernel/hardened-sources/hardened-sources-2.4.20-r4.ebuild
blob: baea44af05e0a6b68340b2e93e1b20319a0f84f0 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70

# Copyright 1999-2003 Gentoo Technologies, Inc.
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/hardened-sources-2.4.20-r4.ebuild,v 1.4 2003/09/10 04:33:03 msterret Exp $

IUSE="build selinux"

# OKV=original kernel version, KV=patched kernel version.  They can be the same.

ETYPE="sources"

inherit kernel

OKV=2.4.20
EXTRAVERSION=-hardened-r4
KV=${OKV}${EXTRAVERSION}
S=${WORKDIR}/linux-${KV}
DESCRIPTION="Special Security Hardened Gentoo Linux Kernel"
SRC_URI="http://www.kernel.org/pub/linux/kernel/v2.4/linux-${OKV}.tar.bz2
	mirror://gentoo/patches-${KV}.tar.bz2"


HOMEPAGE="http://www.kernel.org/ http://www.gentoo.org/hardened/"
KEYWORDS="~x86"
SLOT="${KV}"

src_unpack() {
	unpack linux-${OKV}.tar.bz2 patches-${KV}.tar.bz2
	mv linux-${OKV} linux-${KV} || die

	cd ${KV}
	# We can't use LSM/SELinux and GRSec in the same kernel.  If USE=selinux, we will
	# patch in LSM/SELinux and drop support for GRsec.  Otherwise we will include GRSec.
	if [ "`use selinux`" ]; then
		einfo "Enabling SELinux support.  This will drop GRSec2 support."
		for file in *grsec*; do
			einfo "Dropping ${file}.."
			rm -f ${file}
		done
	else
		einfo "Did not find \"selinux\" in use, building with GRSec2 support."
		for file in *lsm* *selinux*; do
			einfo "Dropping ${file}..."
			rm -f ${file}
		done
	fi

	kernel_src_unpack
}

src_install() {
	if [ "`use selinux`" ]; then
		insinto /usr/flask
		doins ${S}/security/selinux/flask/access_vectors
		doins ${S}/security/selinux/flask/security_classes
		doins ${S}/security/selinux/flask/initial_sids
		insinto /usr/include/linux/flask
		doins ${S}/security/selinux/include/linux/flask/*.h
		insinto /usr/include/asm/flask
		doins ${S}/security/selinux/include/asm/flask/uninstd.h
	fi

	kernel_src_install
}

pkg_postinst() {
	einfo "This kernel contains LSM/SElinux or GRSecurity, and Systrace"
	einfo "Also included are various other performance and security related patches"
	einfo "If you experience problems with this kernel please report them by"
	einfo "assigning bugs on bugs.gentoo.org to frogger@gentoo.org"
}