diff options
author | Matthew Snelham <zeypher@gentoo.org> | 2006-11-08 20:21:06 +0000 |
---|---|---|
committer | Matthew Snelham <zeypher@gentoo.org> | 2006-11-08 20:21:06 +0000 |
commit | a7c1359e984d5039161a8c4d2b1df8fb4c11adc8 (patch) | |
tree | 96dcc0c426ae35d11155ff6ef8ca5ad08f7c82a1 | |
download | zeypher-a7c1359e984d5039161a8c4d2b1df8fb4c11adc8.tar.gz zeypher-a7c1359e984d5039161a8c4d2b1df8fb4c11adc8.tar.bz2 zeypher-a7c1359e984d5039161a8c4d2b1df8fb4c11adc8.zip |
Initial import of AppArmor ebuilds, October release.
svn path=/; revision=1
40 files changed, 1371 insertions, 0 deletions
diff --git a/app-doc/apparmor-docs/Manifest b/app-doc/apparmor-docs/Manifest new file mode 100644 index 0000000..ded1a25 --- /dev/null +++ b/app-doc/apparmor-docs/Manifest @@ -0,0 +1,8 @@ +DIST apparmor-docs-2.0-6269.tar.gz 2697657 RMD160 474048d988d72cbf9bf21d50e8aef37d06d9b000 SHA1 792f4339d86d02d179b786de87a47394abfdadae SHA256 9c2d63bfe42cc4582e24d1248a7560dd19cee718db513c7dedb12d45fe168221 +EBUILD apparmor-docs-2.0_p6269.ebuild 955 RMD160 7d0ef9d6bc1a7742684c3c3ced41fd846647a659 SHA1 1f46784c84ea199daa365a19e5d2ff500b84540b SHA256 0db0811764e7dee4543a7d8435f998a76d01ac54335d1b6603295a7a7d929c12 +MD5 38dd72e1548593a135e9e3554d583b3a apparmor-docs-2.0_p6269.ebuild 955 +RMD160 7d0ef9d6bc1a7742684c3c3ced41fd846647a659 apparmor-docs-2.0_p6269.ebuild 955 +SHA256 0db0811764e7dee4543a7d8435f998a76d01ac54335d1b6603295a7a7d929c12 apparmor-docs-2.0_p6269.ebuild 955 +MD5 2729ec9e31f63d936db2d7745ef9be57 files/digest-apparmor-docs-2.0_p6269 271 +RMD160 1c537c1e781a06a7bac39b2cfb7170ba281bb875 files/digest-apparmor-docs-2.0_p6269 271 +SHA256 1a62f3ad2e11540f9e65c1c623357a588f44ecd1244c2559c6436f426aa210ba files/digest-apparmor-docs-2.0_p6269 271 diff --git a/app-doc/apparmor-docs/apparmor-docs-2.0_p6269.ebuild b/app-doc/apparmor-docs/apparmor-docs-2.0_p6269.ebuild new file mode 100644 index 0000000..640416c --- /dev/null +++ b/app-doc/apparmor-docs/apparmor-docs-2.0_p6269.ebuild @@ -0,0 +1,42 @@ +# Copyright 1999-2006 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: $ + +inherit eutils perl-module toolchain-funcs + +MY_PV="${PV/_p/-}" +MY_P="${PN}-${MY_PV}" +MY_S="${WORKDIR}/${PN}-${PV/_p*/}" +MONTH="April" + +DESCRIPTION="Documentation for AppArmor." +HOMEPAGE="http://forge.novell.com/modules/xfmod/project/?apparmor" +SRC_URI="http://forgeftp.novell.com/apparmor/Development%20-%20${MONTH}%20Snapshot/${MY_P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~x86 ~amd64" +IUSE="doc" + +DEPEND="" +RDEPEND="${DEPEND}" + +src_unpack() { + unpack ${A} + + cd ${MY_S} + sed -i "s:NOVELL/SUSE:Gentoo:g" Makefile +} + +src_compile() { + cd ${MY_S} + emake CC="$(tc-getCC)" CFLAGS="${CFLAGS}" || die +} + +src_install() { + cd ${MY_S} + make DESTDIR=${D} install_manpages || die + # Some files are missing from the doc distribution, so no '|| die' + # bug submitted upstream + make DESTDIR=${D} DOCDIR=/usr/share/doc/${P} install_documents +} diff --git a/app-doc/apparmor-docs/files/digest-apparmor-docs-2.0_p6269 b/app-doc/apparmor-docs/files/digest-apparmor-docs-2.0_p6269 new file mode 100644 index 0000000..9c4eee3 --- /dev/null +++ b/app-doc/apparmor-docs/files/digest-apparmor-docs-2.0_p6269 @@ -0,0 +1,3 @@ +MD5 a5130a30a6a9e7cac316fe7658af031a apparmor-docs-2.0-6269.tar.gz 2697657 +RMD160 474048d988d72cbf9bf21d50e8aef37d06d9b000 apparmor-docs-2.0-6269.tar.gz 2697657 +SHA256 9c2d63bfe42cc4582e24d1248a7560dd19cee718db513c7dedb12d45fe168221 apparmor-docs-2.0-6269.tar.gz 2697657 diff --git a/app-doc/apparmor-docs/metadata.xml b/app-doc/apparmor-docs/metadata.xml new file mode 100644 index 0000000..b9e3c98 --- /dev/null +++ b/app-doc/apparmor-docs/metadata.xml @@ -0,0 +1,11 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<herd>apparmor</herd> +<maintainer> + <email>zeypher@gentoo.org</email> + <name>Matthew Snelham</name> + <description>Primary Maintainer</description> +</maintainer> +<longdescription lang="en">Apparmor man pages and official release documentation.</longdescription> +</pkgmetadata> diff --git a/app-vim/apparmor-syntax/Manifest b/app-vim/apparmor-syntax/Manifest new file mode 100644 index 0000000..ac5ac96 --- /dev/null +++ b/app-vim/apparmor-syntax/Manifest @@ -0,0 +1,12 @@ +DIST apparmor-syntax-200609.tar.bz2 2213 RMD160 32e920c4d26603537b6f63d640a65bf29f5a7d94 SHA1 592749d298bd061df6a36a9a4d40b279494517bd SHA256 6475accf5783d0baff0f2d917089da44833d9bd22aff6e440b3dbaefa59532ff +EBUILD apparmor-syntax-200609.ebuild 463 RMD160 13cba4bd3d019ed5e7bb77028a0cce1425c2666b SHA1 894d198036c4540fbb29ba408a46fb553aea045b SHA256 6c23b8b84325c9156679e5ebd9feb5d84e79641735be9418dbe2fa29bd278e41 +MD5 5e324749d7b2fc6751990f4bc5189f00 apparmor-syntax-200609.ebuild 463 +RMD160 13cba4bd3d019ed5e7bb77028a0cce1425c2666b apparmor-syntax-200609.ebuild 463 +SHA256 6c23b8b84325c9156679e5ebd9feb5d84e79641735be9418dbe2fa29bd278e41 apparmor-syntax-200609.ebuild 463 +MISC metadata.xml 398 RMD160 14fc32bc83e1a8d427e06d4cc60f5606d0b36adc SHA1 8bdaf570340596a6186bc9dee8d38169f568bd87 SHA256 b3752813c66a5ff9a938270e41d38a69e73c4ec1ef3a6213f0678c5ecbb91a6d +MD5 61894ce23a87ac07b5f8bed97411f570 metadata.xml 398 +RMD160 14fc32bc83e1a8d427e06d4cc60f5606d0b36adc metadata.xml 398 +SHA256 b3752813c66a5ff9a938270e41d38a69e73c4ec1ef3a6213f0678c5ecbb91a6d metadata.xml 398 +MD5 0241582b993fb8d172a74deee6327fb4 files/digest-apparmor-syntax-200609 265 +RMD160 074f4ac1f927498f686e38b6a6e2d739eff77dad files/digest-apparmor-syntax-200609 265 +SHA256 06f3dd3db778e5c8eff69e5000a649ec523cd14da2297a6234a0d3b5cc46e516 files/digest-apparmor-syntax-200609 265 diff --git a/app-vim/apparmor-syntax/apparmor-syntax-200609.ebuild b/app-vim/apparmor-syntax/apparmor-syntax-200609.ebuild new file mode 100644 index 0000000..0564d2f --- /dev/null +++ b/app-vim/apparmor-syntax/apparmor-syntax-200609.ebuild @@ -0,0 +1,15 @@ +# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: $ + +inherit vim-plugin + +DESCRIPTION="vim plugin: AppArmor policy syntax" +HOMEPAGE="http://forge.novell.com/modules/xfmod/project/?apparmor" +LICENSE="vim" +KEYWORDS="alpha amd64 ia64 mips ~ppc ppc64 sparc x86" +SRC_URI="mirror://gentoo/${P}.tar.bz2" +IUSE="" + +VIM_PLUGIN_HELPTEXT="This plugin provides syntax highlighting for Apparmor +policy files." diff --git a/app-vim/apparmor-syntax/files/digest-apparmor-syntax-200609 b/app-vim/apparmor-syntax/files/digest-apparmor-syntax-200609 new file mode 100644 index 0000000..64f9902 --- /dev/null +++ b/app-vim/apparmor-syntax/files/digest-apparmor-syntax-200609 @@ -0,0 +1,3 @@ +MD5 2975122145f3cf46188a5f00ac649537 apparmor-syntax-200609.tar.bz2 2213 +RMD160 32e920c4d26603537b6f63d640a65bf29f5a7d94 apparmor-syntax-200609.tar.bz2 2213 +SHA256 6475accf5783d0baff0f2d917089da44833d9bd22aff6e440b3dbaefa59532ff apparmor-syntax-200609.tar.bz2 2213 diff --git a/app-vim/apparmor-syntax/metadata.xml b/app-vim/apparmor-syntax/metadata.xml new file mode 100644 index 0000000..3c009ab --- /dev/null +++ b/app-vim/apparmor-syntax/metadata.xml @@ -0,0 +1,11 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<herd>apparmor</herd> +<maintainer> + <email>zeypher@gentoo.org</email> + <name>Matthew Snelham</name> + <description>Primary Maintainer</description> +</maintainer> +<longdescription lang="en">Vim syntax definitions for apparmor policy files.