[Lunar-commits] CVS: crater/kernel/linux-grsec BUILD, NONE, 1.1 CONFIGURE, NONE, 1.1 DEPENDS, NONE, 1.1 DETAILS, NONE, 1.1 POST_INSTALL, NONE, 1.1 PRE_BUILD, NONE, 1.1

Terry Chan tchan at lunar-linux.org
Thu Aug 12 03:04:17 GMT 2004 

Update of /var/cvs/lunar/crater/kernel/linux-grsec
In directory dbguin.lunar-linux.org:/tmp/cvs-serv908/linux-grsec

Added Files:
	BUILD CONFIGURE DEPENDS DETAILS POST_INSTALL PRE_BUILD 
Log Message:
Version bump to kernel 2.4.27 and lunar patchset ll-r7.0.0.tar.bz2.  Needs testing
by more lunar devs before its bumped in moonbase.  I've tested the main, fix, and
aggressive portions of the lunar patchset.  Grsec now patches with no rejects, but
needs to be compiled/tested by someone who actually uses grsec!


--- NEW FILE: BUILD ---
cd  /usr/src/linux

while
    case  $CONFIG_KERNEL in
        y|Y)

            case $CONFIG_METHOD in
                xconfig )
                    if [ "$DISPLAY" ]; then
                        make xconfig || make menuconfig || make config
                    else
                        make menuconfig || make config
                    fi ;;

                menuconfig )
                  make menuconfig || make config ;;

                config )
                  make config ;;
            esac

            if  query  "Repeat $CONFIG_METHOD?  "  n ; then
                CONFIG_KERNEL=y
            else
                CONFIG_KERNEL=n
            fi
            ;;

        *)
            false  ;;
    esac
do
  true
done

(

  yes  n  |  make  oldconfig
  cp .config $CONFIG_CACHE/.config.grsec
  rm -f arch/i386/boot/bzImage

  # Because parallel make seems not to work, a hack

  optimize_make                                &&
  KMAKES=${MAKES:=1}                           &&
  make -j${KMAKES} dep                         &&
  make -j${KMAKES} clean                       &&
  make -j${KMAKES} bzImage                     &&
  make -j${KMAKES} modules                     &&
  backup_mods_krnl  ${VERSION}-grsec-$PVERSION &&
  prepare_install                              &&
  make  modules_install                        &&

  cp    arch/i386/boot/bzImage   /boot/${VERSION}-${PVERSION}g
  
) > $C_FIFO 2>&1

--- NEW FILE: CONFIGURE ---
if  !  grep  -q  "BOOT_LOADER"  $MODULE_CONFIG;  then
  #message  "The Linux Kernel requires a boot loader"
  message  "Choose either GRUB or LILO"
  #BOOT_LOADER=lilo

  if  query  "Use  LILO?"  y
    then  BOOT_LOADER=lilo
    else  BOOT_LOADER=grub
  fi

  echo  "BOOT_LOADER=$BOOT_LOADER"  >>  $MODULE_CONFIG
fi

CONFIG_GRUB="n"
CONFIG_LILO="n"

if    grep  -q  "BOOT_LOADER=grub"  $MODULE_CONFIG  &&
      query  "Configure grub?"  n
  then  CONFIG_GRUB=y
fi

if    grep  -q  "BOOT_LOADER=lilo"  $MODULE_CONFIG  &&
      query  "Configure lilo?"  n
  then  CONFIG_LILO=y
fi


if  !  grep -q  "CONFIG_METHOD="  $MODULE_CONFIG; then
  if    query  "Do you prefer make menuconfig over make config"  y
    then  CONFIG_METHOD="menuconfig"
  else
    CONFIG_METHOD="config"
  fi
  echo  "CONFIG_METHOD=$CONFIG_METHOD"  >>  $MODULE_CONFIG
fi
                           
                                            
                                                             
if  [  !  -f $CONFIG_CACHE/.config  ];  then
  message  "Preparing to make menuconfig."
  CONFIG_KERNEL="y"
else
  message  "Reconfiguration is optional."
  if    query  "Configure linux kernel?"  n
    then CONFIG_KERNEL=y
  else
    CONFIG_KERNEL=n
  fi
fi

