mirror of
https://github.com/Ponce/slackbuilds
synced 2024-10-16 20:43:59 +02:00
system/gradm: Removed.
See https://grsecurity.net/passing_the_baton.php. Signed-off-by: Willy Sudiarto Raharjo <willysr@slackbuilds.org>
This commit is contained in:
parent
83f0cf33d7
commit
cfdd2ef604
5 changed files with 0 additions and 177 deletions
|
@ -1,9 +0,0 @@
|
|||
Gradm, the administration utility for the role-based access control
|
||||
system, is a powerful tool that parses your ACLs (Access Control Lists),
|
||||
performs the enforcement of a secure base policy, optimizes the ACLs,
|
||||
as well as handles parsing of the learning logs, merges them with your
|
||||
ACL set, and outputs the final ACLs.
|
||||
|
||||
Before you install gradm, boot into your patched grsecurity kernel.
|
||||
You can compile gradm in any kernel you wish, but the installation will
|
||||
fail if the kernel does not support grsecurity.
|
|
@ -1,16 +0,0 @@
|
|||
config() {
|
||||
NEW="$1"
|
||||
OLD="$(dirname $NEW)/$(basename $NEW .new)"
|
||||
# If there's no config file by that name, mv it over:
|
||||
if [ ! -r $OLD ]; then
|
||||
mv $NEW $OLD
|
||||
elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then
|
||||
# toss the redundant copy
|
||||
rm $NEW
|
||||
fi
|
||||
# Otherwise, we leave the .new copy for the admin to consider...
|
||||
}
|
||||
|
||||
config etc/grsec/learn_config.new
|
||||
config etc/grsec/policy.new
|
||||
|
|
@ -1,121 +0,0 @@
|
|||
#!/bin/sh
|
||||
|
||||
# Slackware build script for gradm
|
||||
|
||||
# Copyright 2013 pyllyukko
|
||||
# All rights reserved.
|
||||
#
|
||||
# Redistribution and use of this script, with or without modification, is
|
||||
# permitted provided that the following conditions are met:
|
||||
#
|
||||
# 1. Redistributions of this script must retain the above copyright
|
||||
# notice, this list of conditions and the following disclaimer.
|
||||
#
|
||||
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR "AS IS" AND ANY EXPRESS OR IMPLIED
|
||||
# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
|
||||
# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
|
||||
# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
|
||||
# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
|
||||
# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
|
||||
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
|
||||
# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
|
||||
# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
|
||||
PRGNAM=gradm
|
||||
VERSION=${VERSION:-3.1_201608131257}
|
||||
BUILD=${BUILD:-1}
|
||||
TAG=${TAG:-_SBo}
|
||||
|
||||
SRCVERSION=$(echo $VERSION | tr _ -)
|
||||
|
||||
if [ -z "$ARCH" ]; then
|
||||
case "$( uname -m )" in
|
||||
i?86) ARCH=i486 ;;
|
||||
arm*) ARCH=arm ;;
|
||||
*) ARCH=$( uname -m ) ;;
|
||||
esac
|
||||
fi
|
||||
|
||||
CWD=$(pwd)
|
||||
TMP=${TMP:-/tmp/SBo}
|
||||
PKG=$TMP/package-$PRGNAM
|
||||
OUTPUT=${OUTPUT:-/tmp}
|
||||
|
||||
if [ "$ARCH" = "i486" ]; then
|
||||
SLKCFLAGS="-O2 -march=i486 -mtune=i686"
|
||||
LIBDIRSUFFIX=""
|
||||
elif [ "$ARCH" = "i686" ]; then
|
||||
SLKCFLAGS="-O2 -march=i686 -mtune=i686"
|
||||
LIBDIRSUFFIX=""
|
||||
elif [ "$ARCH" = "x86_64" ]; then
|
||||
SLKCFLAGS="-O2 -fPIC"
|
||||
LIBDIRSUFFIX="64"
|
||||
else
|
||||
SLKCFLAGS="-O2"
|
||||
LIBDIRSUFFIX=""
|
||||
fi
|
||||
|
||||
set -e
|
||||
|
||||
rm -rf $PKG
|
||||
mkdir -p $TMP $PKG $OUTPUT
|
||||
cd $TMP
|
||||
rm -rf $PRGNAM
|
||||
|
||||
# The package can be verified with Bradley Spengler's PGP key (0x4245D46A)
|
||||
# If we have GnuPG installed, we try to verify the signature.
|
||||
if [ -x "/usr/bin/gpg" -a -x "/usr/bin/gpgv" ]