</longdescription> +</pkgmetadata> diff --git a/distfiles/apparmor-syntax-200609.tar.bz2 b/distfiles/apparmor-syntax-200609.tar.bz2 Binary files differnew file mode 100644 index 0000000..fc1961c --- /dev/null +++ b/distfiles/apparmor-syntax-200609.tar.bz2 diff --git a/sec-policy/apparmor-profiles/Manifest b/sec-policy/apparmor-profiles/Manifest new file mode 100644 index 0000000..56498e8 --- /dev/null +++ b/sec-policy/apparmor-profiles/Manifest @@ -0,0 +1,12 @@ +DIST apparmor-profiles-2.0-119.tar.gz 38442 RMD160 41960baad897408ef9fed48829975b7d7ad5381a SHA1 ced8c4e1a8837b9c243fba9146454cf284e357f6 SHA256 747be3c170cd9bb599e6c5a6b1c19a1ec8e8f614b469ef52d7e6640830698efd +EBUILD apparmor-profiles-2.0_p119.ebuild 1777 RMD160 696a87643710e5a4ccf0ed25bc4dae845afe61b3 SHA1 30fb93b1b899d5cb80ed3c1842f0d4be31767697 SHA256 8faa85505c0a5191ec889a9589e7713a7422948180441e0bcab7aa1ec6270e8e +MD5 23fdad08b50d949ad98cc9cda07ac84d apparmor-profiles-2.0_p119.ebuild 1777 +RMD160 696a87643710e5a4ccf0ed25bc4dae845afe61b3 apparmor-profiles-2.0_p119.ebuild 1777 +SHA256 8faa85505c0a5191ec889a9589e7713a7422948180441e0bcab7aa1ec6270e8e apparmor-profiles-2.0_p119.ebuild 1777 +MISC metadata.xml 409 RMD160 85cafe88b4cf8dbabc6cde6a42992c853cf07de1 SHA1 1f67a8ad5256e39b633e7bb991f06ff3dce25c4c SHA256 a00af1c02edbb908409fe16a614f53537cc153f54674db3cda6b7d5657d0ec30 +MD5 592eafc15eb2e0f176e32fc81ae1b9a6 metadata.xml 409 +RMD160 85cafe88b4cf8dbabc6cde6a42992c853cf07de1 metadata.xml 409 +SHA256 a00af1c02edbb908409fe16a614f53537cc153f54674db3cda6b7d5657d0ec30 metadata.xml 409 +MD5 009b398f5b231e38fc3422558483629e files/digest-apparmor-profiles-2.0_p119 274 +RMD160 d85cd1212273237347788ba31a1b757e9aec6635 files/digest-apparmor-profiles-2.0_p119 274 +SHA256 a51796af9a3ecb31ff8752d4f3d3d19a6c3f613e8da9e32d02b7a79101996232 files/digest-apparmor-profiles-2.0_p119 274 diff --git a/sec-policy/apparmor-profiles/apparmor-profiles-2.0_p119.ebuild b/sec-policy/apparmor-profiles/apparmor-profiles-2.0_p119.ebuild new file mode 100644 index 0000000..dd28fbf --- /dev/null +++ b/sec-policy/apparmor-profiles/apparmor-profiles-2.0_p119.ebuild @@ -0,0 +1,60 @@ +# Copyright 1999-2006 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: $ + +inherit eutils toolchain-funcs + +MY_P="${P/_p/-}" +MY_S="${WORKDIR}/${P/_p*/}" +MONTH="October" + +DESCRIPTION="AppArmor pre-built application encapsulation profiles." +HOMEPAGE="http://forge.novell.com/modules/xfmod/project/?apparmor" +SRC_URI="http://forgeftp.novell.com/apparmor/Development%20-%20${MONTH}%20Snapshot/${MY_P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~x86 ~amd64" +IUSE="" + +DEPEND="" +RDEPEND="sys-apps/apparmor-parser" + +pkg_postinst() { + ewarn + ewarn "DO NOT EXPECT THESE PROFILES TO WORK ON YOUR SYSTEM!!!" + ewarn " Expect that ENABLING THEM WILL BREAK things" + ewarn " " + ewarn "These profiles were built to work with a SuSE base install, and " + ewarn "make many assumptions about file placement and system facilities " + ewarn "that are quite possibly untrue on any Gentoo system ever emerged." + ewarn " " + ewarn "They are provided for reference purposes only, until profiles can " + ewarn "be created and verified for Gentoo. If you are interested in using " + ewarn "AppArmor, and modifiying these base profiles for a Gentoo package, " + ewarn "please feel free to do so, and contact the AppArmor package " + ewarn "maintainer with your working profiles!" + ewarn + epause +} + +src_unpack() { + unpack ${A} + + cd ${MY_S} + # Move profiles to a different dir so that none of + # them are sourced by default on startup. + sed -i 's:apparmor.d$:apparmor.d/suse-defaults:g' Makefile +} + +src_compile() { + cd ${MY_S} + emake CC="$(tc-getCC)" CFLAGS="${CFLAGS}" || die +} + +src_install() { + cd ${MY_S} + # Place profiles in /usr/share, instead of /usr/src/Immunix + MY_SHAREDIR="/usr/share/${PN}" + make DESTDIR=${D} EXTRASDIR=${D}/${MY_SHAREDIR} install || die +} diff --git a/sec-policy/apparmor-profiles/files/digest-apparmor-profiles-2.0_p119 b/sec-policy/apparmor-profiles/files/digest-apparmor-profiles-2.0_p119 new file mode 100644 index 0000000..d55b122 --- /dev/null +++ b/sec-policy/apparmor-profiles/files/digest-apparmor-profiles-2.0_p119 @@ -0,0 +1,3 @@ +MD5 93e3dbee491b4dc5c12ea6b4ccf7309a apparmor-profiles-2.0-119.tar.gz 38442 +RMD160 41960baad897408ef9fed48829975b7d7ad5381a apparmor-profiles-2.0-119.tar.gz 38442 +SHA256 747be3c170cd9bb599e6c5a6b1c19a1ec8e8f614b469ef52d7e6640830698efd apparmor-profiles-2.0-119.tar.gz 38442 diff --git a/sec-policy/apparmor-profiles/metadata.xml b/sec-policy/apparmor-profiles/metadata.xml new file mode 100644 index 0000000..b561ceb --- /dev/null +++ b/sec-policy/apparmor-profiles/metadata.xml @@ -0,0 +1,11 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<herd>apparmor</herd> +<maintainer> + <email>zeypher@gentoo.org</email> + <name>Matthew Snelham</name> + <description>Primary Maintainer</description> +</maintainer> +<longdescription lang="en">Default Apparmor profiles from the official Novell releases.</longdescription> +</pkgmetadata> diff --git a/sys-apps/apparmor-modules/Manifest b/sys-apps/apparmor-modules/Manifest new file mode 100644 index 0000000..bbd6bf5 --- /dev/null +++ b/sys-apps/apparmor-modules/Manifest @@ -0,0 +1,16 @@ +AUX apparmor-modules-2.0_2.6.17.9_symbol_export.patch 2976 RMD160 b9232cb4b78bfccd7154f27af554aedc0a01b53f SHA1 19ac2f051379f6733f7760eee2c37dde670bb746 SHA256 f364111249e598379886880d427435474609898dd77df8770112b3594305bd80 +MD5 fb0f6966a5fafacc3ca5cd453973e3f9 files/apparmor-modules-2.0_2.6.17.9_symbol_export.patch 2976 +RMD160 b9232cb4b78bfccd7154f27af554aedc0a01b53f files/apparmor-modules-2.0_2.6.17.9_symbol_export.patch 2976 +SHA256 f364111249e598379886880d427435474609898dd77df8770112b3594305bd80 files/apparmor-modules-2.0_2.6.17.9_symbol_export.patch 2976 +DIST apparmor-external-module.tar.gz 112408 RMD160 b333459588b0ccaaf36c6247555ff560daa3f95c SHA1 fbef407f3611c8c38ca66ce977fc5271e4140eec SHA256 70d66089a46f87f7fbaf504a3e40e4511e21c4a03345f0142315743bb9278d2f +EBUILD apparmor-modules-2.0_p20061013.ebuild 2101 RMD160 7d4763a25cf45f6482b0825ab4b24253f81e7a8e SHA1 8fbba9e272c280969c4c20d36669233876e14c38 SHA256 5248af5d4ba292f14a0e1ce82a60321b94902caabe83aeb103df1dc3524bc9ca +MD5 d49c592873548e7e2445ede86369cd4e apparmor-modules-2.0_p20061013.ebuild 2101 +RMD160 7d4763a25cf45f6482b0825ab4b24253f81e7a8e apparmor-modules-2.0_p20061013.ebuild 2101 +SHA256 5248af5d4ba292f14a0e1ce82a60321b94902caabe83aeb103df1dc3524bc9ca apparmor-modules-2.0_p20061013.ebuild 2101 +MISC metadata.xml 380 RMD160 9e87c8cc3fb3ee2b04080188ddaab74dcd1b291b SHA1 8d1beaea2ad08aa621f45f7e1b86b4b1a4b72575 SHA256 3e262ff06a7f21693b9ad6106a959a04514b35e7d14e25df5e6648a7cf7ee827 +MD5 56ab0ca0dca9b8dd896c9d3bff58f039 metadata.xml 380 +RMD160 9e87c8cc3fb3ee2b04080188ddaab74dcd1b291b metadata.xml 380 +SHA256 3e262ff06a7f21693b9ad6106a959a04514b35e7d14e25df5e6648a7cf7ee827 metadata.xml 380 +MD5 ada15501d8ce59813443b9fb8b7359ef files/digest-apparmor-modules-2.0_p20061013 274 +RMD160 76b75c7fd71ca82c198ecb095af6723f6314188e files/digest-apparmor-modules-2.0_p20061013 274 +SHA256 f382eb61c05a9f0e47d7b5e336bb296846875f76e2fe59261eaab4cf9d42d93c files/digest-apparmor-modules-2.0_p20061013 274 diff --git a/sys-apps/apparmor-modules/apparmor-modules-2.0_p20061013.ebuild b/sys-apps/apparmor-modules/apparmor-modules-2.0_p20061013.ebuild new file mode 100644 index 0000000..01fbc2d --- /dev/null +++ b/sys-apps/apparmor-modules/apparmor-modules-2.0_p20061013.ebuild @@ -0,0 +1,80 @@ +# Copyright 1999-2006 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: $ + +inherit linux-mod + +MY_S="${WORKDIR}/apparmor_modules/module" +MONTH="October" + +DESCRIPTION="Kernel modules for AppArmor" +HOMEPAGE="ihttp://forge.novell.com/modules/xfmod/project/?apparmor" +SRC_URI="http://forgeftp.novell.com/apparmor/Development%20-%20${MONTH}%20Snapshot/apparmor-external-module.tar.gz" + +LICENSE="LGPL-2.1" +SLOT="0" +KEYWORDS="~x86 ~amd64" +IUSE="" + +DEPEND="virtual/libc" +RDEPEND="${DEPEND} + sys-apps/apparmor-parser" + +pkg_setup() { + linux-info_pkg_setup + + if kernel_is lt 2 6 16 ; then + eerror "You must have at least a 2.6.16 kernel to use this package." + die "Insufficent kernel version" + fi + + if linux_chkconfig_present CONFIG_SECURITY ; then + eerror "CONFIG_SECURITY must be enabled in your kernel to build ${PN}" + die "Bad kernel config" + fi + + if (grep 'namespace_sem' ${KV_DIR}/include/linux/namespace.h >/dev/null 2>&1 && grep 'AUDIT_SD' ${KV_DIR}/include/linux/audit.h >/dev/null 2>&1 ) + then + einfo "Required Symbol patch seems to have been applied; continuing." + else + eerror "Required symbols do not appear to be exported." + ewarn + ewarn "AppArmor modules requires a patch be applied against the" + ewarn "kernel source to export several symbols." + ewarn + ewarn "Current patches can currently be found in: " + ewarn " ${FILESDIR}" + ewarn "where the clostest matching KERNEL_VER patch:" + ewarn " ${P/_p*/}_[KERNEL_VER]_symbol_export.patch" + ewarn "should apply cleanly." + ewarn + ewarn "After applying this patch and re-compiling," + ewarn "re-emerge this package" + ewarn + die "Missing apparmor symbol export patch" + fi + +} + +src_unpack() { + unpack ${A} + cd "${MY_S}" + + sed -i 's/^all:/modules:/g' Makefile + sed -i 's/mv/#mv/g' Makefile +} + +src_compile() { + cd "${MY_S}" + unset ARCH + CONFIG_SECURITY_APPARMOR=m make +} + +src_install() { + cd "${MY_S}" + + insinto /lib/modules/${KV_FULL}/kernel/security/apparmor + doins apparmor.ko + insinto /lib/modules/${KV_FULL}/kernel/security/apparmor/aamatch + doins aamatch/aamatch_pcre.ko +} diff --git a/sys-apps/apparmor-modules/files/apparmor-modules-2.0_2.6.17.9_symbol_export.patch b/sys-apps/apparmor-modules/files/apparmor-modules-2.0_2.6.17.9_symbol_export.patch new file mode 100644 index 0000000..c0e97bb --- /dev/null +++ b/sys-apps/apparmor-modules/files/apparmor-modules-2.0_2.6.17.9_symbol_export.patch @@ -0,0 +1,83 @@ +From: tonyj@suse.de +Subject: Export namespace semaphore +Patch-mainline: no + +Export global namespace_sem (this used to be a per namespace semaphore). +Alas, this isn't going to win _any_ points for style. +Patch is not in mainline -- pending AppArmor code submission to lkml + +--- +--- linux-2.6.17.9.orig/fs/namespace.c ++++ linux-2.6.17.9/fs/namespace.c +@@ -46,7 +46,8 @@ static int event; + static struct list_head *mount_hashtable __read_mostly; + static int hash_mask __read_mostly, hash_bits __read_mostly; + static kmem_cache_t *mnt_cache __read_mostly; +-static struct rw_semaphore namespace_sem; ++struct rw_semaphore namespace_sem; ++EXPORT_SYMBOL_GPL(namespace_sem); + + /* /sys/fs */ + decl_subsys(fs, NULL, NULL); +--- linux-2.6.17.9.orig/include/linux/namespace.h ++++ linux-2.6.17.9/include/linux/namespace.h +@@ -5,6 +5,9 @@ + #include <linux/mount.h> + #include <linux/sched.h> + ++/* exported for AppArmor (SubDomain) */ ++extern struct rw_semaphore namespace_sem; ++ + struct namespace { + atomic_t count; + struct vfsmount * root; + + +From: tonyj@suse.de +Subject: Export audit subsystem for use by modules +Patch-mainline: no + +Adds necessary export symbols for audit subsystem routines. +Changes audit_log_vformat to be externally visible (analagous to vprintf) +Patch is not in mainline -- pending AppArmor code submission to lkml + +--- linux-2.6.17.9.orig/include/linux/audit.h ++++ linux-2.6.17.9/include/linux/audit.h +@@ -96,6 +96,8 @@ + #define AUDIT_LAST_KERN_ANOM_MSG 1799 + #define AUDIT_ANOM_PROMISCUOUS 1700 /* Device changed promiscuous mode */ + ++#define AUDIT_SD 1500 /* AppArmor (SubDomain) audit */ ++ + #define AUDIT_KERNEL 2000 /* Asynchronous audit record. NOT A REQUEST. */ + + /* Rule flags */ +@@ -357,6 +359,9 @@ extern void audit_log(struct audit_ + __attribute__((format(printf,4,5))); + + extern struct audit_buffer *audit_log_start(struct audit_context *ctx, gfp_t gfp_mask, int type); ++extern void audit_log_vformat(struct audit_buffer *ab, ++ const char *fmt, va_list args) ++ __attribute__((format(printf,2,0))); + extern void audit_log_format(struct audit_buffer *ab, + const char *fmt, ...) + __attribute__((format(printf,2,3))); +--- linux-2.6.17.9.orig/kernel/audit.c ++++ linux-2.6.17.9/kernel/audit.c +@@ -893,8 +893,7 @@ static inline int audit_expand(struct au + * will be called a second time. Currently, we assume that a printk + * can't format message larger than 1024 bytes, so we don't either. + */ +-static void audit_log_vformat(struct audit_buffer *ab, const char *fmt, +- va_list args) ++void audit_log_vformat(struct audit_buffer *ab, const char *fmt, va_list args) + { + int len, avail; + struct sk_buff *skb; +@@ -1096,3 +1095,6 @@ EXPORT_SYMBOL(audit_log_start); + EXPORT_SYMBOL(audit_log_end); + EXPORT_SYMBOL(audit_log_format); + EXPORT_SYMBOL(audit_log); ++EXPORT_SYMBOL_GPL(audit_log_vformat); ++EXPORT_SYMBOL_GPL(audit_log_untrustedstring); ++EXPORT_SYMBOL_GPL(audit_log_d_path); diff --git a/sys-apps/apparmor-modules/files/digest-apparmor-modules-2.0_p20061013 b/sys-apps/apparmor-modules/files/digest-apparmor-modules-2.0_p20061013 new file mode 100644 index 0000000..9f05f65 --- /dev/null +++ b/sys-apps/apparmor-modules/files/digest-apparmor-modules-2.0_p20061013 @@ -0,0 +1,3 @@ +MD5 919d64ba6c357a24a3c8e78ea0f94058 apparmor-external-module.tar.gz 112408 +RMD160 b333459588b0ccaaf36c6247555ff560daa3f95c apparmor-external-module.tar.gz 112408 +SHA256 70d66089a46f87f7fbaf504a3e40e4511e21c4a03345f0142315743bb9278d2f apparmor-external-module.tar.gz 112408 diff --git a/sys-apps/apparmor-modules/metadata.xml b/sys-apps/apparmor-modules/metadata.xml new file mode 100644 index 0000000..5622ad5 --- /dev/null +++ b/sys-apps/apparmor-modules/metadata.xml @@ -0,0 +1,11 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<herd>apparmor-modules</herd> +<maintainer> + <email>zeypher@gentoo.org</email> + <name>Matthew Snelham</name> + <description>Primary Maintainer</description> +</maintainer> +<longdescription lang="en">Apparmor kernel modules</longdescription> +</pkgmetadata> diff --git a/sys-apps/apparmor-parser/Manifest b/sys-apps/apparmor-parser/Manifest new file mode 100644 index 0000000..a7bb926 --- /dev/null +++ b/sys-apps/apparmor-parser/Manifest @@ -0,0 +1,28 @@ +AUX aaeventd 824 RMD160 032cce20f81b7b0e1f6f38cb6e1c392d70407ad5 SHA1 8adaa5e21867cab21c5fa907c974fb94cb280f70 SHA256 dbaa7fd1197388146c7a1a9b59553815fdcd0498510f7b7bf752af88f8eb1780 +MD5 379ee71ea946bd90c98e94e362bf9f2c files/aaeventd 824 +RMD160 032cce20f81b7b0e1f6f38cb6e1c392d70407ad5 files/aaeventd 824 +SHA256 dbaa7fd1197388146c7a1a9b59553815fdcd0498510f7b7bf752af88f8eb1780 files/aaeventd 824 +AUX apparmor 1090 RMD160 8d9781974318232731ef26881d7d57fc5991044c SHA1 2acee7585d1329bcb92cb8902ec36e1d0b94f5d6 SHA256 5c7b251473e7bf6a876e0d59d89cff3707bf5a6fcda0d9e95d50a463c8eddc8f +MD5 7771cab70810b82185f0ed211f131018 files/apparmor 1090 +RMD160 8d9781974318232731ef26881d7d57fc5991044c files/apparmor 1090 +SHA256 5c7b251473e7bf6a876e0d59d89cff3707bf5a6fcda0d9e95d50a463c8eddc8f files/apparmor 1090 +AUX rc.apparmor.functions 11898 RMD160 12453790ffd14deed48b062f27d12bf2b2910ee4 SHA1 ec936b69474750dfd0205f451472e7d81b66f41a SHA256 d9cdb82c10bb5aa40c39d0f93c418a11020abc2d6df7154a831a71c816345618 +MD5 2adf748409596598872530ec06ef8717 files/rc.apparmor.functions 11898 +RMD160 12453790ffd14deed48b062f27d12bf2b2910ee4 files/rc.apparmor.functions 11898 +SHA256 d9cdb82c10bb5aa40c39d0f93c418a11020abc2d6df7154a831a71c816345618 