TEMP=$(grep  -v  "CONFIG_KERNEL="          $MODULE_CONFIG  |
       grep  -v  "CONFIG_LILO="                            |
       grep  -v  "CONFIG_GRUB=")

echo  "$TEMP"                         >   $MODULE_CONFIG
echo  "CONFIG_KERNEL=$CONFIG_KERNEL"  >>  $MODULE_CONFIG
echo  "CONFIG_LILO=$CONFIG_LILO"      >>  $MODULE_CONFIG
echo  "CONFIG_GRUB=$CONFIG_GRUB"      >>  $MODULE_CONFIG

--- NEW FILE: DEPENDS ---
depends  autoconf

--- NEW FILE: DETAILS ---
           MODULE=linux-grsec
          VERSION=2.4.27
         PVERSION=r7.0.0
           SOURCE=linux-$VERSION.tar.bz2
          SOURCE2=ll-$PVERSION.tar.bz2
 SOURCE_DIRECTORY=$BUILD_DIRECTORY/linux-$VERSION
    SOURCE_URL[0]=$KERNEL_URL/pub/linux/kernel/v2.4/$SOURCE
    SOURCE_URL[1]=http://www.kernel.org/pub/linux/kernel/v2.4/$SOURCE
   SOURCE2_URL[0]=$PATCH_URL/$SOURCE2
       SOURCE_VFY=md5:59a2e6fde1d110e2ffa20351ac8b4d9e
      SOURCE2_VFY=md5:767b4b4297777c082916f959372a86d7
          WEBSITE=http://grsecurity.net/
          ENTERED=20030227
          UPDATED=20040811
      KEEP_SOURCE="on"
            SHORT="Security enhanced linux kernel"
cat << EOF
This is the same as the linux module but with a fixed patch set with all
the main patches and with these additional patches:
 
 grsecurity

Features are enabled or disabled by the standard kernel configuration tools,
i.e. "make menuconfig" or "make config" or "make xconfig".

For patch information please see the patch-list.txt file in the patchset.
EOF

--- NEW FILE: POST_INSTALL ---

case  $BOOT_LOADER  in
  lilo)  update_lilo ${VERSION}-${PVERSION}g grs-$VERSION ;;
  grub)  update_grub ${VERSION}-${PVERSION}g grs-$VERSION ;;
esac


#  Reinstall packages that add their own kernel modules

rm  -f  $BOOST_LOCK
if  module_installed  ftpfs;          then  lin  ftpfs;          fi
if  module_installed  cvsfs;          then  lin  cvsfs;          fi
if  module_installed  NVIDIA;         then  lin  NVIDIA;         fi
if  module_installed  alsa-driver;    then  lin  alsa-driver;    fi
if  module_installed  iptables;       then  lin  iptables;       fi
if  module_installed  cryptoapi;      then  lin  cryptoapi;      fi
if  module_installed  pcmcia-cs;      then  lin  pcmcia-cs;      fi
if  module_installed  mwavem;         then  lin  mwavem;         fi
if  module_installed  cipe;           then  lin  cipe;           fi
if  module_installed  snare-core;     then  lin  snare-core;     fi
if  module_installed  ltmodem;        then  lin  ltmodem;        fi
if  module_installed  bluez-kernel;   then  lin  bluez-kernel;   fi
if  module_installed  nforce;         then  lin  nforce;         fi
if  module_installed  openafs-driver; then  lin  openafs-driver; fi

--- NEW FILE: PRE_BUILD ---
# Bail if we're not running a core with kernel fuctions

if [ ! -e $FUNCTIONS/kernel.lunar ] ; then
  message "   ${PROBLEM_COLOR}Bailing out, ${DEFAULT_COLOR}Lunar (or theedge) code version too old"
  message "   ${PROBLEM_COLOR}Update core ${MODULE_COLOR}(lin lunar or lin theedge)${DEFAULT_COLOR} to install this kernel"
  kill $PPID
  exit;
fi

cd       /usr/src
rm  -rf  linux-$VERSION linux

unpack  $SOURCE

ln  -s     linux-$VERSION  linux

if  [  -f   $CONFIG_CACHE/.config  ];  then
  cp        $CONFIG_CACHE/.config.grsec  /usr/src/linux/.config
fi

cd /usr/src/linux
mkdir patches
bzcat $SOURCE_CACHE/$SOURCE2 | tar -xf - -C patches

for pat in patches/main/*
do
  patch_it $pat 1
done

for pat in patches/fix/*
do
  patch_it $pat 1
done

for pat in patches/grsecurity/*
do
  patch_it $pat 1
done

rm -rf patches
chown -R root:root /usr/src/linux-$VERSION

true

More information about the Lunar-commits mailing list