summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNed Ludd <solar@gentoo.org>2003-06-16 18:37:12 +0000
committerNed Ludd <solar@gentoo.org>2003-06-16 18:37:12 +0000
commit53db29c6a31d1e03d1c009f835d5871a9e18a294 (patch)
tree4947939a25d2ce80fe1ccff575b439caa9298921 /sys-apps/gradm
parentversion bump, removed old versions of gradm from portage and old chpax stuff ... (diff)
downloadhistorical-53db29c6a31d1e03d1c009f835d5871a9e18a294.tar.gz
historical-53db29c6a31d1e03d1c009f835d5871a9e18a294.tar.bz2
historical-53db29c6a31d1e03d1c009f835d5871a9e18a294.zip
version bump, removed old versions of gradm from portage and old chpax stuff in files, started the proccess of unmasking gradm for other arches added ~ppc ~sparc as these are known to work
Diffstat (limited to 'sys-apps/gradm')
-rw-r--r--sys-apps/gradm/Manifest6
-rw-r--r--sys-apps/gradm/files/digest-gradm-1.5a1
-rw-r--r--sys-apps/gradm/files/digest-gradm-1.61
-rw-r--r--sys-apps/gradm/files/digest-gradm-1.7b1
-rw-r--r--sys-apps/gradm/files/digest-gradm-1.9.101
-rw-r--r--sys-apps/gradm/files/digest-gradm-1.9.9g1
-rw-r--r--sys-apps/gradm/files/digest-gradm-1.9.9h1
-rw-r--r--sys-apps/gradm/files/gradm-1.5a-chpax.c244
-rw-r--r--sys-apps/gradm/files/gradm-1.6-chpax.c335
-rw-r--r--sys-apps/gradm/files/gradm-1.7b-chpax.c335
-rw-r--r--sys-apps/gradm/files/gradm-chpax.c335
-rw-r--r--sys-apps/gradm/files/gradm_parse.c-1.9.x.patch13
-rw-r--r--sys-apps/gradm/files/grsecurity3
-rw-r--r--sys-apps/gradm/files/grsecurity.rc38
-rw-r--r--sys-apps/gradm/gradm-1.5a.ebuild47
-rw-r--r--sys-apps/gradm/gradm-1.6.ebuild45
-rw-r--r--sys-apps/gradm/gradm-1.9.10.ebuild (renamed from sys-apps/gradm/gradm-1.7b.ebuild)22
-rw-r--r--sys-apps/gradm/gradm-1.9.9g.ebuild48
-rw-r--r--sys-apps/gradm/gradm-1.9.9h.ebuild48
19 files changed, 47 insertions, 1478 deletions
diff --git a/sys-apps/gradm/Manifest b/sys-apps/gradm/Manifest
index 7ed57329079c..a3ea17471676 100644
--- a/sys-apps/gradm/Manifest
+++ b/sys-apps/gradm/Manifest
@@ -1,9 +1,9 @@
-MD5 0e02116fa7c6eddb4dd89316bedc4370 ChangeLog 2544
+MD5 6b65f7124006a2ef31d83f0b7798902e ChangeLog 2543
MD5 3b3a771e0d6d0fb4eca5d1ab796ee6e7 gradm-1.9.9h-r1.ebuild 960
-MD5 0b1b31815330df9668182987a8b3bc43 gradm-1.9.10.ebuild 886
+MD5 06e2066b7db002613dcfd566bf15dd62 gradm-1.9.10.ebuild 982
MD5 9ed10401445937522700f59bc6bccdd2 files/digest-gradm-1.9.9h-r1 63
MD5 a6053e16d27a5e0fc626bc0a7b7356fa files/digest-gradm-1.9.10 63
MD5 c2618fc7963e008681dfd08db6886058 files/gradm_parse.c-1.9.x.patch 524
MD5 c2618fc7963e008681dfd08db6886058 files/gradm_parse.c-1.9.9h.patch 524
MD5 407eeba68c4cd90a492624f3be3f6367 files/grsecurity 1922
-MD5 94b109252d3730ee36cd751ae128738a files/grsecurity.rc 1742
+MD5 747a58a4e9af5abd23b672e8cf417c08 files/grsecurity.rc 1741
diff --git a/sys-apps/gradm/files/digest-gradm-1.5a b/sys-apps/gradm/files/digest-gradm-1.5a
deleted file mode 100644
index 251d7c6f7f18..000000000000
--- a/sys-apps/gradm/files/digest-gradm-1.5a
+++ /dev/null
@@ -1 +0,0 @@
-MD5 fe58cba7cacdee4c0329914235d4e4ab gradm-1.5a.tar.gz 26954
diff --git a/sys-apps/gradm/files/digest-gradm-1.6 b/sys-apps/gradm/files/digest-gradm-1.6
deleted file mode 100644
index d5911cc297de..000000000000
--- a/sys-apps/gradm/files/digest-gradm-1.6
+++ /dev/null
@@ -1 +0,0 @@
-MD5 7f1eacca4c0be8a1e5c088a38c249d32 gradm-1.6.tar.gz 29934
diff --git a/sys-apps/gradm/files/digest-gradm-1.7b b/sys-apps/gradm/files/digest-gradm-1.7b
deleted file mode 100644
index 2ffc54039d04..000000000000
--- a/sys-apps/gradm/files/digest-gradm-1.7b
+++ /dev/null
@@ -1 +0,0 @@
-MD5 31d6516a43128fdcfcb977f4e9d461c2 gradm-1.7b.tar.gz 30844
diff --git a/sys-apps/gradm/files/digest-gradm-1.9.10 b/sys-apps/gradm/files/digest-gradm-1.9.10
new file mode 100644
index 000000000000..020c9e354be4
--- /dev/null
+++ b/sys-apps/gradm/files/digest-gradm-1.9.10
@@ -0,0 +1 @@
+MD5 cec67e20d3c7780854318e8ed1945334 gradm-1.9.10.tar.gz 37945
diff --git a/sys-apps/gradm/files/digest-gradm-1.9.9g b/sys-apps/gradm/files/digest-gradm-1.9.9g
deleted file mode 100644
index b16017ee8f51..000000000000
--- a/sys-apps/gradm/files/digest-gradm-1.9.9g
+++ /dev/null
@@ -1 +0,0 @@
-MD5 abbe738ad06dae1100c4a984cf9b8702 gradm-1.9.9g.tar.gz 36727
diff --git a/sys-apps/gradm/files/digest-gradm-1.9.9h b/sys-apps/gradm/files/digest-gradm-1.9.9h
deleted file mode 100644
index d6b226712487..000000000000
--- a/sys-apps/gradm/files/digest-gradm-1.9.9h
+++ /dev/null
@@ -1 +0,0 @@
-MD5 7c5dce62271942dc932b2c08848d9163 gradm-1.9.9h.tar.gz 36878
diff --git a/sys-apps/gradm/files/gradm-1.5a-chpax.c b/sys-apps/gradm/files/gradm-1.5a-chpax.c
deleted file mode 100644
index d5482d1c895c..000000000000
--- a/sys-apps/gradm/files/gradm-1.5a-chpax.c
+++ /dev/null
@@ -1,244 +0,0 @@
-/*
- * This program manages various PaX related flags for ELF and a.out binaries.
- * The flags only have effect when running the patched Linux kernel.
