summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--sys-apps/gradm/ChangeLog8
-rw-r--r--sys-apps/gradm/Manifest10
-rw-r--r--sys-apps/gradm/files/digest-gradm-2.1.6.2005061313471
-rw-r--r--sys-apps/gradm/files/gradm2-cvs-20Jun2004.diff230
-rw-r--r--sys-apps/gradm/files/gradm_parse.c-1.9.x.patch13
-rw-r--r--sys-apps/gradm/gradm-2.1.6.200506131347.ebuild58
6 files changed, 71 insertions, 249 deletions
diff --git a/sys-apps/gradm/ChangeLog b/sys-apps/gradm/ChangeLog
index 9755d38ee35a..afab1670705e 100644
--- a/sys-apps/gradm/ChangeLog
+++ b/sys-apps/gradm/ChangeLog
@@ -1,6 +1,12 @@
# ChangeLog for sys-apps/gradm
# Copyright 2002-2005 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sys-apps/gradm/ChangeLog,v 1.54 2005/05/16 11:33:29 seemant Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-apps/gradm/ChangeLog,v 1.55 2005/06/20 15:23:49 solar Exp $
+
+*gradm-2.1.6.200506131347 (20 Jun 2005)
+
+ 20 Jun 2005; <solar@gentoo.org> -files/gradm2-cvs-20Jun2004.diff,
+ -files/gradm_parse.c-1.9.x.patch, +gradm-2.1.6.200506131347.ebuild:
+ - version bump for 2.1.6 series
16 May 2005; Seemant Kulleen <seemant@gentoo.org>
-files/digest-gradm-2.1.0, -files/digest-gradm-2.1.3.200503070918,
diff --git a/sys-apps/gradm/Manifest b/sys-apps/gradm/Manifest
index 9cc2c8103833..fcf66192e678 100644
--- a/sys-apps/gradm/Manifest
+++ b/sys-apps/gradm/Manifest
@@ -1,8 +1,8 @@
-MD5 34407851b0fe01eb53b783ed1b8037c8 ChangeLog 8561
-MD5 695a3bd3cfb34ea27e7dd493ce9ef398 metadata.xml 221
MD5 9908613aab7916d2ac6fe9f34146b467 gradm-2.1.5.200504081812.ebuild 1471
-MD5 264e377e7c3221570d3730444e84d792 files/gradm2-cvs-20Jun2004.diff 8251
-MD5 c2618fc7963e008681dfd08db6886058 files/gradm_parse.c-1.9.x.patch 524
-MD5 36344ecbd7f54bdd4979c2fe6322c9c7 files/grsecurity 2325
+MD5 afb01b689b4c051b90a16a05dac939f0 gradm-2.1.6.200506131347.ebuild 1472
+MD5 7cff86c0957d363fa75b3ac291d528dc ChangeLog 8775
+MD5 695a3bd3cfb34ea27e7dd493ce9ef398 metadata.xml 221
MD5 f2401396b01c577f727c2da3b694c779 files/grsecurity.rc 1810
+MD5 36344ecbd7f54bdd4979c2fe6322c9c7 files/grsecurity 2325
MD5 4f610b1a69bb13a22080460f47de34a1 files/digest-gradm-2.1.5.200504081812 75
+MD5 071dc45d1922b65c304d4d8635470c0e files/digest-gradm-2.1.6.200506131347 75
diff --git a/sys-apps/gradm/files/digest-gradm-2.1.6.200506131347 b/sys-apps/gradm/files/digest-gradm-2.1.6.200506131347
new file mode 100644
index 000000000000..a60c6e084237
--- /dev/null
+++ b/sys-apps/gradm/files/digest-gradm-2.1.6.200506131347
@@ -0,0 +1 @@
+MD5 0abd1a7747c7d5ecdc7499b5671a89d2 gradm-2.1.6-200506131347.tar.gz 60517
diff --git a/sys-apps/gradm/files/gradm2-cvs-20Jun2004.diff b/sys-apps/gradm/files/gradm2-cvs-20Jun2004.diff
deleted file mode 100644
index 0ba07710003e..000000000000
--- a/sys-apps/gradm/files/gradm2-cvs-20Jun2004.diff
+++ /dev/null
@@ -1,230 +0,0 @@
-diff -Naupr gradm2-release/Makefile gradm2-cvs-20Jun2004/Makefile