files/rc.apparmor.functions 11898 +AUX rc.helper.functions 690 RMD160 d0b3b06a45645be5bc9d30b8ef19d518ac59940a SHA1 a58ba3ca5d59e099a3570ee21a62f5b4a6eb25fa SHA256 d065ac76a66d856716d77dd06b64478ed90c3b487d414cf8e33fc46ea77a723d +MD5 5d9c000b99bd66788b988cb6d14b9b3d files/rc.helper.functions 690 +RMD160 d0b3b06a45645be5bc9d30b8ef19d518ac59940a files/rc.helper.functions 690 +SHA256 d065ac76a66d856716d77dd06b64478ed90c3b487d414cf8e33fc46ea77a723d files/rc.helper.functions 690 +DIST apparmor-parser-2.0-150.tar.gz 189171 RMD160 cf3299716fdf042cf326cf884d93fdcb5089dba6 SHA1 099ae08655ee2fc1d206166a7a4f8622637c02fc SHA256 678027c88cf69b42f8c7a36adfbe917489eb80800bc9eefe3b3f043bf01e6ee6 +EBUILD apparmor-parser-2.0_p150.ebuild 1536 RMD160 79a5cd3fa4d5f1b5c3477082df18069a14c436b9 SHA1 31485b5861a9c2d748b246800bd25698d78c9c6a SHA256 1b8aefcb2f1f3fea538ebb0ac28f27f6dba9bea364742a6758961ae5de7a634e +MD5 f7a906c660203595696da4f7c9cea72d apparmor-parser-2.0_p150.ebuild 1536 +RMD160 79a5cd3fa4d5f1b5c3477082df18069a14c436b9 apparmor-parser-2.0_p150.ebuild 1536 +SHA256 1b8aefcb2f1f3fea538ebb0ac28f27f6dba9bea364742a6758961ae5de7a634e apparmor-parser-2.0_p150.ebuild 1536 +MISC metadata.xml 410 RMD160 f7a2e5bd002b14009087b531ca78a33729d03996 SHA1 da0799e2f50c414a10dc748f96f5ea700531b886 SHA256 eb83d68c65805b04931940b2886a033c3f7a92827a2e65947d1ce174c73f42a2 +MD5 5dd11f6e7b3832577a2cba63652d3ae9 metadata.xml 410 +RMD160 f7a2e5bd002b14009087b531ca78a33729d03996 metadata.xml 410 +SHA256 eb83d68c65805b04931940b2886a033c3f7a92827a2e65947d1ce174c73f42a2 metadata.xml 410 +MD5 f8b11c14f5b9a1945c17a5f94b338d2b files/digest-apparmor-parser-2.0_p150 271 +RMD160 a70e60c1977d77b9b90bca4617758a60e1449115 files/digest-apparmor-parser-2.0_p150 271 +SHA256 0d5798506f6e78b3f6f8bff3f1d8d98d43d040576e2edbe3c893ac8fa164847a files/digest-apparmor-parser-2.0_p150 271 diff --git a/sys-apps/apparmor-parser/apparmor-parser-2.0_p150.ebuild b/sys-apps/apparmor-parser/apparmor-parser-2.0_p150.ebuild new file mode 100644 index 0000000..efb81ed --- /dev/null +++ b/sys-apps/apparmor-parser/apparmor-parser-2.0_p150.ebuild @@ -0,0 +1,62 @@ +# Copyright 1999-2006 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: $ + +inherit eutils perl-module toolchain-funcs + +MY_PV="${PV/_p/-}" +MY_P="${PN}-${MY_PV}" +MY_S="${WORKDIR}/${PN}-${PV/_p*/}" +MONTH="October" + +DESCRIPTION="The userspace tools and init scripts to load security profiles into the apparmor kernel security module." +HOMEPAGE="http://forge.novell.com/modules/xfmod/project/?apparmor" +SRC_URI="http://forgeftp.novell.com/apparmor/Development%20-%20${MONTH}%20Snapshot/${MY_P}.tar.gz" + + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~x86 ~amd64" +IUSE="" + +DEPEND="sys-libs/libapparmor + sys-libs/libcap + dev-libs/libpcre + sys-devel/bison + sys-devel/flex" + +RDEPEND="|| ( sys-kernel/apparmor-sources sys-apps/apparmor-modules )" + +src_unpack() { + unpack ${A} + + ## apparmor-parser + cd ${MY_S} + # the Make.rules isn't needed for Gentoo + sed -i "s/^include Make.rules//g" Makefile + # Un-needed historical artifact, AND ugly non-LSB path + # This is mounted at /sys/kernel/security/subdomain, not /subdomain + sed -i 's/^.*\/subdomain//g' Makefile +} + +src_compile() { + cd ${MY_S} + emake CC="$(tc-getCC)" CFLAGS="${CFLAGS}" || die +} + +src_install() { + + ## apparmor-parser + cd ${MY_S} + make DESTDIR=${D} install || die + + ## Init script and addtional files + doinitd ${FILESDIR}/apparmor + doinitd ${FILESDIR}/aaeventd + insopts -m0644 + insinto /lib/apparmor + doins ${FILESDIR}/rc.helper.functions + doins ${FILESDIR}/rc.apparmor.functions + + dodir /etc/apparmor.d/abstractions +} diff --git a/sys-apps/apparmor-parser/files/aaeventd b/sys-apps/apparmor-parser/files/aaeventd new file mode 100755 index 0000000..efe9cc3 --- /dev/null +++ b/sys-apps/apparmor-parser/files/aaeventd @@ -0,0 +1,40 @@ +#!/sbin/runscript +# Copyright 1999-2006 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: $ + +APPARMOR_FUNCTIONS=/lib/apparmor/rc.apparmor.functions +APPARMOR_HELPERS=/lib/apparmor/rc.helper.functions +if [ -f "${APPARMOR_HELPERS}" -a -f "${APPARMOR_FUNCTIONS}" ]; then + source ${APPARMOR_HELPERS} + source ${APPARMOR_FUNCTIONS} +else + eend 1 "Unable to find AppArmor initscript functions" +fi + +depend() { + need apparmor + use logger dns +} + +start() { + ebegin "Starting aaeventd (AppArmor Event Daemon)" + + if [ "${APPARMOR_ENABLE_AAEVENTD}" = "no" ]; then + eend 1 " aaeventd disabled in ${APPARMOR_CONF}." + fi + + start_sd_event + eend $waserror +} + +stop() { + ebegin "Stopping aaeventd (AppArmor Event Daemon)" + stop_sd_event + eend $waserror +} + +restart() { + srv_stop + srv_start +} diff --git a/sys-apps/apparmor-parser/files/apparmor b/sys-apps/apparmor-parser/files/apparmor new file mode 100755 index 0000000..26daeca --- /dev/null +++ b/sys-apps/apparmor-parser/files/apparmor @@ -0,0 +1,55 @@ +#!/sbin/runscript +# Copyright 1999-2006 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: $ +# +# rc.apparmor.gentoo: contribuited by Matthew Snelham +# /etc/init.d/apparmor + +APPARMOR_FUNCTIONS=/lib/apparmor/rc.apparmor.functions +APPARMOR_HELPERS=/lib/apparmor/rc.helper.functions +if [ -f "${APPARMOR_HELPERS}" -a -f "${APPARMOR_FUNCTIONS}" ]; then + source ${APPARMOR_HELPERS} + source ${APPARMOR_FUNCTIONS} +else + eend 1 "Unable to find AppArmor initscript functions" +fi + +opts="${opts} reload status" + +depend() { + need localmount + ## AppArmor needs to be loaded before any other + ## (potentially protected) user-space services come up. + #before * +} + +start() { + ebegin "Starting AppArmor" + subdomain_start + einfo "...AppArmor Start" + eend $waserror +} + +stop() { + ebegin "Stopping AppArmor" + subdomain_stop + einfo "...AppArmor Stop" + eend $waserror +} + +restart() { + svc_stop; svc_start +} + +reload() { + ebegin "Restarting AppArmor" + subdomain_restart + eend $? +} + +status() { + ebegin "Checking AppArmor Status" + subdomain_status + eend $? +} diff --git a/sys-apps/apparmor-parser/files/digest-apparmor-parser-2.0_p150 b/sys-apps/apparmor-parser/files/digest-apparmor-parser-2.0_p150 new file mode 100644 index 0000000..1b254d3 --- /dev/null +++ b/sys-apps/apparmor-parser/files/digest-apparmor-parser-2.0_p150 @@ -0,0 +1,3 @@ +MD5 cbb25435e4353b10b5fdd96f80c854b9 apparmor-parser-2.0-150.tar.gz 189171 +RMD160 cf3299716fdf042cf326cf884d93fdcb5089dba6 apparmor-parser-2.0-150.tar.gz 189171 +SHA256 678027c88cf69b42f8c7a36adfbe917489eb80800bc9eefe3b3f043bf01e6ee6 apparmor-parser-2.0-150.tar.gz 189171 diff --git a/sys-apps/apparmor-parser/files/rc.apparmor.functions b/sys-apps/apparmor-parser/files/rc.apparmor.functions new file mode 100644 index 0000000..890f3fb --- /dev/null +++ b/sys-apps/apparmor-parser/files/rc.apparmor.functions @@ -0,0 +1,443 @@ +#!