- *
- * Written by Solar Designer and placed in the public domain.
- *
- * Adapted to PaX by the PaX Team.
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <sys/types.h>
-#include <fcntl.h>
-#include <unistd.h>
-#include <linux/elf.h>
-#include <linux/a.out.h>
-
-#define HF_PAX_PAGEEXEC 1 /* 0: Paging based non-executable pages */
-#define HF_PAX_EMUTRAMP 2 /* 0: Emulate trampolines */
-#define HF_PAX_MPROTECT 4 /* 0: Restrict mprotect() */
-#define HF_PAX_RANDMMAP 8 /* 0: Randomize mmap() base */
-#define HF_PAX_RANDEXEC 16 /* 1: Randomize ET_EXEC base */
-#define HF_PAX_SEGMEXEC 32 /* 0: Segmentation based non-executable pages */
-
-static struct elf32_hdr header_elf;
-static struct exec header_aout;
-static void *header;
-static int header_size;
-static int fd;
-
-static unsigned long (*get_flags)();
-static void (*put_flags)(unsigned long);
-
-static unsigned long get_flags_elf()
-{
- return header_elf.e_flags;
-}
-
-static void put_flags_elf(unsigned long flags)
-{
- header_elf.e_flags = flags;
-}
-
-static unsigned long get_flags_aout()
-{
- return N_FLAGS(header_aout);
-}
-
-static void put_flags_aout(unsigned long flags)
-{
- N_SET_FLAGS(header_aout, flags & ~HF_PAX_RANDMMAP);
-}
-
-static int read_header(char *name, int mode)
-{
- char *ptr;
- int size, block;
-
- if ((fd = open(name, mode)) < 0) return 1;
-
- ptr = (char *)&header_elf;
- size = sizeof(header_elf);
- do {
- block = read(fd, ptr, size);
- if (block <= 0) {
- close(fd);
- return block ? 1 : 2;
- }
- ptr += block; size -= block;
- } while (size > 0);
-
- memcpy(&header_aout, &header_elf, sizeof(header_aout));
-
- if (!strncmp(header_elf.e_ident, ELFMAG, SELFMAG)) {
- if (header_elf.e_type != ET_EXEC && header_elf.e_type != ET_DYN) return 2;
- if (header_elf.e_machine != EM_386) return 3;
- header = &header_elf; header_size = sizeof(header_elf);
- get_flags = get_flags_elf; put_flags = put_flags_elf;
- } else
- if (N_MAGIC(header_aout) == NMAGIC ||
- N_MAGIC(header_aout) == ZMAGIC ||
- N_MAGIC(header_aout) == QMAGIC) {
- if (N_MACHTYPE(header_aout) != M_386) return 3;
- header = &header_aout; header_size = 4;
- get_flags = get_flags_aout; put_flags = put_flags_aout;
- } else return 2;
-
- return 0;
-}
-
-int write_header()
-{
- char *ptr;
- int size, block;
-
- if (lseek(fd, 0, SEEK_SET)) return 1;
-
- ptr = (char *)header;
- size = header_size;
- do {
- block = write(fd, ptr, size);
- if (block <= 0) break;
- ptr += block; size -= block;
- } while (size > 0);
-
- return size;
-}
-
-#define USAGE \
-"Usage: %s OPTIONS FILE...\n" \
-"Manage PaX flags for binaries\n\n" \
-" -P\tenforce paging based non-executable pages\n" \
-" -p\tdo not enforce paging based non-executable pages\n" \
-" -E\temulate trampolines\n" \
-" -e\tdo not emulate trampolines\n" \
-" -M\trestrict mprotect()\n" \
-" -m\tdo not restrict mprotect()\n" \
-" -R\trandomize mmap() base [ELF only]\n" \
-" -r\tdo not randomize mmap() base [ELF only]\n" \
-" -X\trandomize ET_EXEC base [ELF only]\n" \
-" -x\tdo not randomize ET_EXEC base [ELF only]\n" \
-" -S\tenforce segmentation based non-executable pages\n" \
-" -s\tdo not enforce segmentation based non-executable pages\n" \
-" -v\tview current flag state\n\n" \
-"The flags only have effect when running the patched Linux kernel.\n"
-
-void usage(char *name)
-{
- printf(USAGE, name ? name : "chpax");
- exit(1);
-}
-
-int main(int argc, char **argv)
-{
- char **current;
- unsigned long flags;
- int error = 0;
- int mode;
-
- if (argc < 3) usage(argv[0]);
- if (strlen(argv[1]) != 2) usage(argv[0]);
- if (argv[1][0] != '-' || !strchr("pPeEmMrRxXsSv", argv[1][1])) usage(argv[0]);
-
- current = &argv[2];
- do {
- mode = argv[1][1] == 'v' ? O_RDONLY : O_RDWR;
- switch (read_header(*current, mode)) {
- case 1:
- perror(*current);
- error = 1; continue;
-
- case 2:
- printf("%s: Unknown file type\n", *current);
- error = 1; continue;
-
- case 3:
- printf("%s: Wrong architecture\n", *current);
- error = 1; continue;
- }
-
- flags = get_flags();
-
- switch (argv[1][1]) {
- case 'p':
- put_flags(flags | HF_PAX_PAGEEXEC);
- break;
-
- case 'P':
- put_flags((flags & ~HF_PAX_PAGEEXEC)|HF_PAX_SEGMEXEC);
- break;
-
- case 'E':
- put_flags(flags | HF_PAX_EMUTRAMP);
- break;
-
- case 'e':
- put_flags(flags & ~HF_PAX_EMUTRAMP);
- break;
-
- case 'm':
- put_flags(flags | HF_PAX_MPROTECT);
- break;
-
- case 'M':
- put_flags(flags & ~HF_PAX_MPROTECT);
- break;
-
- case 'r':
- put_flags(flags | HF_PAX_RANDMMAP);
- break;
-
- case 'R':
- put_flags(flags & ~HF_PAX_RANDMMAP);
- break;
-
- case 'X':
- put_flags(flags | HF_PAX_RANDEXEC);
- break;
-
- case 'x':
- put_flags(flags & ~HF_PAX_RANDEXEC);
- break;
-
- case 's':
- put_flags(flags | HF_PAX_SEGMEXEC);
- break;
-
- case 'S':
- put_flags((flags & ~HF_PAX_SEGMEXEC)|HF_PAX_PAGEEXEC);
- break;
-
- default:
- printf("%s: "
- "paging based PAGE_EXEC is %s, "
- "trampolines are %s, "
- "mprotect() is %s, "
- "mmap() base is %s, "
- "ET_EXEC base is %s, "
- "segmentation based PAGE_EXEC is %s\n", *current,
- (flags & HF_PAX_PAGEEXEC) || !(flags & HF_PAX_SEGMEXEC)
- ? "disabled" : "enabled",
- flags & HF_PAX_EMUTRAMP
- ? "emulated" : "not emulated",
- flags & HF_PAX_MPROTECT
- ? "not restricted" : "restricted",
- flags & HF_PAX_RANDMMAP
- ? "not randomized" : "randomized",
- flags & HF_PAX_RANDEXEC
- ? "randomized" : "not randomized",
- flags & HF_PAX_SEGMEXEC
- ? "disabled" : "enabled");
- }
-
- if (flags != get_flags())
- if (write_header()) {
- perror(*current);
- error = 1;
- }
-
- close(fd);
- } while (*++current);
-
- return error;
-}
diff --git a/sys-apps/gradm/files/gradm-1.6-chpax.c b/sys-apps/gradm/files/gradm-1.6-chpax.c
deleted file mode 100644
index 9dd3dd880e36..000000000000
--- a/sys-apps/gradm/files/gradm-1.6-chpax.c
+++ /dev/null
@@ -1,335 +0,0 @@
-/*
- * This program manages various PaX related flags for ELF and a.out binaries.