|
||||
then
|
||||
set +e
|
||||
# This will check if we have the correct key in our keyring.
|
||||
# For the trustedkeys.gpg, see "man 1 gpgv".
|
||||
/usr/bin/gpg --keyring trustedkeys.gpg --no-default-keyring --list-keys 0x4245D46A &>/dev/null
|
||||
GPG_RET=${?}
|
||||
# 2 means we don't have his key, 0 means we do.
|
||||
set -e
|
||||
# If we have the key and the signature file, we verify the package with GPG
|
||||
if [ ${GPG_RET} -eq 0 -a \
|
||||
-f "${CWD}/${PRGNAM}-${SRCVERSION}.tar.gz.sig" ]
|
||||
then
|
||||
/usr/bin/gpgv "${CWD}/${PRGNAM}-${SRCVERSION}.tar.gz.sig"
|
||||
fi
|
||||
fi
|
||||
|
||||
tar xvf $CWD/$PRGNAM-$SRCVERSION.tar.gz
|
||||
cd ${PRGNAM}
|
||||
chown -R root:root .
|
||||
find -L . \
|
||||
\( -perm 777 -o -perm 775 -o -perm 750 -o -perm 711 -o -perm 555 \
|
||||
-o -perm 511 \) -exec chmod 755 {} \; -o \
|
||||
\( -perm 666 -o -perm 664 -o -perm 640 -o -perm 600 -o -perm 444 \
|
||||
-o -perm 440 -o -perm 400 \) -exec chmod 644 {} \;
|
||||
|
||||
# change the mandir:
|
||||
sed -i -e 's:^\(MANDIR=/usr/share/man\)$:#\1:' -e 's:^#\(MANDIR=/usr/man\)$:\1:' Makefile
|
||||
|
||||
# don't link libfl:
|
||||
sed -i -e '/^LIBS :=/d' Makefile
|
||||
|
||||
make nopam
|
||||
make install DESTDIR=$PKG
|
||||
|
||||
mv -v ${PKG}/etc/grsec/learn_config ${PKG}/etc/grsec/learn_config.new
|
||||
mv -v ${PKG}/etc/grsec/policy ${PKG}/etc/grsec/policy.new
|
||||
|
||||
find $PKG -print0 | xargs -0 file | grep -e "executable" -e "shared object" | grep ELF \
|
||||
| cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true
|
||||
|
||||
find $PKG/usr/man -type f -exec gzip -9 {} \;
|
||||
for i in $( find $PKG/usr/man -type l ) ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done
|
||||
|
||||
mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION
|
||||
cp -a README $PKG/usr/doc/$PRGNAM-$VERSION
|
||||
cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild
|
||||
|
||||
mkdir -p $PKG/install
|
||||
cat $CWD/slack-desc > $PKG/install/slack-desc
|
||||
cat $CWD/doinst.sh > $PKG/install/doinst.sh
|
||||
|
||||
cd $PKG
|
||||
/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.${PKGTYPE:-tgz}
|
|
@ -1,12 +0,0 @@
|
|||
PRGNAM="gradm"
|
||||
VERSION="3.1_201608131257"
|
||||
HOMEPAGE="https://grsecurity.net/"
|
||||
DOWNLOAD="https://grsecurity.net/stable/gradm-3.1-201608131257.tar.gz \
|
||||
https://grsecurity.net/stable/gradm-3.1-201608131257.tar.gz.sig"
|
||||
MD5SUM="705522f3be4d5d191f4f393c5c45762d \
|
||||
c0c136cd501178b192611b836460ae9a"
|
||||
DOWNLOAD_x86_64=""
|
||||
MD5SUM_x86_64=""
|
||||
REQUIRES=""
|
||||
MAINTAINER="pyllyukko"
|
||||
EMAIL="pyllyukko AT maimed dot org"
|
|
@ -1,19 +0,0 @@
|
|||
# HOW TO EDIT THIS FILE:
|
||||
# The "handy ruler" below makes it easier to edit a package description.
|
||||
# Line up the first '|' above the ':' following the base package name, and
|
||||
# the '|' on the right side marks the last column you can put a character in.
|
||||
# You must make exactly 11 lines for the formatting to be correct. It's also
|
||||
# customary to leave one space after the ':' except on otherwise blank lines.
|
||||
|
||||
|-----handy-ruler------------------------------------------------------|
|
||||
gradm: gradm (Grsecurity Administration Utility)
|
||||
gradm:
|
||||
gradm: Gradm, the administration utility for the role-based access control
|
||||
gradm: system, is a powerful tool that parses your ACLs (Access Control
|
||||
gradm: Lists), performs the enforcement of a secure base policy, optimizes
|
||||
gradm: the ACLs, as well as handles parsing of the learning logs, merges
|
||||
gradm: them with your ACL set, and outputs the final ACLs.
|
||||
gradm:
|
||||
gradm: Before you install gradm, boot into your patched grsecurity kernel.
|
||||
gradm: You can compile gradm in any kernel you wish, but the installation
|
||||
gradm: will fail if the kernel does not support grsecurity.
|
Loading…
Reference in a new issue