---- gradm2-release/Makefile 2004-04-03 23:19:40.000000000 -0600
-+++ gradm2-cvs-20Jun2004/Makefile 2004-06-17 20:51:29.000000000 -0500
-@@ -23,9 +23,8 @@ STRIP=/usr/bin/strip
- #LIBS=
- LIBS=-lfl
- KERNVER=`uname -r | cut -d"." -f 2`
--#for sparc64
--#OPT_FLAGS=-O2 -m64 -mcpu=ultrasparc -mcmodel=medlow -ffixed-g4 \
--# -fcall-used-g5 -fcall-used-g5 -fcall-used-g7 -Wno-sign-compare
-+#for 64-bit archs
-+#OPT_FLAGS=-O2 -m64
- OPT_FLAGS=-O2
- CFLAGS=$(OPT_FLAGS) -DGRSEC_DIR=\"$(GRSEC_DIR)\" -DKERNVER=$(KERNVER)
- LDFLAGS=
-diff -Naupr gradm2-release/gradm_analyze.c gradm2-cvs-20Jun2004/gradm_analyze.c
---- gradm2-release/gradm_analyze.c 2004-03-02 14:42:31.000000000 -0600
-+++ gradm2-cvs-20Jun2004/gradm_analyze.c 2004-05-31 10:03:56.000000000 -0500
-@@ -319,9 +319,22 @@ analyze_acls(void)
- struct chk_perm chk;
- unsigned int errs_found = 0;
- struct role_acl *role;
-+ int def_role_found = 0;
-
- check_role_transitions();
-
-+ for_each_role(role, current_role)
-+ if (role->roletype & GR_ROLE_DEFAULT)
-+ def_role_found = 1;
-+
-+ if (!def_role_found) {
-+ fprintf(stderr, "There is no default role present in your "
-+ "configuration.\nPlease read the RBAC "
-+ "documentation and create a default role before "
-+ "attempting to enable the RBAC system.\n\n");
-+ exit(EXIT_FAILURE);
-+ }
-+
- for_each_role(role, current_role) {
- if (role->roletype & GR_ROLE_SPECIAL)
- continue;
-diff -Naupr gradm2-release/gradm_arg.c gradm2-cvs-20Jun2004/gradm_arg.c
---- gradm2-release/gradm_arg.c 2004-04-03 10:22:56.000000000 -0600
-+++ gradm2-cvs-20Jun2004/gradm_arg.c 2004-06-12 04:04:36.000000000 -0500
-@@ -140,9 +140,8 @@ parse_args(int argc, char *argv[])
- show_help();
- entry.mode = GRADM_UNSPROLE;
- check_acl_status(entry.mode);
-- get_user_passwd(&entry, GR_PWONLY);
- grarg = conv_user_to_kernel(&entry);
-- transmit_to_kernel(grarg, sizeof (struct gr_arg));
-+ transmit_to_kernel(grarg);
- memset(grarg, 0, sizeof (struct gr_arg));
- break;
- case 'R':
-@@ -157,7 +156,7 @@ parse_args(int argc, char *argv[])
- grarg = conv_user_to_kernel(&entry);
- read_saltandpass(entry.rolename, grarg->salt,
- grarg->sum);
-- transmit_to_kernel(grarg, sizeof (struct gr_arg));
-+ transmit_to_kernel(grarg);
- memset(grarg, 0, sizeof (struct gr_arg));
- break;
- case 'M':
-@@ -174,7 +173,7 @@ parse_args(int argc, char *argv[])
- conv_name_to_num(optarg, &entry.segv_dev,
- &entry.segv_inode);
- grarg = conv_user_to_kernel(&entry);
-- transmit_to_kernel(grarg, sizeof (struct gr_arg));
-+ transmit_to_kernel(grarg);
- memset(grarg, 0, sizeof (struct gr_arg));
- exit(EXIT_SUCCESS);
- break;
-@@ -185,7 +184,7 @@ parse_args(int argc, char *argv[])
- check_acl_status(entry.mode);
- get_user_passwd(&entry, GR_PWONLY);
- grarg = conv_user_to_kernel(&entry);
-- if (transmit_to_kernel(grarg, sizeof (struct gr_arg)))
-+ if (transmit_to_kernel(grarg))
- memset(grarg, 0, sizeof (struct gr_arg));