- * The flags only have effect when running the patched Linux kernel.
- *
- * Written by Solar Designer and placed in the public domain.
- *
- * Adapted to PaX by the PaX Team
- *
- * Nov 10 2002 : Added multi{options,files} cmdline, zeroflag, nicer output
- * (+ double output if flags are changed and -v is specified), more error
- * handling.
- *
- * Dec 11 2002 : Explicit error messages and return value, even more
- * error handling . (-jv)
- *
- */
-#include <stdio.h>
-#include <string.h>
-#include <sys/types.h>
-#include <fcntl.h>
-#include <unistd.h>
-#include <linux/elf.h>
-#include <linux/a.out.h>
-
-#define HF_PAX_PAGEEXEC 1 /* 0: Paging based non-exec pages */
-#define HF_PAX_EMUTRAMP 2 /* 0: Emulate trampolines */
-#define HF_PAX_MPROTECT 4 /* 0: Restrict mprotect() */
-#define HF_PAX_RANDMMAP 8 /* 0: Randomize mmap() base */
-#define HF_PAX_RANDEXEC 16 /* 1: Randomize ET_EXEC base */
-#define HF_PAX_SEGMEXEC 32 /* 0: Segmentation based non-exec pages */
-
-#define XCLOSE(fd) \
-do \
-{ \
- if (close(fd)) \
- perror("close"); \
-} \
-while (0)
-
-static struct elf32_hdr header_elf;
-static struct exec header_aout;
-static void *header;
-static int header_size;
-static int fd;
-
-static unsigned long (*get_flags)();
-static void (*put_flags)(unsigned long);
-
-
-static void print_flags(unsigned long flags)
-{
- printf(" * Paging based PAGE_EXEC : %s \n"
- " * Trampolines : %s \n"
- " * mprotect() : %s \n"
- " * mmap() base : %s \n"
- " * ET_EXEC base : %s \n"
- " * Segmentation based PAGE_EXEC : %s \n",
- flags & HF_PAX_PAGEEXEC
- ? "disabled" : flags & HF_PAX_SEGMEXEC ? "enabled" : "enabled (overridden)",
- flags & HF_PAX_EMUTRAMP
- ? "emulated" : "not emulated",
- flags & HF_PAX_MPROTECT
- ? "not restricted" : "restricted",
- flags & HF_PAX_RANDMMAP
- ? "not randomized" : "randomized",
- flags & HF_PAX_RANDEXEC
- ? "randomized" : "not randomized",
- flags & HF_PAX_SEGMEXEC
- ? "disabled" : "enabled");
-}
-
-static unsigned long get_flags_elf()
-{
- return (header_elf.e_flags);
-}
-
-static void put_flags_elf(unsigned long flags)
-{
- header_elf.e_flags = flags;
-}
-
-static unsigned long get_flags_aout()
-{
- return (N_FLAGS(header_aout));
-}
-
-static void put_flags_aout(unsigned long flags)
-{
- N_SET_FLAGS(header_aout, flags & ~HF_PAX_RANDMMAP);
-}
-
-static int read_header(char *name, int mode)
-{
- char *ptr;
- int size;
- int block;
-
- if ((fd = open(name, mode)) < 0)
- return 1;
-
- ptr = (char *) &header_elf;
- size = sizeof (header_elf);
-
- do
- {
- block = read(fd, ptr, size);
- if (block <= 0)
- return (block ? 1 : 2);
- ptr += block; size -= block;
- }
- while (size > 0);
-
- memcpy(&header_aout, &header_elf, sizeof(header_aout));
-
- if (!strncmp(header_elf.e_ident, ELFMAG, SELFMAG))
- {
- if (header_elf.e_type != ET_EXEC && header_elf.e_type != ET_DYN)
- return 2;
- if (header_elf.e_machine != EM_386)
- return 3;
- header = &header_elf;
- header_size = sizeof(header_elf);
- get_flags = get_flags_elf;
- put_flags = put_flags_elf;
- }
-
- else if (N_MAGIC(header_aout) == NMAGIC ||
- N_MAGIC(header_aout) == ZMAGIC ||
- N_MAGIC(header_aout) == QMAGIC)
- {
- if (N_MACHTYPE(header_aout) != M_386)
- return 3;
- header = &header_aout;
- header_size = 4;
- get_flags = get_flags_aout;
- put_flags = put_flags_aout;
- }
-
- else
- return (2);
-
- return (0);
-}
-
-int write_header()
-{
- char *ptr;
- int size;
- int block;
-
- if (lseek(fd, 0, SEEK_SET))
- return 1;
-
- ptr = (char *) header;
- size = header_size;
-
- do
- {
- block = write(fd, ptr, size);
- if (block <= 0)
- break;
- ptr += block;
- size -= block;
- }
- while (size > 0);
-
- return size;
-}
-
-
-#define USAGE \
-"Usage: %s OPTIONS FILE1 FILE2 FILEN ...\n" \
-"Manage PaX flags for binaries\n\n" \
-" -P\tenforce paging based non-executable pages\n" \
-" -p\tdo not enforce paging based non-executable pages\n" \
-" -E\temulate trampolines\n" \
-" -e\tdo not emulate trampolines\n" \
-" -M\trestrict mprotect()\n" \
-" -m\tdo not restrict mprotect()\n" \
-" -R\trandomize mmap() base [ELF only]\n" \
-" -r\tdo not randomize mmap() base [ELF only]\n" \
-" -X\trandomize ET_EXEC base [ELF only]\n" \
-" -x\tdo not randomize ET_EXEC base [ELF only]\n" \
-" -S\tenforce segmentation based non-executable pages\n" \
-" -s\tdo not enforce segmentation based non-executable pages\n" \
-" -v\tview current flag mask \n" \
-" -z\tzero flag mask (next flags still apply)\n\n" \
-"The flags only have effect when running the patched Linux kernel.\n"
-
-
-void usage(char *name)
-{
- printf(USAGE, (name ? name : "chpax"));
- exit(1);
-}
-
-unsigned long scan_flags(unsigned long flags, char **argv, int *view)
-{
- int index;
-
- for (index = 1; argv[1][index]; index++)
- switch (argv[1][index])
- {
-
- case 'p':
- flags |= HF_PAX_PAGEEXEC;
- continue ;
-
- case 'P':
- flags = (flags & ~HF_PAX_PAGEEXEC) | HF_PAX_SEGMEXEC;
- continue ;
-
- case 'E':
- flags |= HF_PAX_EMUTRAMP;
- continue ;
-
- case 'e':