/bin/sh +# +# ---------------------------------------------------------------------- +# Copyright (c) 1999, 2000, 20001, 2004, 2005, NOVELL (All rights reserved) +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of version 2 of the GNU General Public +# License published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, contact Novell, Inc. +# ---------------------------------------------------------------------- +# rc.subdomain.functions by Steve Beattie +# Modified for Gentoo Linux, by Matthew Snelham +# +# Modifications Copyright 1999-2006 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: $ + + +# NOTE: rc.subdomain initscripts that source this file need to implement +# the following set of functions: +# sd_action +# sd_log_info_msg +# sd_log_success_msg +# sd_log_warning_msg +# sd_log_failure_msg + + +CONFIG_DIR=/etc/apparmor +MODULE=apparmor +OLD_MODULE=subdomain +if [ -f "${CONFIG_DIR}/${MODULE}.conf" ] ; then + APPARMOR_CONF="${CONFIG_DIR}/${MODULE}.conf" +elif [ -f "${CONFIG_DIR}/${OLD_MODULE}.conf" ] ; then + APPARMOR_CONF="${CONFIG_DIR}/${OLD_MODULE}.conf" +else + sd_log_warning_msg "Unable to find config file in ${CONFIG_DIR}, installation problem?" +fi + +# Read configuration options from ${APPARMOR_CONF}, default is to +# warn if subdomain won't load. +APPARMOR_MODULE_PANIC="warn" +SUBDOMAIN_ENABLE_OWLSM="no" +APPARMOR_ENABLE_AAEVENTD="no" + +if [ -f "${APPARMOR_CONF}" ] ; then + source "${APPARMOR_CONF}" +fi + +if [ -f /sbin/apparmor_parser ] ; then + PARSER=/sbin/apparmor_parser +else + sd_log_failure_msg "Unable to find apparmor_parser, installation problem?" + exit 1 +fi + +# APPARMOR_DIR might be redefined in ${APPARMOR_CONF} +if [ -d "${APPAMROR_DIR}" ] ; then + PROFILE_DIR=${APPARMOR_DIR} +elif [ -d /etc/apparmor.d ] ; then + PROFILE_DIR=/etc/apparmor.d +fi +ABSTRACTIONS="-I${PROFILE_DIR}" +AA_EV_BIN=/usr/sbin/aa-eventd +AA_EV_PIDFILE=/var/run/aa-eventd.pid +AA_STATUS=/usr/sbin/apparmor_status +SD_EV_BIN=/usr/sbin/sd-event-dispatch.pl +SD_EV_PIDFILE=/var/run/sd-event-dispatch.init.pid +SD_STATUS=/usr/sbin/subdomain_status +if grep -q securityfs /proc/filesystems ; then + SECURITYFS=/sys/kernel/security +fi + +SUBDOMAINFS_MOUNTPOINT=$(grep subdomainfs /etc/fstab | \ + sed -e 's|^[[:space:]]*[^[:space:]]\+[[:space:]]\+\(/[^[:space:]]*\)[[:space:]]\+subdomainfs.*$|\1|' 2> /dev/null) + +if [ -d "/var/lib/${MODULE}" ] ; then + APPARMOR_TMPDIR="/var/lib/${MODULE}" +else + APPARMOR_TMPDIR="/tmp" +fi + + +function parse_profiles() { + # get parser arg + case "$1" in + load) + PARSER_ARGS="--add" + PARSER_MSG="Loading AppArmor profiles " + ;; + reload) + PARSER_ARGS="--replace" + PARSER_MSG="Reloading AppArmor profiles " + ;; + *) + exit 1 + ;; + esac + sd_log_info_msg "$PARSER_MSG" + + # run the parser on all of the apparmor profiles + if [ ! -f "$PARSER" ]; then + sd_log_failure_msg "$PARSER_MSG - AppArmor parser not found" + exit 1 + fi + + if [ ! -d "$PROFILE_DIR" ]; then + sd_log_failure_msg "$PARSER_MSG - Profile directory not found" + exit 1 + fi + + if [ "X" == "X$(ls $PROFILE_DIR/)" ]; then + sd_log_warning_msg "$PARSER_MSG - No profiles found" + exit 1 + fi + + for profile in $PROFILE_DIR/*; do + if [ "${profile%.rpmnew}" != "${profile}" -o \ + "${profile%.rpmsave}" != "${profile}" -o \ + "${profile%\~}" != "${profile}" ] + then + sd_log_warning_msg "Skipping profile $profile" + elif [ -f "${profile}" ] ; then + sd_action " Adding profile: `basename ${profile}`" $PARSER $ABSTRACTIONS $PARSER_ARGS ${profile} + if [ $? -ne 0 ]; then + waserror=1 + fi + fi + done +} + +function profiles_names_list() { + # run the parser on all of the apparmor profiles + TMPFILE=$1 + if [ ! -f "$PARSER" ]; then + sd_log_failure_msg "AppArmor parser ($PARSER) not found" + exit 1 + fi + + if [ ! -d "$PROFILE_DIR" ]; then + sd_log_failure_msg "Profile directory ($PROFILE_DIR) not found" + exit 1 + fi + + for profile in $PROFILE_DIR/*; do + if [ "${profile%.rpmnew}" != "${profile}" -o \ + "${profile%.rpmsave}" != "${profile}" -o \ + "${profile%\~}" != "${profile}" ] + then + echo "nop" >/dev/null + elif [ -f "${profile}" ] ; then + LIST_ADD=$($PARSER $ABSTRACTIONS -N "$profile" | grep -v '\^') + if [ $? -eq 0 ]; then + echo "$LIST_ADD" >>$TMPFILE + fi + fi + done +} + +function is_securityfs_mounted() { + if grep -q securityfs /proc/filesystems && grep -q securityfs /proc/mounts ; then + if [ -f "${SECURITYFS}/${MODULE}/profiles" ]; then + SFS_MOUNTPOINT="${SECURITYFS}/${MODULE}" + return 0 + fi + fi + return 1 +} + +function mount_securityfs() { + if [ "X" != "X${SECURITYFS}" ]; then + if ! grep -q securityfs /proc/mounts ; then + sd_action "Mounting securityfs on ${SECURITYFS}" \ + mount -t securityfs securityfs "${SECURITYFS}" + rc=$? + if [ -f "${SECURITYFS}/${MODULE}/profiles" ]; then + SFS_MOUNTPOINT="${SECURITYFS}/${MODULE}" + else + SFS_MOUNTPOINT="${SECURITYFS}/${MODULE}" + fi + return $rc + fi + fi + return 0 +} + +function unmount_securityfs() { + SUBDOMAINFS=$(grep subdomainfs /proc/mounts | cut -d" " -f2 2> /dev/null) + if [ "X" != "X${SUBDOMAINFS}" ]; then + sd_action "Unmounting securityfs" umount ${SUBDOMAINFS} + fi +} + +function failstop_system() { + level=$(runlevel | cut -d" " -f2) + if [ $level -ne "1" ] ; then + sd_log_failure_msg "Could not start AppArmor. Changing to runlevel 1" + telinit 1; + return -1; + fi + sd_log_failure_msg "Could not start AppArmor." + return -1 +} + +function module_panic() { + # the module failed to load, determine what action should be taken + + case "$APPARMOR_MODULE_PANIC" in + "warn"|"WARN") sd_log_failure_msg "Could not start AppArmor" + return -1 ;; + "panic"|"PANIC") failstop_system + rc=$? + return $rc ;; + *) sd_log_failure_msg "Invalid AppArmor module fail option" + return -1 ;; + esac +} + +function load_module() { + if modinfo -F filename apparmor > /dev/null 2>&1 ; then + MODULE=apparmor + elif modinfo -F filename subdomain > /dev/null 2>&1 ; then + MODULE=subdomain + fi + if ! grep -qE "^(subdomain|apparmor)[[:space:]]" /proc/modules ; then + sd_action "Loading AppArmor module" /sbin/modprobe $MODULE $1 + rc=$? + if [ $rc -ne 0 ] ; then + # we couldn't find the module + module_panic + rc=$? + if [ $rc -ne 0 ] ; then + exit $rc + fi + fi + fi +} + +function start_sd_event() { + if [ -x "$AA_EV_BIN" -a "${APPARMOR_ENABLE_AAEVENTD}" = "yes" ] ; then + sd_action "Starting AppArmor Event daemon" startproc -f -p $AA_EV_PIDFILE $AA_EV_BIN -p $AA_EV_PIDFILE + elif [ -x "$SD_EV_BIN" -a "${APPARMOR_ENABLE_AAEVENTD}" = "yes" ] ; then + sd_action "Starting AppArmor Event daemon" startproc -f -p $SD_EV_PIDFILE $SD_EV_BIN -p $SD_EV_PIDFILE + fi +} + +function stop_sd_event() { + if [ -x "$AA_EV_BIN" -a -f "$AA_EV_PIDFILE" ] ; then + sd_action "Shutting down AppArmor Event daemon" killproc -G -p $AA_EV_PIDFILE -INT $AA_EV_BIN + fi + if [ -f "$SD_EV_PIDFILE" ] ; then + sd_action "Shutting down AppArmor Event daemon" killproc -G -p $SD_EV_PIDFILE -INT $SD_EV_BIN + fi +} + +function subdomain_start() { + if ! grep -qE "^(subdomain|apparmor)[[:space:]]" /proc/modules ; then + load_module + rc=$? + if [ $rc -ne 0 ] ; then + return $rc + fi + fi + + if ! is_securityfs_mounted ; then + mount_securityfs + rc=$? + if [ $rc -ne 0 ] ; then + return $rc + fi + fi + + if [ ! -w "$SFS_MOUNTPOINT/.load" ] ; then + sd_log_failure_msg "Loading AppArmor profiles - failed, Do you have the correct privileges?" + return 1 + fi + + configure_owlsm + + if [ $(wc -l "$SFS_MOUNTPOINT/profiles" | awk '{print $1}') -eq 0 ] ; then + parse_profiles load + else + sd_log_warning_msg "Loading AppArmor profiles - AppArmor already loaded with profiles." + fi +} + +function remove_profiles() { + # removing profiles as we directly read from subdomainfs + # doesn't work, since we are removing entries which screws up + # our position. Lets hope there are never enough profiles to + # overflow the variable + if ! is_securityfs_mounted ; then + sd_log_failure_msg "failed: is securityfs loaded?" + return 1 + fi + + if [ ! -w "$SFS_MOUNTPOINT/.remove" ] ; then + sd_log_failure_msg "failed: Do you have the correct privileges?" + return 1 + fi + + if [ ! -x "${PARSER}" ] ; then + sd_log_failure_msg "failed: unable to execute subdomain parser" + return 1 + fi + + retval=0 + IFS=$'\n' + enforced_profiles=$(sed -e "s/ (\(enforce\|complain\))$//" "$SFS_MOUNTPOINT/profiles") + for profile in $enforced_profiles ; do + sd_action " Removing profile: ${profile}" sh -c "echo \"$profile { }\" | $PARSER -R" + rc=$? + if [ ${rc} -ne 0 ] ; then + retval=${rc} + fi + done + if [ ${retval} -ne 0 ] ; then + waserror=1 + fi +} + +function subdomain_stop() { + stop_sd_event + sd_log_info_msg "Unloading AppArmor profiles" + remove_profiles +} + +function subdomain_kill() { + stop_sd_event + unmount_securityfs + if grep -qE "^apparmor[[:space:]]" /proc/modules ; then + MODULE=apparmor + elif grep -qE "^subdomain[[:space:]]" /proc/modules ; then + MODULE=subdomain + else + MODULE=apparmor + fi + sd_action "Unloading AppArmor modules" /sbin/modprobe -r $MODULE +} + +function __subdomain_restart() { + if [ ! -w "$SFS_MOUNTPOINT/.load" ] ; then + sd_log_failure_msg "Loading AppArmor profiles - failed, Do you have the correct privileges?" + return 4 + fi + + configure_owlsm + parse_profiles reload + PNAMES_LIST=$(mktemp ${APPARMOR_TMPDIR}/tmp.XXXXXXXX) + profiles_names_list ${PNAMES_LIST} + MODULE_PLIST=$(mktemp ${APPARMOR_TMPDIR}/tmp.XXXXXXXX) + sed -e "s/ (\(enforce\|complain\))$//" "$SFS_MOUNTPOINT/profiles" | sort >"$MODULE_PLIST" + #profiles=$(cat $PNAMES_LIST | sort | comm -2 -3 "$MODULE_PLIST" -) + #for profile in $profiles ; do + IFS=$'\n' && for profile in $(cat $PNAMES_LIST | sort | comm -2 -3 "$MODULE_PLIST" -) ; do + echo "\"$profile\" {}" | $PARSER -R >/dev/null + done + rm "$MODULE_PLIST" + rm "$PNAMES_LIST" + return 0 +} + +function subdomain_restart() { + if ! grep -qE "^(subdomain|apparmor)[[:space:]]" /proc/modules ; then + subdomain_start + rc=$? + return $rc + fi + + if ! is_securityfs_mounted ; then + mount_securityfs + rc=$? + if [ $rc -ne 0 ] ; then + return $rc + fi + fi + + __subdomain_restart + rc=$? + return $rc +} + +function subdomain_try_restart() { + if ! grep -qE "^(subdomain|apparmor)[[:space:]]" /proc/modules ; then + return 1 + fi + + if ! is_securityfs_mounted ; then + return 1 + fi + + __subdomain_restart + rc=$? + return $rc +} + +function subdomain_debug() { + subdomain_kill + load_module "subdomain_debug=1" + mount_securityfs + configure_owlsm + parse_profiles load +} + +function configure_owlsm () { + if [ "${SUBDOMAIN_ENABLE_OWLSM}" = "yes" -a -f ${SFS_MOUNTPOINT}/control/owlsm ] ; then + # Sigh, the "sh -c" is necessary for the SuSE sd_action + # and it can't be abstracted out as a seperate function, as + # that breaks under RedHat's action, which needs a + # binary to invoke. + sd_action "Enabling OWLSM extension" sh -c "echo -n \"1\" > \"${SFS_MOUNTPOINT}/control/owlsm\"" + elif [ -f "${SFS_MOUNTPOINT}/control/owlsm" ] ; then + sd_action "Disabling OWLSM extension" sh -c "echo -n \"0\" > \"${SFS_MOUNTPOINT}/control/owlsm\"" + fi +} + +function subdomain_status () { + if test -x ${AA_STATUS} ; then + ${AA_STATUS} --verbose + return $? + fi + if test -x ${SD_STATUS} ; then + ${SD_STATUS} --verbose + return $? + fi + if ! grep -qE "^(subdomain|apparmor)[[:space:]]" /proc/modules ; then + sd_log_failure_msg "AppArmor not loaded." + rc=1 + else + sd_log_success_msg "AppArmor module enabled." + rc=0 + fi + sd_log_warning_msg "Install the apparmor-utils package to receive more detailed" + sd_log_warning_msg "status information here (or examine ${SFS_MOUNTPOINT} directly)." + + return $rc +} diff --git a/sys-apps/apparmor-parser/files/rc.helper.functions b/sys-apps/apparmor-parser/files/rc.helper.functions new file mode 100644 index 0000000..692414e --- /dev/null +++ b/sys-apps/apparmor-parser/files/rc.helper.functions @@ -0,0 +1,47 @@ +# Copyright 1999-2006 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: $ + +waserror=0 + +function sd_action() { + MSG=$1 + shift + #echo "ACTION: $*" + $* > /dev/null + rc=$? + if [ $rc -ne 0 ] ; then + sd_log_failure_msg $"$MSG" + else + sd_log_success_msg $"$MSG" + fi + return $rc +} + +function sd_log_info_msg() { + einfo " $*" +} + +function sd_log_warning_msg() { + ewarn " $*" +} + +function sd_log_success_msg() { + einfo " $*" + eend 0 +} + +function sd_log_failure_msg() { + waserror=1 + einfo " $*" + eend 1 +} + +function startproc() { + /sbin/start-stop-daemon --start -p $3 --exec $4 -- -p $3 +} + +function killproc() { + /sbin/start-stop-daemon --stop -p $3 +} + diff --git a/sys-apps/apparmor-parser/metadata.xml b/sys-apps/apparmor-parser/metadata.xml new file mode 100644 index 0000000..865f70e --- /dev/null +++ b/sys-apps/apparmor-parser/metadata.xml @@ -0,0 +1,11 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<herd>apparmor</herd> +<maintainer> + <email>zeypher@gentoo.org</email> + <name>Matthew Snelham</name> + <description>Primary Maintainer</description> +</maintainer> +<longdescription lang="en">Core Apparmor package containing the userspace policy parser.</longdescription> +</pkgmetadata> diff --git a/sys-apps/apparmor-utils/Manifest b/sys-apps/apparmor-utils/Manifest new file mode 100644 index 0000000..c0c2991 --- /dev/null +++ b/sys-apps/apparmor-utils/Manifest @@ -0,0 +1,12 @@ +DIST apparmor-utils-2.0-142.tar.gz 87393 RMD160 306371feded05fd6fc0daeb418aa85ed0a07f95b SHA1 7686dbc1e5a1df0f7fba9fff95d6d692372e3360 SHA256 27e1d9716bcfa82ebb12163e59734b1ce3a8598b9af3031b04498142e872c6b8 +EBUILD apparmor-utils-2.0_p142-r1.ebuild 1260 RMD160 631ac93e3646d66983062d4d6b1eb1a163a7baeb SHA1 beaf3437248fd7a0f674660c41918cbc39fc0f0e SHA256 d4cd1d0b40bac3228c7b4cf228cb77dafaf382da42df9e80f90512a4a503c360 +MD5 e2195719cfea1c67110253ec4bbee803 apparmor-utils-2.0_p142-r1.ebuild 1260 +RMD160 631ac93e3646d66983062d4d6b1eb1a163a7baeb apparmor-utils-2.0_p142-r1.ebuild 1260 +SHA256 d4cd1d0b40bac3228c7b4cf228cb77dafaf382da42df9e80f90512a4a503c360 apparmor-utils-2.0_p142-r1.ebuild 1260 +MISC metadata.xml 412 RMD160 172fbf1951b2a2bd7a308b24f1241e5f816efcbe SHA1 710f9d726e2f9e0b8e3be497fb2ddae2ea81c6f9 SHA256 9504a74c434840a7f233f71cd6cd679aef3a9d709f7b7580b6d92a7ea905610c +MD5 2ba9587ad445b45a9443eee7cb2f1f8f metadata.xml 412 +RMD160 172fbf1951b2a2bd7a308b24f1241e5f816efcbe metadata.xml 412 +SHA256 9504a74c434840a7f233f71cd6cd679aef3a9d709f7b7580b6d92a7ea905610c metadata.xml 412 +MD5 fa93f53f0da00233ecf5f96ca3205461 files/digest-apparmor-utils-2.0_p142-r1 265 +RMD160 fb95c24dd19ede19556c35a65085736241a5a868 files/digest-apparmor-utils-2.0_p142-r1 265 +SHA256 9e4f3666c0beaa61748c798a3937b529cc8110901f5405bdc498f4668c8d6eb9 files/digest-apparmor-utils-2.0_p142-r1 265 diff --git a/sys-apps/apparmor-utils/apparmor-utils-2.0_p142-r1.ebuild b/sys-apps/apparmor-utils/apparmor-utils-2.0_p142-r1.ebuild new file mode 100644 index 0000000..711cee7 --- /dev/null +++ b/sys-apps/apparmor-utils/apparmor-utils-2.0_p142-r1.ebuild @@ -0,0 +1,56 @@ +# Copyright 1999-2006 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: $ + +inherit eutils perl-module toolchain-funcs + +#MY_PN="apparmor-utils" +MY_PV="${PV/_p/-}" +MY_P="${PN}-${MY_PV}" +MY_S="${WORKDIR}/${PN}-${PV/_p*/}" +MONTH="October" + +DESCRIPTION="AppArmor utilities for profile creation and management." +HOMEPAGE="http://forge.novell.com/modules/xfmod/project/?apparmor" +SRC_URI="http://forgeftp.novell.com/apparmor/Development%20-%20${MONTH}%20Snapshot/${MY_P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~x86 ~amd64" +IUSE="vim-syntax" + +DEPEND="sys-libs/libapparmor + sys-apps/apparmor-parser + sys-libs/libcap + dev-libs/libpcre + dev-lang/perl + perl-core/Test-Harness + perl-core/Getopt-Long + dev-perl/DBI + dev-perl/DBD-SQLite + dev-perl/TimeDate + dev-perl/File-Tail + dev-perl/Locale-gettext" +RDEPEND="${DEPEND} + app-doc/apparmor-docs + vim-syntax? (app-vim/apparmor-syntax)" + + +src_unpack() { + unpack ${A} + cd ${MY_S} + + # Correct path for logger + sed -i "s/\/bin\/logger/\/usr\/bin\/logger/g" genprof +} + +src_compile() { + cd ${MY_S} + emake CC="$(tc-getCC)" CFLAGS="${CFLAGS}" || die +} + +src_install() { + cd ${MY_S} + perlinfo + make DESTDIR=${D} PERLDIR="${D}/${VENDOR_LIB}/Immunix" install || die +} diff --git a/sys-apps/apparmor-utils/files/digest-apparmor-utils-2.0_p142-r1 b/sys-apps/apparmor-utils/files/digest-apparmor-utils-2.0_p142-r1 new file mode 100644 index 0000000..3829459 --- /dev/null +++ b/sys-apps/apparmor-utils/files/digest-apparmor-utils-2.0_p142-r1 @@ -0,0 +1,3 @@ +MD5 b2447c84edc2df843b7bc4baa8a1eb2c apparmor-utils-2.0-142.tar.gz 87393 +RMD160 306371feded05fd6fc0daeb418aa85ed0a07f95b apparmor-utils-2.0-142.tar.gz 87393 +SHA256 27e1d9716bcfa82ebb12163e59734b1ce3a8598b9af3031b04498142e872c6b8 apparmor-utils-2.0-142.tar.gz 87393 diff --git a/sys-apps/apparmor-utils/metadata.xml b/sys-apps/apparmor-utils/metadata.xml new file mode 100644 index 0000000..c36bb1b --- /dev/null +++ b/sys-apps/apparmor-utils/metadata.xml @@ -0,0 +1,11 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<herd>apparmor</herd> +<maintainer> + <email>zeypher@gentoo.org</email> + <name>Matthew Snelham</name> + <description>Primary Maintainer</description> +</maintainer> +<longdescription lang="en">Apparmor utilities allowing for profile creation and mangement.</longdescription> +</pkgmetadata> diff --git a/sys-kernel/apparmor-sources/Manifest b/sys-kernel/apparmor-sources/Manifest new file mode 100644 index 0000000..07060a4 --- /dev/null +++ b/sys-kernel/apparmor-sources/Manifest @@ -0,0 +1,26 @@ +DIST apparmor-kernel-patches-2.6.17.9.tar.gz 231231 RMD160 762d4b59aa508cfd82ebbeba4822ffb0551f5888 SHA1 bb754f57340ce90e25bb18be7030776ee4b9e823 SHA256 0884cd7bfdff4505fd5271ca68b72f74b352d209321ef60dc81620b0539f0ec7 +DIST apparmor-kernel-patches-2.6.18.tar.gz 231072 RMD160 f734125d986dcb3aec371f0e24126a5473d5637f SHA1 e6136d224d58ad90fd174d3c03290942644e5c45 SHA256 91224ff1f45de306c0720a5680a8f883888b52f296b0de24c63ec02668782b63 +DIST genpatches-2.6.17-1.base.tar.bz2 3337 RMD160 f9b5621fed8fcfee7da697d89097842287b41b24 SHA1 308e3daec11899f03103b5dcd2bfcff7e116c52c SHA256 2208b72729dce6daef7dc5700192aec0ae17327c794681621d2123f0c483ae21 +DIST genpatches-2.6.17-1.extras.tar.bz2 138704 RMD160 14b17e02b7893e6b023bee9e1b40f4bc85a30f05 SHA1 e671dbc29239116e627aea3d87ff7aefd8b5ca00 SHA256 fa10ec7d3d74c8bf57fb3bd01c33f83dcca3c1e4cd4601937cc2ef904cce1dfe +DIST genpatches-2.6.18-1.base.tar.bz2 2397 RMD160 1b02d9e5adba7a9a17f85691f312ee2c870c9a48 SHA1 790186d9d44c358d05489cdff417beab03124708 SHA256 e87db440591d48f74b8d50f47bde55a1652c969626befa94aba48cee57aa5da8 +DIST genpatches-2.6.18-1.extras.tar.bz2 147040 RMD160 f62b371d522fa8978cee4e809baea364ed8e804a SHA1 e98309b0203bf2f41e8efe1cd396dcfd5aec483a SHA256 080b19f98ffa8f5edbccabfa9dd4ac845ecc1b21c7fba761ad3d011893117b01 +DIST linux-2.6.17.tar.bz2 41272919 RMD160 26aad30c9a6610665c6c7d62401d79bf56a6a699 SHA1 0605c975b9dead2af31a3decf09dd4138fadaf2b SHA256 ab0f647d52f124958439517df9e1ae0efda90cdb851f59f522fa1749f1d87d58 +DIST linux-2.6.18.tar.bz2 41863580 RMD160 f92283f956880676bfb1f1d5288325461e4e02e7 SHA1 178f7d5bb3af0978d42b37651b8753323c7129c2 SHA256 c95280ff6c5d2a17788f7cc582d23ae8a9a7ba3f202ec6e4238eaadfce7c163d +EBUILD apparmor-sources-2.6.17.ebuild 1233 RMD160 70a5b495ed179b57e825b99b26751725a6f12c8d SHA1 30744886818231b12ee378450aae835bb2ab35f9 SHA256 ddb3a0c0fa067b2ef1c32ad12925ee96c6467660e8f0ac896c56f8202ce40e5c +MD5 e52d364ef1955d471e087f21fb2d3e3c apparmor-sources-2.6.17.ebuild 1233 +RMD160 70a5b495ed179b57e825b99b26751725a6f12c8d apparmor-sources-2.6.17.ebuild 1233 +SHA256 ddb3a0c0fa067b2ef1c32ad12925ee96c6467660e8f0ac896c56f8202ce40e5c apparmor-sources-2.6.17.ebuild 1233 +EBUILD apparmor-sources-2.6.18.ebuild 1229 RMD160 f3a233d92a3b085426e64129a46d4eeae762be45 SHA1 5d4206a1521d63c4df44a472f49933cce9fe82cc SHA256 d97f7607222cb43076f73e9a549384d55dbfc6470ac5be6d3ea0d5047c5fff68 +MD5 9aeafb7f5c77d3a0841c4e9fb71eeb5f apparmor-sources-2.6.18.ebuild 1229 +RMD160 f3a233d92a3b085426e64129a46d4eeae762be45 apparmor-sources-2.6.18.ebuild 1229 +SHA256 d97f7607222cb43076f73e9a549384d55dbfc6470ac5be6d3ea0d5047c5fff68 apparmor-sources-2.6.18.ebuild 1229 +MISC metadata.xml 478 RMD160 2af1df29e25d445a331442e40f46bbf9e085f6a5 SHA1 5bf60b631d0399a323c079aa4b62e20cd45fcd7c SHA256 feaeb80cb6b8e5239d0473fe8f7065b2a57aa82a1a724146fc57f630c97106bd +MD5 9216c68b4a2c064d97f42125f8bbb787 metadata.xml 478 +RMD160 2af1df29e25d445a331442e40f46bbf9e085f6a5 metadata.xml 478 +SHA256 feaeb80cb6b8e5239d0473fe8f7065b2a57aa82a1a724146fc57f630c97106bd metadata.xml 478 +MD5 fb69ab075d009cf49c155c082fe75937 files/digest-apparmor-sources-2.6.17 1099 +RMD160 4c24baa45ae97f17ed503bfc4f0ed6ae8db520b4 files/digest-apparmor-sources-2.6.17 1099 +SHA256 a2efb919c008a7777773d5faed808c1b64b7e5dd97408131904897c5154520ce files/digest-apparmor-sources-2.6.17 1099 +MD5 e08285915ab6ffc164d7178cd2d01c59 files/digest-apparmor-sources-2.6.18 1093 +RMD160 2b50e09bbfb91bbb0b46974e7b22de322d3b8520 files/digest-apparmor-sources-2.6.18 1093 +SHA256 71f364dffa2f917a0ce28c423627808f06dd547bc7d3d0599ea13e6a28d94693 files/digest-apparmor-sources-2.6.18 1093 diff --git a/sys-kernel/apparmor-sources/apparmor-sources-2.6.17.ebuild b/sys-kernel/apparmor-sources/apparmor-sources-2.6.17.ebuild new file mode 100644 index 0000000..93fc471 --- /dev/null +++ b/sys-kernel/apparmor-sources/apparmor-sources-2.6.17.ebuild @@ -0,0 +1,45 @@ +# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: $ + +ETYPE="sources" +K_WANT_GENPATCHES="base extras" +K_GENPATCHES_VER="1" +inherit eutils kernel-2 +detect_version +detect_arch + +KEYWORDS="~x86 ~amd64" +HOMEPAGE="http://forge.novell.com/modules/xfmod/project/?apparmor" +DESCRIPTION="Full sources to provide the required AppArmor modules and kernel hooks. Based on the gentoo-sources tree." + +MONTH="October" +UP_KPVER="2.6.17.9" + +AA_SRC="http://forgeftp.novell.com/apparmor/Development%20-%20${MONTH}%20Snapshot/apparmor-kernel-patches-${UP_KPVER}.tar.gz" + +SRC_URI="${KERNEL_URI} ${GENPATCHES_URI} ${ARCH_URI} ${AA_SRC}" + +src_unpack() { + unpack "apparmor-kernel-patches-${UP_KPVER}.tar.gz" + + kernel-2_src_unpack + + EPATCH_FORCE="yes" + EPATCH_OPTS="" + epatch ${WORKDIR}/${UP_KPVER}/current/apparmor-2.6.17.9-v154-fullseries.patch +} + +pkg_postinst() { + postinst_sources + + einfo + einfo "For more info on this patchset, and how to report problems, see:" + einfo "${HOMEPAGE}" + einfo + einfo "Make sure that your kernel configuration file is set with:" + einfo " CONFIG_SECURITY=y" + einfo " CONFIG_SECURITY_APPARMOR=m" + einfo "Without these, apparmor will not function." + einfo +} diff --git a/sys-kernel/apparmor-sources/apparmor-sources-2.6.18.ebuild b/sys-kernel/apparmor-sources/apparmor-sources-2.6.18.ebuild new file mode 100644 index 0000000..e173057 --- /dev/null +++ b/sys-kernel/apparmor-sources/apparmor-sources-2.6.18.ebuild @@ -0,0 +1,45 @@ +# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: $ + +ETYPE="sources" +K_WANT_GENPATCHES="base extras" +K_GENPATCHES_VER="1" +inherit eutils kernel-2 +detect_version +detect_arch + +KEYWORDS="~x86 ~amd64" +HOMEPAGE="http://forge.novell.com/modules/xfmod/project/?apparmor" +DESCRIPTION="Full sources to provide the required AppArmor modules and kernel hooks. Based on the gentoo-sources tree." + +MONTH="October" +UP_KPVER="2.6.18" + +AA_SRC="http://forgeftp.novell.com/apparmor/Development%20-%20${MONTH}%20Snapshot/apparmor-kernel-patches-${UP_KPVER}.tar.gz" + +SRC_URI="${KERNEL_URI} ${GENPATCHES_URI} ${ARCH_URI} ${AA_SRC}" + +src_unpack() { + unpack "apparmor-kernel-patches-${UP_KPVER}.tar.gz" + + kernel-2_src_unpack + + EPATCH_FORCE="yes" + EPATCH_OPTS="" + epatch ${WORKDIR}/${UP_KPVER}/current/apparmor-2.6.18-v154-fullseries.patch +} + +pkg_postinst() { + postinst_sources + + einfo + einfo "For more info on this patchset, and how to report problems, see:" + einfo "${HOMEPAGE}" + einfo + einfo "Make sure that your kernel configuration file is set with:" + einfo " CONFIG_SECURITY=y" + einfo " CONFIG_SECURITY_APPARMOR=m" + einfo "Without these, apparmor will not function." + einfo +} diff --git a/sys-kernel/apparmor-sources/files/digest-apparmor-sources-2.6.17 b/sys-kernel/apparmor-sources/files/digest-apparmor-sources-2.6.17 new file mode 100644 index 0000000..5fb4599 --- /dev/null +++ b/sys-kernel/apparmor-sources/files/digest-apparmor-sources-2.6.17 @@ -0,0 +1,12 @@ +MD5 a6a5ccde0c291921c155a74da36463a2 apparmor-kernel-patches-2.6.17.9.tar.gz 231231 +RMD160 762d4b59aa508cfd82ebbeba4822ffb0551f5888 apparmor-kernel-patches-2.6.17.9.tar.gz 231231 +SHA256 0884cd7bfdff4505fd5271ca68b72f74b352d209321ef60dc81620b0539f0ec7 apparmor-kernel-patches-2.6.17.9.tar.gz 231231 +MD5 cd5d67dc1d3514ec240497efff0f8726 genpatches-2.6.17-1.base.tar.bz2 3337 +RMD160 f9b5621fed8fcfee7da697d89097842287b41b24 genpatches-2.6.17-1.base.tar.bz2 3337 +SHA256 2208b72729dce6daef7dc5700192aec0ae17327c794681621d2123f0c483ae21 genpatches-2.6.17-1.base.tar.bz2 3337 +MD5 0b6385904bccbd9d6c5508565e5c76ff genpatches-2.6.17-1.extras.tar.bz2 138704 +RMD160 14b17e02b7893e6b023bee9e1b40f4bc85a30f05 genpatches-2.6.17-1.extras.tar.bz2 138704 +SHA256 fa10ec7d3d74c8bf57fb3bd01c33f83dcca3c1e4cd4601937cc2ef904cce1dfe genpatches-2.6.17-1.extras.tar.bz2 138704 +MD5 37ddefe96625502161f075b9d907f21e linux-2.6.17.tar.bz2 41272919 +RMD160 26aad30c9a6610665c6c7d62401d79bf56a6a699 linux-2.6.17.tar.bz2 41272919 +SHA256 ab0f647d52f124958439517df9e1ae0efda90cdb851f59f522fa1749f1d87d58 linux-2.6.17.tar.bz2 41272919 diff --git a/sys-kernel/apparmor-sources/files/digest-apparmor-sources-2.6.18 b/sys-kernel/apparmor-sources/files/digest-apparmor-sources-2.6.18 new file mode 100644 index 0000000..fed15c6 --- /dev/null +++ b/sys-kernel/apparmor-sources/files/digest-apparmor-sources-2.6.18 @@ -0,0 +1,12 @@ +MD5 523e91619920dea824a35bf813db1b67 apparmor-kernel-patches-2.6.18.tar.gz 231072 +RMD160 f734125d986dcb3aec371f0e24126a5473d5637f apparmor-kernel-patches-2.6.18.tar.gz 231072 +SHA256 91224ff1f45de306c0720a5680a8f883888b52f296b0de24c63ec02668782b63 apparmor-kernel-patches-2.6.18.tar.gz 231072 +MD5 0c1cd82748c5d2207fa034e32686bca7 genpatches-2.6.18-1.base.tar.bz2 2397 +RMD160 1b02d9e5adba7a9a17f85691f312ee2c870c9a48 genpatches-2.6.18-1.base.tar.bz2 2397 +SHA256 e87db440591d48f74b8d50f47bde55a1652c969626befa94aba48cee57aa5da8 genpatches-2.6.18-1.base.tar.bz2 2397 +MD5 f565ec95a1f2ac1b675f9a126c27c3c1 genpatches-2.6.18-1.extras.tar.bz2 147040 +RMD160 f62b371d522fa8978cee4e809baea364ed8e804a genpatches-2.6.18-1.extras.tar.bz2 147040 +SHA256 080b19f98ffa8f5edbccabfa9dd4ac845ecc1b21c7fba761ad3d011893117b01 genpatches-2.6.18-1.extras.tar.bz2 147040 +MD5 296a6d150d260144639c3664d127d174 linux-2.6.18.tar.bz2 41863580 +RMD160 f92283f956880676bfb1f1d5288325461e4e02e7 linux-2.6.18.tar.bz2 41863580 +SHA256 c95280ff6c5d2a17788f7cc582d23ae8a9a7ba3f202ec6e4238eaadfce7c163d linux-2.6.18.tar.bz2 41863580 diff --git a/sys-kernel/apparmor-sources/metadata.xml b/sys-kernel/apparmor-sources/metadata.xml new file mode 100644 index 0000000..c9780ac --- /dev/null +++ b/sys-kernel/apparmor-sources/metadata.xml @@ -0,0 +1,11 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<herd>apparmor</herd> +<maintainer> + <email>zeypher@gentoo.org</email> + <name>Matthew Snelham</name> + <description>Primary Maintainer</description> +</maintainer> +<longdescription lang="en">Patched kernel sources containing the proper symbol exports, and the full apparmor module suite. Based on gentoo-sources kernel.</longdescription> +</pkgmetadata> diff --git a/sys-libs/libapparmor/Manifest b/sys-libs/libapparmor/Manifest new file mode 100644 index 0000000..b32a476 --- /dev/null +++ b/sys-libs/libapparmor/Manifest @@ -0,0 +1,12 @@ +DIST libapparmor-2.0-132.tar.gz 16744 RMD160 c174a530fadb8c33f2858160f2cdcf5b76289940 SHA1 953851b4079ff864bd9679c2f62b18c424662cb8 SHA256 b4ac4f208b1db08339effaf3362da0e3b240e1b6126b8a367d54006b23ae1b17 +EBUILD libapparmor-2.0_p132.ebuild 832 RMD160 b0dc473a86806f47adb4f7d18ad2b084764f2971 SHA1 a322be109eeb3bb78333b59183704b20c54c0960 SHA256 69087039002aa33d329eb1dbeab51b3fb638dde18afc1c3bf0683cd261b5df51 +MD5 29b073603effc975e61720b86b04644f libapparmor-2.0_p132.ebuild 832 +RMD160 b0dc473a86806f47adb4f7d18ad2b084764f2971 libapparmor-2.0_p132.ebuild 832 +SHA256 69087039002aa33d329eb1dbeab51b3fb638dde18afc1c3bf0683cd261b5df51 libapparmor-2.0_p132.ebuild 832 +MISC metadata.xml 450 RMD160 d535fe106e302ca44b57bb84c908879597d95391 SHA1 d1ab915420fa81974724847d4e1dbbcb4b6a2cd6 SHA256 ee835dc483681371f197a3a46241f0fc7ce54869b2578132c268a4dc171cf015 +MD5 61f0a7a9d59cc054a3542313d1515744 metadata.xml 450 +RMD160 d535fe106e302ca44b57bb84c908879597d95391 metadata.xml 450 +SHA256 ee835dc483681371f197a3a46241f0fc7ce54869b2578132c268a4dc171cf015 metadata.xml 450 +MD5 9913e4e3a663787501f86fe85c989cc6 files/digest-libapparmor-2.0_p132 256 +RMD160 efca71ce6079f9be02ca6bec4d0a3edea523f00a files/digest-libapparmor-2.0_p132 256 +SHA256 4d5fbabd865d64ab586b53e90f1fb7ad0ca8ac03dcb69e93fa6a105b7bdf8a9a files/digest-libapparmor-2.0_p132 256 diff --git a/sys-libs/libapparmor/files/digest-libapparmor-2.0_p132 b/sys-libs/libapparmor/files/digest-libapparmor-2.0_p132 new file mode 100644 index 0000000..20a2b08 --- /dev/null +++ b/sys-libs/libapparmor/files/digest-libapparmor-2.0_p132 @@ -0,0 +1,3 @@ +MD5 6f62215d4e8d54ac1f79fd8d39c3bbd3 libapparmor-2.0-132.tar.gz 16744 +RMD160 c174a530fadb8c33f2858160f2cdcf5b76289940 libapparmor-2.0-132.tar.gz 16744 +SHA256 b4ac4f208b1db08339effaf3362da0e3b240e1b6126b8a367d54006b23ae1b17 libapparmor-2.0-132.tar.gz 16744 diff --git a/sys-libs/libapparmor/libapparmor-2.0_p132.ebuild b/sys-libs/libapparmor/libapparmor-2.0_p132.ebuild new file mode 100644 index 0000000..fdd5285 --- /dev/null +++ b/sys-libs/libapparmor/libapparmor-2.0_p132.ebuild @@ -0,0 +1,39 @@ +# Copyright 1999-2006 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: $ + +inherit eutils toolchain-funcs + +MY_P="${P/_p/-}" +MONTH="October" +DESCRIPTION="Primary support library and headers for AppArmor userspace" +HOMEPAGE="http://forge.novell.com/modules/xfmod/project/?apparmor" +SRC_URI="http://forgeftp.novell.com/apparmor/Development%20-%20${MONTH}%20Snapshot/${MY_P}.tar.gz" + +LICENSE="LGPL-2.1" +SLOT="0" +KEYWORDS="~x86 ~amd64" +IUSE="" + +DEPEND="virtual/libc" +RDEPEND="${DEPEND}" + +MY_S=${WORKDIR}/${P/_*/} + +src_unpack() { + unpack ${A} + + cd ${MY_S} + # the Make.rules isn't needed for Gentoo + sed -i "s/^include Make.rules//g" Makefile +} + +src_compile() { + cd ${MY_S} + emake CC="$(tc-getCC)" CFLAGS="${CFLAGS}" || die +} + +src_install() { + cd ${MY_S} + make DESTDIR="${D}" install || die +} diff --git a/sys-libs/libapparmor/metadata.xml b/sys-libs/libapparmor/metadata.xml new file mode 100644 index 0000000..64682f5 --- /dev/null +++ b/sys-libs/libapparmor/metadata.xml @@ -0,0 +1,11 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<herd>apparmor</herd> +<maintainer> + <email>zeypher@gentoo.org</email> + <name>Matthew Snelham</name> + <description>Primary Maintainer</description> +</maintainer> +<longdescription lang="en">Apparmor shared libraries. Packaged separately due to license difference from primary apparmor code.</longdescription> +</pkgmetadata> |