- else {
- memset(grarg, 0, sizeof (struct gr_arg));
-@@ -246,7 +245,7 @@ parse_args(int argc, char *argv[])
- check_acl_status(entry.mode);
- get_user_passwd(&entry, GR_PWONLY);
- grarg = conv_user_to_kernel(&entry);
-- transmit_to_kernel(grarg, sizeof (struct gr_arg));
-+ transmit_to_kernel(grarg);
- memset(grarg, 0, sizeof (struct gr_arg));
- exit(EXIT_SUCCESS);
- break;
-@@ -258,7 +257,7 @@ parse_args(int argc, char *argv[])
- entry.mode = GRADM_SPROLE;
- check_acl_status(entry.mode);
- grarg = conv_user_to_kernel(&entry);
-- transmit_to_kernel(grarg, sizeof (struct gr_arg));
-+ transmit_to_kernel(grarg);
- memset(grarg, 0, sizeof (struct gr_arg));
- exit(EXIT_SUCCESS);
- break;
-@@ -298,7 +297,7 @@ parse_args(int argc, char *argv[])
- grarg = conv_user_to_kernel(&entry);
- read_saltandpass(entry.rolename, grarg->salt,
- grarg->sum);
-- transmit_to_kernel(grarg, sizeof (struct gr_arg));
-+ transmit_to_kernel(grarg);
- memset(grarg, 0, sizeof (struct gr_arg));
- } else if (gr_learn && gr_output) {
- FILE *stream;
-diff -Naupr gradm2-release/gradm_func.h gradm2-cvs-20Jun2004/gradm_func.h
---- gradm2-release/gradm_func.h 2004-03-30 19:20:18.000000000 -0600
-+++ gradm2-cvs-20Jun2004/gradm_func.h 2004-06-17 20:50:57.000000000 -0500
-@@ -1,7 +1,7 @@
- void yyerror(const char *s);
- FILE *open_acl_file(const char *filename);
- void get_user_passwd(struct gr_pw_entry *entry, int mode);
--int transmit_to_kernel(void *buf, unsigned long len);
-+int transmit_to_kernel(struct gr_arg *buf);
- void generate_salt(struct gr_pw_entry *entry);
- void write_user_passwd(struct gr_pw_entry *entry);
- void parse_acls(void);
-@@ -126,3 +126,4 @@ void gr_dyn_free(void *addr);
- void insert_acl_object(struct proc_acl *subject, struct file_acl *object);
- void insert_acl_subject(struct role_acl *role, struct proc_acl *subject);
-
-+void insert_nested_acl_subject(struct proc_acl *subject);
-diff -Naupr gradm2-release/gradm_lib.c gradm2-cvs-20Jun2004/gradm_lib.c
---- gradm2-release/gradm_lib.c 2004-03-07 18:22:09.000000000 -0600
-+++ gradm2-cvs-20Jun2004/gradm_lib.c 2004-06-17 20:50:57.000000000 -0500
-@@ -554,3 +554,8 @@ void insert_acl_subject(struct role_acl
- return;
- }
-
-+void insert_nested_acl_subject(struct proc_acl *subject)
-+{
-+ subject->hash = create_hash_table(GR_HASH_OBJECT);
-+ return;
-+}
-diff -Naupr gradm2-release/gradm_misc.c gradm2-cvs-20Jun2004/gradm_misc.c
---- gradm2-release/gradm_misc.c 2004-03-09 19:45:17.000000000 -0600
-+++ gradm2-cvs-20Jun2004/gradm_misc.c 2004-06-12 23:12:04.000000000 -0500
-@@ -14,17 +14,18 @@ open_acl_file(const char *filename)
- }
-
- int
--transmit_to_kernel(void *buf, unsigned long len)
-+transmit_to_kernel(struct gr_arg *buf)
- {
- int fd;
- int err = 0;
-+ void *pbuf = buf;
-
- if ((fd = open(GRDEV_PATH, O_WRONLY)) < 0) {
- fprintf(stderr, "Could not open %s.\n", GRDEV_PATH);
- failure("open");