- flags = (flags & ~HF_PAX_EMUTRAMP);
- continue ;
-
- case 'm':
- flags |= HF_PAX_MPROTECT;
- continue ;
-
- case 'M':
- flags = (flags & ~HF_PAX_MPROTECT);
- continue ;
-
- case 'r':
- flags |= HF_PAX_RANDMMAP;
- continue ;
-
- case 'R':
- flags = (flags & ~HF_PAX_RANDMMAP);
- continue ;
-
- case 'X':
- flags |= HF_PAX_RANDEXEC;
- continue ;
-
- case 'x':
- flags = (flags & ~HF_PAX_RANDEXEC);
- continue ;
-
- case 's':
- flags |= HF_PAX_SEGMEXEC;
- continue ;
-
- case 'S':
- flags = (flags & ~HF_PAX_SEGMEXEC) | HF_PAX_PAGEEXEC;
- continue ;
-
- case 'v':
- *view = 1;
- continue ;
-
- case 'z':
- flags = 0;
- continue ;
-
- default:
- fprintf(stderr, "Unknown option %c \n", argv[1][index]);
- usage(argv[0]);
- }
-
- return (flags);
-}
-
-
-int main(int argc, char **argv)
-{
- unsigned long flags;
- unsigned long aflags;
- unsigned int index;
- int mode;
- char *current;
- int error = 0;
- int view = 0;
-
- if (argc < 3 || argv[1][0] != '-')
- usage(argv[0]);
-
- for (index = 2, current = argv[index]; current; current = argv[++index])
- {
-
- mode = (argc == 3 && !strcmp(argv[1], "-v") ? O_RDONLY : O_RDWR);
-
- error = read_header(current, mode);
- switch (error)
- {
- case 1:
- perror(current);
- continue ;
- case 2:
- fprintf(stderr, "%s: Unknown file type (passed) \n", current);
- XCLOSE(fd);
- continue ;
- case 3:
- fprintf(stderr, "%s: Wrong architecture (passed) \n", current);
- XCLOSE(fd);
- continue ;
- }
-
- aflags = get_flags();
- flags = scan_flags(aflags, argv, &view);
-
- if (view)
- {
- printf("\n----[ Current flags for %s ]---- \n\n", current);
- print_flags(aflags);
- puts("");
- }
-
- put_flags(flags);
-
- if (flags != aflags && write_header())
- {
- perror(current);
- error = 4;
- }
-
- if (error)
- fprintf(stderr, "%s : Flags were not updated . \n", current);
- else if (view && aflags != flags)
- {
- printf("\n----[ Updated flags for %s ]---- \n\n", current);
- print_flags(flags);
- puts("");
- }
-
- XCLOSE(fd);
- }
-
- return (error);
-}
diff --git a/sys-apps/gradm/files/gradm-1.7b-chpax.c b/sys-apps/gradm/files/gradm-1.7b-chpax.c
deleted file mode 100644
index 9dd3dd880e36..000000000000
--- a/sys-apps/gradm/files/gradm-1.7b-chpax.c
+++ /dev/null
@@ -1,335 +0,0 @@
-/*
- * This program manages various PaX related flags for ELF and a.out binaries.
- * The flags only have effect when running the patched Linux kernel.
- *
- * Written by Solar Designer and placed in the public domain.
- *
- * Adapted to PaX by the PaX Team
- *
- * Nov 10 2002 : Added multi{options,files} cmdline, zeroflag, nicer output
- * (+ double output if flags are changed and -v is specified), more error
- * handling.
- *
- * Dec 11 2002 : Explicit error messages and return value, even more
- * error handling . (-jv)
- *
- */
-#include <stdio.h>
-#include <string.h>
-#include <sys/types.h>
-#include <fcntl.h>
-#include <unistd.h>
-#include <linux/elf.h>
-#include <linux/a.out.h>
-
-#define HF_PAX_PAGEEXEC 1 /* 0: Paging based non-exec pages */
-#define HF_PAX_EMUTRAMP 2 /* 0: Emulate trampolines */
-#define HF_PAX_MPROTECT 4 /* 0: Restrict mprotect() */
-#define HF_PAX_RANDMMAP 8 /* 0: Randomize mmap() base */
-#define HF_PAX_RANDEXEC 16 /* 1: Randomize ET_EXEC base */
-#define HF_PAX_SEGMEXEC 32 /* 0: Segmentation based non-exec pages */
-
-#define XCLOSE(fd) \
-do \
-{ \
- if (close(fd)) \
- perror("close"); \
-} \
-while (0)
-
-static struct elf32_hdr header_elf;
-static struct exec header_aout;
-static void *header;
-static int header_size;
-static int fd;
-
-static unsigned long (*get_flags)();
-static void (*put_flags)(unsigned long);
-
-
-static void print_flags(unsigned long flags)
-{
- printf(" * Paging based PAGE_EXEC : %s \n"
- " * Trampolines : %s \n"
- " * mprotect() : %s \n"
- " * mmap() base : %s \n"
- " * ET_EXEC base : %s \n"
- " * Segmentation based PAGE_EXEC : %s \n",
- flags & HF_PAX_PAGEEXEC
- ? "disabled" : flags & HF_PAX_SEGMEXEC ? "enabled" : "enabled (overridden)",
- flags & HF_PAX_EMUTRAMP
- ? "emulated" : "not emulated",
- flags & HF_PAX_MPROTECT
- ? "not restricted" : "restricted",
- flags & HF_PAX_RANDMMAP
- ? "not randomized" : "randomized",
- flags & HF_PAX_RANDEXEC
- ? "randomized" : "not randomized",
- flags & HF_PAX_SEGMEXEC
- ? "disabled" : "enabled");
-}
-
-static unsigned long get_flags_elf()
-{
- return (header_elf.e_flags);
-}
-
-static void put_flags_elf(unsigned long flags)
-{
- header_elf.e_flags = flags;
-}
-
-static unsigned long get_flags_aout()
-{
- return (N_FLAGS(header_aout));
-}
-
-static void put_flags_aout(unsigned long flags)
-{
- N_SET_FLAGS(header_aout, flags & ~HF_PAX_RANDMMAP);
-}
-
-static int read_header(char *name, int mode)
-{
- char *ptr;
- int size;
- int block;
-
- if ((fd = open(name, mode)) < 0)
- return 1;
-
- ptr = (char *) &header_elf;
- size = sizeof (header_elf);
-
- do
- {
- block = read(fd, ptr, size);
- if (block <= 0)
- return (block ? 1 : 2);
- ptr += block; size -= block;
- }
- while (size > 0);
