106754 – hardened-sources-2.6.13-r1.ebuild (update)

Bug 106754 - hardened-sources-2.6.13-r1.ebuild (update)

Summary: hardened-sources-2.6.13-r1.ebuild (update)

Status:	RESOLVED INVALID

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	New packages (show other bugs)
Hardware:	All Linux

Importance:	High enhancement (vote)
Assignee:	The Gentoo Linux Hardened Team

URL:
Whiteboard:
Keywords:	EBUILD

Depends on:
Blocks:

Reported:	2005-09-20 22:25 UTC by Ron Kuris
Modified:	2005-11-26 09:43 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
sys-kernel/hardened-sources/hardened-sources-2.6.13-r1.ebuild (hardened-sources-2.6.13-r1.ebuild,834 bytes, text/plain) 2005-09-20 22:30 UTC, Ron Kuris	Details
hardened-patches-2.6.13 required patches to kernel (hardened-patches-2.6.13-1.extras.tar.bz2,265.11 KB, application/octet-stream) 2005-09-20 22:32 UTC, Ron Kuris	Details
sys-kernel/hardened-sources/files/digest-hardened-sources-2.6.13-r1 (digest-hardened-sources-2.6.13-r1,228 bytes, text/plain) 2005-09-20 22:37 UTC, Ron Kuris	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Ron Kuris 2005-09-20 22:25:50 UTC

Hi!

Please find attached hardened-sources and appropriate patches so that it will 
compile against 2.6.13.

Some patches from the previous version are now included in the kernel by
default, so this is actually a simpler build than 2.6.11-r15.

Reproducible: Always
Steps to Reproduce:
1.
2.
3.

Comment 1 Ron Kuris 2005-09-20 22:30:13 UTC

Created attachment 68910 [details]
sys-kernel/hardened-sources/hardened-sources-2.6.13-r1.ebuild

Comment 2 Ron Kuris 2005-09-20 22:32:28 UTC

Created attachment 68911 [details]
hardened-patches-2.6.13 required patches to kernel

Comment 3 Ron Kuris 2005-09-20 22:35:14 UTC

I haven't submitted ebuild scripts before, so please advise if you need the
generated Manifest files and such also.

Tested on x86_64 only; I don't have regular x86 hardware to test against but I
think it should work.

Comment 4 Ron Kuris 2005-09-20 22:37:45 UTC

Created attachment 68912 [details]
sys-kernel/hardened-sources/files/digest-hardened-sources-2.6.13-r1

Comment 5 Steve Yin 2005-10-12 10:50:54 UTC

OK, the ebuild had been there for 3 weeks, when will it be added to portage for
testing?

I have already tested hardened-sources-2.6.13 seems there is no problem.

Comment 6 petre rodan (RETIRED) gentoo-dev

2005-10-13 03:24:58 UTC

your patchset is missing one component of the
selinux-avc_audit-log-curr_ip-grsec.patch (4910_pax_curr_ip-fixes.patch), has an
outdated grsec patch, and brings two new patches: vesafb and speakup - I fail to
see what these would be needed for in an environment where the accent is on
security.

Comment 7 Ron Kuris 2005-10-13 06:05:09 UTC

vesafb and speakup were in the last portage-released kernel
(hardened-sources-2.6.11-r15).

I believe selinux-avc_audit-log-curr_ip-grsec.patch
(4910_pax_curr_ip-fixes.patch) is no longer required; I can double-check.

Certainly we can get an updated grsec patch.  This is the same one as in the
last portage-released kernel (hardened-sources-2.6.11-r15)

Why can't we release this kernel as ~x86 and ~amd64, and I'd be happy to follow
it up with -r2 which contains these changes?

Comment 8 Kevin F. Quinn (RETIRED) gentoo-dev

2005-10-13 07:11:06 UTC

Hmm; I don't get what's going on here.  There's already a
hardened-sources-2.6.13 in the tree (as of 16th September, 4 days before this
bug was opened) with a more recent grsec-2.1,7 patch pre-release from upstream
for 2.6.13.1.

What exactly are you trying to achieve with this bug?

Comment 9 Kevin F. Quinn (RETIRED) gentoo-dev

2005-11-26 09:43:50 UTC

Marking this bug 'INVALID' for want of a better resolution; now we're at 2.6.14
so this is all history.