- }
-
-- if (write(fd, buf, len) != len) {
-+ if (write(fd, &pbuf, sizeof(struct gr_arg *)) != sizeof(struct gr_arg *)) {
- err = 1;
- switch (errno) {
- case EFAULT:
-@@ -65,6 +66,7 @@ void check_acl_status(__u16 reqmode)
- int fd;
- int retval;
- struct gr_arg arg;
-+ struct gr_arg *parg = &arg;
-
- arg.mode = GRADM_STATUS;
-
-@@ -73,7 +75,7 @@ void check_acl_status(__u16 reqmode)
- failure("open");
- }
-
-- retval = write(fd, &arg, sizeof(arg));
-+ retval = write(fd, &parg, sizeof(struct gr_arg *));
- close(fd);
-
- switch (reqmode) {
-diff -Naupr gradm2-release/gradm_newlearn.c gradm2-cvs-20Jun2004/gradm_newlearn.c
---- gradm2-release/gradm_newlearn.c 2004-04-06 14:09:33.000000000 -0500
-+++ gradm2-cvs-20Jun2004/gradm_newlearn.c 2004-06-17 21:50:20.000000000 -0500
-@@ -1652,7 +1652,10 @@ insert_learn_role(struct gr_learn_role_e
- (*((*role_list) + num)) = (struct gr_learn_role_entry *)gr_stat_alloc(sizeof(struct gr_learn_role_entry));
- (*((*role_list) + num))->rolename = rolename;
- (*((*role_list) + num))->rolemode = rolemode;
--
-+
-+ /* give every learned role a / subject */
-+ insert_learn_role_subject(*((*role_list) + num), conv_filename_to_struct("/", GR_FIND));
-+
- return (*((*role_list) + num));
- }
-
-diff -Naupr gradm2-release/gradm_opt.c gradm2-cvs-20Jun2004/gradm_opt.c
---- gradm2-release/gradm_opt.c 2004-03-30 19:20:18.000000000 -0600
-+++ gradm2-cvs-20Jun2004/gradm_opt.c 2004-05-08 14:26:47.000000000 -0500
-@@ -10,11 +10,10 @@ expand_acl(struct proc_acl *proc, struct
- strcpy(tmpproc, proc->filename);
-
- while (parent_dir(proc->filename, &tmpproc)) {
-- for_each_subject(tmpp, role) {
-- if (!strcmp(tmpproc, tmpp->filename)) {
-- proc->parent_subject = tmpp;
-- return;
-- }
-+ tmpp = lookup_acl_subject_by_name(role, tmpproc);
-+ if (tmpp) {
-+ proc->parent_subject = tmpp;
-+ return;
- }
- }
-
-diff -Naupr gradm2-release/gradm_parse.c gradm2-cvs-20Jun2004/gradm_parse.c
---- gradm2-release/gradm_parse.c 2004-04-03 11:18:11.000000000 -0600
-+++ gradm2-cvs-20Jun2004/gradm_parse.c 2004-06-17 20:50:57.000000000 -0500
-@@ -565,7 +565,12 @@ add_proc_subject_acl(struct role_acl *ro
- return 0;
- }
-
-- insert_acl_subject(role, p);
-+ /* don't insert nested subjects into main hash */
-+ if (!(flag & GR_FFAKE))
-+ insert_acl_subject(role, p);
-+ else
-+ insert_nested_acl_subject(p);
-+
- current_subject = p;
-
- return 1;
diff --git a/sys-apps/gradm/files/gradm_parse.c-1.9.x.patch b/sys-apps/gradm/files/gradm_parse.c-1.9.x.patch
deleted file mode 100644
index 7281e7b6c248..000000000000
--- a/sys-apps/gradm/files/gradm_parse.c-1.9.x.patch
+++ /dev/null
@@ -1,13 +0,0 @@
---- gradm_parse.c 2003-05-13 01:41:26.000000000 -0400
-+++ gradm_parse_gentoo.c 2003-05-13 01:51:17.000000000 -0400
-@@ -677,8 +677,8 @@
- n = scandir(dir, &namelist, 0, alphasort);
- if (n >= 0) {
- while (n--) {
-- if (strcmp(namelist[n]->d_name, ".")