-
- memcpy(&header_aout, &header_elf, sizeof(header_aout));
-
- if (!strncmp(header_elf.e_ident, ELFMAG, SELFMAG))
- {
- if (header_elf.e_type != ET_EXEC && header_elf.e_type != ET_DYN)
- return 2;
- if (header_elf.e_machine != EM_386)
- return 3;
- header = &header_elf;
- header_size = sizeof(header_elf);
- get_flags = get_flags_elf;
- put_flags = put_flags_elf;
- }
-
- else if (N_MAGIC(header_aout) == NMAGIC ||
- N_MAGIC(header_aout) == ZMAGIC ||
- N_MAGIC(header_aout) == QMAGIC)
- {
- if (N_MACHTYPE(header_aout) != M_386)
- return 3;
- header = &header_aout;
- header_size = 4;
- get_flags = get_flags_aout;
- put_flags = put_flags_aout;
- }
-
- else
- return (2);
-
- return (0);
-}
-
-int write_header()
-{
- char *ptr;
- int size;
- int block;
-
- if (lseek(fd, 0, SEEK_SET))
- return 1;
-
- ptr = (char *) header;
- size = header_size;
-
- do
- {
- block = write(fd, ptr, size);
- if (block <= 0)
- break;
- ptr += block;
- size -= block;
- }
- while (size > 0);
-
- return size;
-}
-
-
-#define USAGE \
-"Usage: %s OPTIONS FILE1 FILE2 FILEN ...\n" \
-"Manage PaX flags for binaries\n\n" \
-" -P\tenforce paging based non-executable pages\n" \
-" -p\tdo not enforce paging based non-executable pages\n" \
-" -E\temulate trampolines\n" \
-" -e\tdo not emulate trampolines\n" \
-" -M\trestrict mprotect()\n" \
-" -m\tdo not restrict mprotect()\n" \
-" -R\trandomize mmap() base [ELF only]\n" \
-" -r\tdo not randomize mmap() base [ELF only]\n" \
-" -X\trandomize ET_EXEC base [ELF only]\n" \
-" -x\tdo not randomize ET_EXEC base [ELF only]\n" \
-" -S\tenforce segmentation based non-executable pages\n" \
-" -s\tdo not enforce segmentation based non-executable pages\n" \
-" -v\tview current flag mask \n" \
-" -z\tzero flag mask (next flags still apply)\n\n" \
-"The flags only have effect when running the patched Linux kernel.\n"
-
-
-void usage(char *name)
-{
- printf(USAGE, (name ? name : "chpax"));
- exit(1);
-}
-
-unsigned long scan_flags(unsigned long flags, char **argv, int *view)
-{
- int index;
-
- for (index = 1; argv[1][index]; index++)
- switch (argv[1][index])
- {
-
- case 'p':
- flags |= HF_PAX_PAGEEXEC;
- continue ;
-
- case 'P':
- flags = (flags & ~HF_PAX_PAGEEXEC) | HF_PAX_SEGMEXEC;
- continue ;
-
- case 'E':
- flags |= HF_PAX_EMUTRAMP;
- continue ;
-
- case 'e':
- flags = (flags & ~HF_PAX_EMUTRAMP);
- continue ;
-
- case 'm':
- flags |= HF_PAX_MPROTECT;
- continue ;
-
- case 'M':
- flags = (flags & ~HF_PAX_MPROTECT);
- continue ;
-
- case 'r':
- flags |= HF_PAX_RANDMMAP;
- continue ;
-
- case 'R':
- flags = (flags & ~HF_PAX_RANDMMAP);
- continue ;
-
- case 'X':
- flags |= HF_PAX_RANDEXEC;
- continue ;
-
- case 'x':
- flags = (flags & ~HF_PAX_RANDEXEC);
- continue ;
-
- case 's':
- flags |= HF_PAX_SEGMEXEC;
- continue ;
-
- case 'S':
- flags = (flags & ~HF_PAX_SEGMEXEC) | HF_PAX_PAGEEXEC;
- continue ;
-
- case 'v':
- *view = 1;
- continue ;
-
- case 'z':
- flags = 0;
- continue ;
-
- default:
- fprintf(stderr, "Unknown option %c \n", argv[1][index]);
- usage(argv[0]);
- }
-
- return (flags);
-}
-
-
-int main(int argc, char **argv)
-{
- unsigned long flags;
- unsigned long aflags;
- unsigned int index;
- int mode;
- char *current;
- int error = 0;
- int view = 0;
-
- if (argc < 3 || argv[1][0] != '-')
- usage(argv[0]);
-
- for (index = 2, current = argv[index]; current; current = argv[++index])
- {
-
- mode = (argc == 3 && !strcmp(argv[1], "-v") ? O_RDONLY : O_RDWR);
-
- error = read_header(current, mode);
- switch (error)
- {
- case 1:
- perror(current);
- continue ;
- case 2:
- fprintf(stderr, "%s: Unknown file type (passed) \n", current);
- XCLOSE(fd);
- continue ;
- case 3:
- fprintf(stderr, "%s: Wrong architecture (passed) \n", current);
- XCLOSE(fd);
- continue ;
- }
-
- aflags = get_flags();
- flags = scan_flags(aflags, argv, &view);
-
- if (view)
- {
- printf("\n----[ Current flags for %s ]---- \n\n", current);
- print_flags(aflags);
- puts("");
- }
-
- put_flags(flags);
-
- if (flags != aflags && write_header())
- {
- perror(current);
- error = 4;
- }
-
- if (error)
- fprintf(stderr, "%s : Flags were not updated . \n", current);
- else if (view && aflags != flags)
- {
- printf("\n----[ Updated flags for %s ]---- \n\n", current);
- print_flags(flags);
- puts("");
- }
-
- XCLOSE(fd);
- }
-
- return (error);
-}
diff --git a/sys-apps/gradm/files/gradm-chpax.c b/sys-apps/gradm/files/gradm-chpax.c
deleted file mode 100644
index 9dd3dd880e36..000000000000
--- a/sys-apps/gradm/files/gradm-chpax.c
+++ /dev/null
@@ -1,335 +0,0 @@
-/*
- * This program manages various PaX related flags for ELF and a.out binaries.
- * The flags only have effect when running the patched Linux kernel.
- *
- * Written by Solar Designer and placed in the public domain.
- *
- * Adapted to PaX by the PaX Team
- *
- * Nov 10 2002 : Added multi{options,files} cmdline, zeroflag, nicer output
- * (+ double output if flags are changed and -v is specified), more error
- * handling.