-- && strcmp(namelist[n]->d_name, "..")) {
-+ /* ignore files and directorys that start with . */
-+ if (namelist[n]->d_name[0] != '.') {
- memset(&path, 0, sizeof (path));
- snprintf(path, PATH_MAX - 1, "%s/%s",
- dir, namelist[n]->d_name);
diff --git a/sys-apps/gradm/gradm-2.1.6.200506131347.ebuild b/sys-apps/gradm/gradm-2.1.6.200506131347.ebuild
new file mode 100644
index 000000000000..a59a81fccca9
--- /dev/null
+++ b/sys-apps/gradm/gradm-2.1.6.200506131347.ebuild
@@ -0,0 +1,58 @@
+# Copyright 1999-2005 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-apps/gradm/gradm-2.1.6.200506131347.ebuild,v 1.1 2005/06/20 15:23:49 solar Exp $
+
+inherit flag-o-matic toolchain-funcs eutils
+
+myPV=${PV:0:5}-${PV:6}
+
+MAINTAINER="solar@gentoo.org"
+DESCRIPTION="Administrative interface for the grsecurity Role Based Access Control system"
+HOMEPAGE="http://www.grsecurity.net/"
+SRC_URI="http://www.grsecurity.net/gradm-${myPV}.tar.gz"
+#SRC_URI="mirror://gentoo/gradm-${myPV}.tar.gz"
+#RESTRICT=primaryuri
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~x86 ~ppc ~sparc ~arm ~amd64 ~ppc64 ~ia64 ~mips ~alpha"
+IUSE=""
+RDEPEND=""
+DEPEND="virtual/libc
+ sys-devel/bison
+ sys-devel/flex
+ sys-apps/chpax"
+
+S="${WORKDIR}/${PN}2"
+
+src_unpack() {
+ unpack ${A}
+ cd ${S}
+
+ #epatch ${FILESDIR}/gradm-2.1.2-non-interactive.patch
+
+ ebegin "Patching Makefile to use gentoo CFLAGS"
+ sed -i -e "s|-O2|${CFLAGS}|" Makefile
+ eend $?
+}
+
+src_compile() {
+ cd ${S}
+ emake CC="$(tc-getCC)" || die "compile problem"
+ return 0
+}
+
+src_install() {
+ cd ${S}
+ einstall DESTDIR=${D}
+ fperms 711 /sbin/gradm
+ return 0
+}
+
+pkg_postinst() {
+ if [ ! -e ${ROOT}/dev/grsec ] ; then
+ einfo "Making character device for grsec2 learning mode"
+ mkdir -p -m 755 ${ROOT}/dev/
+ mknod -m 0622 ${ROOT}/dev/grsec c 1 12 || die "Cant mknod for grsec learning device"
+ fi
+ ewarn "Be sure to set a password with 'gradm -P' before enabling learning mode"
+}