- *
- * Dec 11 2002 : Explicit error messages and return value, even more
- * error handling . (-jv)
- *
- */
-#include <stdio.h>
-#include <string.h>
-#include <sys/types.h>
-#include <fcntl.h>
-#include <unistd.h>
-#include <linux/elf.h>
-#include <linux/a.out.h>
-
-#define HF_PAX_PAGEEXEC 1 /* 0: Paging based non-exec pages */
-#define HF_PAX_EMUTRAMP 2 /* 0: Emulate trampolines */
-#define HF_PAX_MPROTECT 4 /* 0: Restrict mprotect() */
-#define HF_PAX_RANDMMAP 8 /* 0: Randomize mmap() base */
-#define HF_PAX_RANDEXEC 16 /* 1: Randomize ET_EXEC base */
-#define HF_PAX_SEGMEXEC 32 /* 0: Segmentation based non-exec pages */
-
-#define XCLOSE(fd) \
-do \
-{ \
- if (close(fd)) \
- perror("close"); \
-} \
-while (0)
-
-static struct elf32_hdr header_elf;
-static struct exec header_aout;
-static void *header;
-static int header_size;
-static int fd;
-
-static unsigned long (*get_flags)();
-static void (*put_flags)(unsigned long);
-
-
-static void print_flags(unsigned long flags)
-{
- printf(" * Paging based PAGE_EXEC : %s \n"
- " * Trampolines : %s \n"
- " * mprotect() : %s \n"
- " * mmap() base : %s \n"
- " * ET_EXEC base : %s \n"
- " * Segmentation based PAGE_EXEC : %s \n",
- flags & HF_PAX_PAGEEXEC
- ? "disabled" : flags & HF_PAX_SEGMEXEC ? "enabled" : "enabled (overridden)",
- flags & HF_PAX_EMUTRAMP
- ? "emulated" : "not emulated",
- flags & HF_PAX_MPROTECT
- ? "not restricted" : "restricted",
- flags & HF_PAX_RANDMMAP
- ? "not randomized" : "randomized",
- flags & HF_PAX_RANDEXEC
- ? "randomized" : "not randomized",
- flags & HF_PAX_SEGMEXEC
- ? "disabled" : "enabled");
-}
-
-static unsigned long get_flags_elf()
-{
- return (header_elf.e_flags);
-}
-
-static void put_flags_elf(unsigned long flags)
-{
- header_elf.e_flags = flags;
-}
-
-static unsigned long get_flags_aout()
-{
- return (N_FLAGS(header_aout));
-}
-
-static void put_flags_aout(unsigned long flags)
-{
- N_SET_FLAGS(header_aout, flags & ~HF_PAX_RANDMMAP);
-}
-
-static int read_header(char *name, int mode)
-{
- char *ptr;
- int size;
- int block;
-
- if ((fd = open(name, mode)) < 0)
- return 1;
-
- ptr = (char *) &header_elf;
- size = sizeof (header_elf);
-
- do
- {
- block = read(fd, ptr, size);
- if (block <= 0)
- return (block ? 1 : 2);
- ptr += block; size -= block;
- }
- while (size > 0);
-
- memcpy(&header_aout, &header_elf, sizeof(header_aout));
-
- if (!strncmp(header_elf.e_ident, ELFMAG, SELFMAG))
- {
- if (header_elf.e_type != ET_EXEC && header_elf.e_type != ET_DYN)
- return 2;
- if (header_elf.e_machine != EM_386)
- return 3;
- header = &header_elf;
- header_size = sizeof(header_elf);
- get_flags = get_flags_elf;
- put_flags = put_flags_elf;
- }
-
- else if (N_MAGIC(header_aout) == NMAGIC ||
- N_MAGIC(header_aout) == ZMAGIC ||
- N_MAGIC(header_aout) == QMAGIC)
- {
- if (N_MACHTYPE(header_aout) != M_386)
- return 3;
- header = &header_aout;
- header_size = 4;
- get_flags = get_flags_aout;
- put_flags = put_flags_aout;
- }
-
- else
- return (2);
-
- return (0);
-}
-
-int write_header()
-{
- char *ptr;
- int size;
- int block;
-
- if (lseek(fd, 0, SEEK_SET))
- return 1;
-
- ptr = (char *) header;
- size = header_size;
-
- do
- {
- block = write(fd, ptr, size);
- if (block <= 0)
- break;
- ptr += block;
- size -= block;
- }
- while (size > 0);
-
- return size;
-}
-
-
-#define USAGE \
-"Usage: %s OPTIONS FILE1 FILE2 FILEN ...\n" \
-"Manage PaX flags for binaries\n\n" \
-" -P\tenforce paging based non-executable pages\n" \
-" -p\tdo not enforce paging based non-executable pages\n" \
-" -E\temulate trampolines\n" \
-" -e\tdo not emulate trampolines\n" \
-" -M\trestrict mprotect()\n" \
-" -m\tdo not restrict mprotect()\n" \
-" -R\trandomize mmap() base [ELF only]\n" \
-" -r\tdo not randomize mmap() base [ELF only]\n" \
-" -X\trandomize ET_EXEC base [ELF only]\n" \
-" -x\tdo not randomize ET_EXEC base [ELF only]\n" \
-" -S\tenforce segmentation based non-executable pages\n" \
-" -s\tdo not enforce segmentation based non-executable pages\n" \
-" -v\tview current flag mask \n" \
-" -z\tzero flag mask (next flags still apply)\n\n" \
-"The flags only have effect when running the patched Linux kernel.\n"
-
-
-void usage(char *name)
-{
- printf(USAGE, (name ? name : "chpax"));
- exit(1);
-}
-
-unsigned long scan_flags(unsigned long flags, char **argv, int *view)
-{
- int index;
-
- for (index = 1; argv[1][index]; index++)
- switch (argv[1][index])
- {
-
- case 'p':
- flags |= HF_PAX_PAGEEXEC;
- continue ;
-
- case 'P':
- flags = (flags & ~HF_PAX_PAGEEXEC) | HF_PAX_SEGMEXEC;
- continue ;
-
- case 'E':
- flags |= HF_PAX_EMUTRAMP;
- continue ;
-
- case 'e':
- flags = (flags & ~HF_PAX_EMUTRAMP);
- continue ;
-
- case 'm':
- flags |= HF_PAX_MPROTECT;
- continue ;
-
- case 'M':
- flags = (flags & ~HF_PAX_MPROTECT);
- continue ;
-
- case 'r':
- flags |= HF_PAX_RANDMMAP;
- continue ;
-
- case 'R':
- flags = (flags & ~HF_PAX_RANDMMAP);
- continue ;
-
- case 'X':
- flags |= HF_PAX_RANDEXEC;
- continue ;
-
- case 'x':
- flags = (flags & ~HF_PAX_RANDEXEC);
- continue ;
-
- case 's':
- flags |= HF_PAX_SEGMEXEC;
- continue ;
-
- case 'S':
- flags = (flags & ~HF_PAX_SEGMEXEC) | HF_PAX_PAGEEXEC;
- continue ;
-
- case 'v':
- *view = 1;
- continue ;
-
- case 'z':
- flags = 0;
- continue ;
-
- default:
- fprintf(stderr, "Unknown option %c \n", argv[1][index]);
- usage(argv[0]);
- }
-
- return (flags);
-}
-
-
-int main(int argc, char **argv)
-{
- unsigned long flags;
- unsigned long aflags;
- unsigned int index;
- int mode;
- char *current;
- int error = 0;
- int view = 0;
-
- if (argc < 3 || argv[1][0] != '-')
- usage(argv[0]);
-
- for (index = 2, current = argv[index]; current; current = argv[++index])
- {
-
- mode = (argc == 3 && !strcmp(argv[1], "-v") ? O_RDONLY : O_RDWR);
-
- error = read_header(current, mode);
- switch (error)
- {
- case 1:
- perror(current);
- continue ;
- case 2:
- fprintf(stderr, "%s: Unknown file type (passed) \n", current);
- XCLOSE(fd);
- continue ;
- case 3:
- fprintf(stderr, "%s: Wrong architecture (passed) \n", current);
- XCLOSE(fd);
- continue ;
- }
-
- aflags = get_flags();
- flags = scan_flags(aflags, argv, &view);
-
- if (view)
- {
- printf("\n----[ Current flags for %s ]---- \n\n", current);
- print_flags(aflags);
- puts("");
- }
-
- put_flags(flags);
-
- if (flags != aflags && write_header())
- {
- perror(current);
- error = 4;
- }
-
- if (error)
- fprintf(stderr, "%s : Flags were not updated . \n", current);
- else if (view && aflags != flags)
- {
- printf("\n----[ Updated flags for %s ]---- \n\n", current);
- print_flags(flags);
- puts("");
- }
-
- XCLOSE(fd);
- }
-
- return (error);
-}
diff --git a/sys-apps/gradm/files/gradm_parse.c-1.9.x.patch b/sys-apps/gradm/files/gradm_parse.c-1.9.x.patch
new file mode 100644
index 000000000000..7281e7b6c248
--- /dev/null
+++ b/sys-apps/gradm/files/gradm_parse.c-1.9.x.patch
@@ -0,0 +1,13 @@
+--- gradm_parse.c 2003-05-13 01:41:26.000000000 -0400
++++ gradm_parse_gentoo.c 2003-05-13 01:51:17.000000000 -0400
+@@ -677,8 +677,8 @@
+ n = scandir(dir, &namelist, 0, alphasort);
+ if (n >= 0) {
+ while (n--) {
+- if (strcmp(namelist[n]->d_name, ".")
+- && strcmp(namelist[n]->d_name, "..")) {
++ /* ignore files and directorys that start with . */
++ if (namelist[n]->d_name[0] != '.') {
+ memset(&path, 0, sizeof (path));
+ snprintf(path, PATH_MAX - 1, "%s/%s",
+ dir, namelist[n]->d_name);
diff --git a/sys-apps/gradm/files/grsecurity b/sys-apps/gradm/files/grsecurity
index 88858b57ba75..2352dfbe21bd 100644
--- a/sys-apps/gradm/files/grsecurity
+++ b/sys-apps/gradm/files/grsecurity
@@ -13,6 +13,9 @@ MPROTECT_EXEMPT=""
# Files we should not randomize mmap for
MMAP_EXEMPT=""
+# Files not to enforce segmentation based non-executable pages
+SEGMENTATION_EXEMPT="${PAGE_EXEC_EXEMPT}"
+
#
# Check your running kernel for valid options.
# "sysctl -a | grep kernel.grsecurity. | cut -d '.' -f 3 | awk '{print $1}'"
diff --git a/sys-apps/gradm/files/grsecurity.rc b/sys-apps/gradm/files/grsecurity.rc
index 0baee1e32644..b4a9ed4303ff 100644
--- a/sys-apps/gradm/files/grsecurity.rc
+++ b/sys-apps/gradm/files/grsecurity.rc
@@ -1,7 +1,7 @@
#!/sbin/runscript
# Copyright 1999-2003 Gentoo Technologies, Inc.
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-apps/gradm/files/grsecurity.rc,v 1.6 2003/05/17 02:33:34 method Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-apps/gradm/files/grsecurity.rc,v 1.7 2003/06/16 18:37:01 solar Exp $
PROCDIR=/proc/sys/kernel/grsecurity
@@ -21,13 +21,12 @@ start() {
ebegin "Starting grsecurity"
- for x in ${ENABLED} ; do
- if [ -f ${PROCDIR}/${x} ]; then
- echo 1 >${PROCDIR}/${x}
- fi
+ for x in ${ENABLED}; do
+ # [ -f ${PROCDIR}/${x} ] && continue
+ # einfo "\tEnabling kernel.grsecurity.${x}"
case "${x}" in
allow_ptrace_group)
- echo ${ptrace_gid} >${PROCDIR}/ptrace_gid
+ echo ${ptrace_gid} > ${PROCDIR}/ptrace_gid
;;
fork_bomb_prot)
echo ${fork_bomb_gid} >${PROCDIR}/fork_bomb_gid
@@ -43,36 +42,33 @@ start() {
socket_server)
echo ${socket_server_gid} >${PROCDIR}/socket_server_gid
;;
+ *)
+ [ -f ${PROCDIR}/${x} ] && echo 1 >${PROCDIR}/${x}
+ ;;
esac
done
for x in ${PAGE_EXEC_EXEMPT} ; do
- if [ -f ${x} ]; then
- /sbin/chpax -p ${x}
- fi
+ [ -f ${x} ] && /sbin/chpax -p ${x}
done
for x in ${TRAMPOLINE_EXEMPT} ; do
- if [ -f ${x} ]; then
- /sbin/chpax -e ${x}
- fi
+ [ -f ${x} ] && /sbin/chpax -e ${x}
done
for x in ${MPROTECT_EXEMPT} ; do
- if [ -f ${x} ]; then
- /sbin/chpax -m ${x}
- fi
+ [ -f ${x} ] && /sbin/chpax -m ${x}
done
for x in ${MMAP_EXEMPT} ; do
- if [ -f ${x} ]; then
- /sbin/chpax -r ${x}
- fi
+ [ -f ${x} ] && /sbin/chpax -r ${x}
done
- if [ -f ${PROCDIR}/grsec_lock ] ; then
- echo ${LOCK} >${PROCDIR}/grsec_lock
- fi
+ for x in ${SEGMENTATION_EXEMPT} ; do
+ [ -f ${x} ] && /sbin/chpax -s ${x}
+ done
+
+ [ -f ${PROCDIR}/grsec_lock ] && echo ${LOCK} >${PROCDIR}/grsec_lock
eend ${?}
}
diff --git a/sys-apps/gradm/gradm-1.5a.ebuild b/sys-apps/gradm/gradm-1.5a.ebuild
deleted file mode 100644
index 482b7abe4a89..000000000000
--- a/sys-apps/gradm/gradm-1.5a.ebuild
+++ /dev/null
@@ -1,47 +0,0 @@
-# Copyright 1999-2003 Gentoo Technologies, Inc.
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-apps/gradm/gradm-1.5a.ebuild,v 1.2 2003/02/13 15:57:42 vapier Exp $
-
-DESCRIPTION="ACL administrative interface to grsecurity"
-SRC_URI="http://www.grsecurity.net/${P}.tar.gz"
-HOMEPAGE="http://www.grsecurity.net/"
-LICENSE="GPL-2"
-KEYWORDS="x86"
-SLOT="0"
-
-DEPEND="sys-devel/bison
- sys-devel/flex"
-RDEPEND=""
-
-S="${WORKDIR}/${PN}"
-
-src_unpack() {
- unpack ${A}
-
- cd ${S}
- cp ${FILESDIR}/${P}-chpax.c chpax.c
-
- mv Makefile Makefile.orig
- sed <Makefile.orig >Makefile \
- -e 's|YACC=/usr/bin/yacc|YACC=/usr/bin/bison|' \
- -e 's|$(YACC) -d|$(YACC) -y -d|' \
- -e "s|-O2|${CFLAGS}|"
-}
-
-src_compile() {
- emake || die "compile problem"
- emake chpax || die "compile problem"
-}
-
-src_install() {
- doman gradm.8
- dodoc acl
- exeinto /etc/init.d
- newexe ${FILESDIR}/grsecurity.rc grsecurity
- insinto /etc/conf.d
- doins ${FILESDIR}/grsecurity
- into /
- dosbin gradm chpax
- fperms 700 /sbin/gradm
- fperms 700 /sbin/chpax
-}
diff --git a/sys-apps/gradm/gradm-1.6.ebuild b/sys-apps/gradm/gradm-1.6.ebuild
deleted file mode 100644
index 0990ef0dcbe5..000000000000
--- a/sys-apps/gradm/gradm-1.6.ebuild
+++ /dev/null
@@ -1,45 +0,0 @@
-# Copyright 1999-2003 Gentoo Technologies, Inc.
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-apps/gradm/gradm-1.6.ebuild,v 1.2 2003/02/13 15:57:48 vapier Exp $
-
-DESCRIPTION="ACL administrative interface to grsecurity"
-SRC_URI="http://www.grsecurity.net/${P}.tar.gz"
-HOMEPAGE="http://www.grsecurity.net/"
-
-LICENSE="GPL-2"
-KEYWORDS="~x86"
-SLOT="0"
-
-DEPEND="sys-devel/bison
- sys-devel/flex"
-RDEPEND=""
-
-S="${WORKDIR}/${PN}"
-
-src_unpack() {
- unpack ${A}
-
- cd ${S}
- cp ${FILESDIR}/${P}-chpax.c chpax.c
-
- mv Makefile{,.orig}
- sed -e "s|-O2|${CFLAGS}|" Makefile.orig > Makefile
-}
-
-src_compile() {
- emake CC="${CC}" || die "compile problem"
- emake CC="${CC}" chpax || die "compile problem"
-}
-
-src_install() {
- doman gradm.8
- dodoc acl
- exeinto /etc/init.d
- newexe ${FILESDIR}/grsecurity.rc grsecurity
- insinto /etc/conf.d
- doins ${FILESDIR}/grsecurity
- into /
- dosbin gradm chpax
- fperms 700 /sbin/gradm
- fperms 700 /sbin/chpax
-}
diff --git a/sys-apps/gradm/gradm-1.7b.ebuild b/sys-apps/gradm/gradm-1.9.10.ebuild
index a08246c4bbd9..36b6b709065c 100644
--- a/sys-apps/gradm/gradm-1.7b.ebuild
+++ b/sys-apps/gradm/gradm-1.9.10.ebuild
@@ -1,34 +1,33 @@
# Copyright 1999-2003 Gentoo Technologies, Inc.
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-apps/gradm/gradm-1.7b.ebuild,v 1.1 2003/03/09 19:23:53 aliz Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-apps/gradm/gradm-1.9.10.ebuild,v 1.1 2003/06/16 18:37:01 solar Exp $
-DESCRIPTION="ACL administrative interface to grsecurity"
+DESCRIPTION="Administrative interface for grsecurity ${PV} access control lists"
SRC_URI="http://www.grsecurity.net/${P}.tar.gz"
HOMEPAGE="http://www.grsecurity.net/"
LICENSE="GPL-2"
-KEYWORDS="~x86"
+KEYWORDS="x86 ~x86 ~sparc ~ppc"
SLOT="0"
-DEPEND="sys-devel/bison
- sys-devel/flex"
-RDEPEND=""
+IUSE=""
+DEPEND="virtual/glibc
+ sys-devel/bison
+ sys-devel/flex
+ sys-apps/chpax"
S="${WORKDIR}/${PN}"
src_unpack() {
unpack ${A}
-
cd ${S}
- cp ${FILESDIR}/${P}-chpax.c chpax.c
-
+ epatch ${FILESDIR}/gradm_parse.c-1.9.x.patch
mv Makefile{,.orig}
sed -e "s|-O2|${CFLAGS}|" Makefile.orig > Makefile
}
src_compile() {
emake CC="${CC}" || die "compile problem"
- emake CC="${CC}" chpax || die "compile problem"
}
src_install() {
@@ -39,7 +38,6 @@ src_install() {
insinto /etc/conf.d
doins ${FILESDIR}/grsecurity
into /
- dosbin gradm chpax
+ dosbin gradm
fperms 700 /sbin/gradm
- fperms 700 /sbin/chpax
}
diff --git a/sys-apps/gradm/gradm-1.9.9g.ebuild b/sys-apps/gradm/gradm-1.9.9g.ebuild
deleted file mode 100644
index 41c0d9ded946..000000000000
--- a/sys-apps/gradm/gradm-1.9.9g.ebuild
+++ /dev/null
@@ -1,48 +0,0 @@
-# Copyright 1999-2003 Gentoo Technologies, Inc.
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-apps/gradm/gradm-1.9.9g.ebuild,v 1.1 2003/04/20 18:21:14 method Exp $
-
-DESCRIPTION="ACL administrative interface to grsecurity including gentoo policies"
-SRC_URI="http://www.grsecurity.net/${P}.tar.gz"
-HOMEPAGE="http://www.grsecurity.net/"
-
-LICENSE="GPL-2"
-KEYWORDS="~x86"
-SLOT="0"
-
-DEPEND="sys-devel/bison
- sys-devel/flex"
-RDEPEND=""
-
-S="${WORKDIR}/${PN}"
-
-src_unpack() {
- unpack ${A}
-
- cd ${S}
- cp ${FILESDIR}/${PN}-chpax.c chpax.c
-
- mv Makefile{,.orig}
- sed -e "s|-O2|${CFLAGS}|" Makefile.orig > Makefile
-}
-
-src_compile() {
- emake CC="${CC}" || die "compile problem"
- emake CC="${CC}" chpax || die "compile problem"
-}
-
-src_install() {
- doman gradm.8
- dodoc acl
- exeinto /etc/init.d
- newexe ${FILESDIR}/grsecurity.rc grsecurity
- insinto /etc/conf.d
- doins ${FILESDIR}/grsecurity
- insinto /etc/grsec/gentoo_secure_acls
- doins ${S}/gentoo_secure_acls/*
- echo "include </etc/grsec/gentoo_secure_acls>" > ${D}/etc/grsec/acl
- into /
- dosbin gradm chpax
- fperms 700 /sbin/gradm
- fperms 700 /sbin/chpax
-}
diff --git a/sys-apps/gradm/gradm-1.9.9h.ebuild b/sys-apps/gradm/gradm-1.9.9h.ebuild
deleted file mode 100644
index 784f07b13427..000000000000
--- a/sys-apps/gradm/gradm-1.9.9h.ebuild
+++ /dev/null
@@ -1,48 +0,0 @@
-# Copyright 1999-2003 Gentoo Technologies, Inc.
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-apps/gradm/gradm-1.9.9h.ebuild,v 1.1 2003/05/11 14:56:34 method Exp $
-
-DESCRIPTION="ACL administrative interface to grsecurity including gentoo policies"
-SRC_URI="http://www.grsecurity.net/${P}.tar.gz"
-HOMEPAGE="http://www.grsecurity.net/"
-
-LICENSE="GPL-2"
-KEYWORDS="~x86"
-SLOT="0"
-
-DEPEND="sys-devel/bison
- sys-devel/flex"
-RDEPEND=""
-
-S="${WORKDIR}/${PN}"
-
-src_unpack() {
- unpack ${A}
-
- cd ${S}
- cp ${FILESDIR}/${PN}-chpax.c chpax.c
-
- mv Makefile{,.orig}
- sed -e "s|-O2|${CFLAGS}|" Makefile.orig > Makefile
-}
-
-src_compile() {
- emake CC="${CC}" || die "compile problem"
- emake CC="${CC}" chpax || die "compile problem"
-}
-
-src_install() {
- doman gradm.8
- dodoc acl
- exeinto /etc/init.d
- newexe ${FILESDIR}/grsecurity.rc grsecurity
- insinto /etc/conf.d
- doins ${FILESDIR}/grsecurity
- insinto /etc/grsec/gentoo_secure_acls
- doins ${S}/gentoo_secure_acls/*
- echo "include </etc/grsec/gentoo_secure_acls>" > ${D}/etc/grsec/acl
- into /
- dosbin gradm chpax
- fperms 700 /sbin/gradm
- fperms 700 /sbin/chpax
-}