summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAvatar Alï Polatel <alip@exherbo.org> 2021-07-03 17:24:19 +0000
committerAvatar Alï Polatel <alip@exherbo.org> 2021-07-03 22:57:58 +0200
commit719626013a725baf1b2062a9c5d3182d1e8dd96f (patch)
treebf76f44814367b6a55978e72be05bcc1e8fc004a
parentf47e4bc520a65f83ca41d11764e7628329a85ae9 (diff)
downloadalip-719626013a725baf1b2062a9c5d3182d1e8dd96f.tar.gz
alip-719626013a725baf1b2062a9c5d3182d1e8dd96f.tar.xz
Initial exheres for caitsith
Signed-off-by: Alï Polatel <alip@exherbo.org>
-rw-r--r--metadata/categories.conf1
-rw-r--r--metadata/repository_mask.conf12
-rw-r--r--packages/sys-kernel/caitsith/caitsith-0.2-p20210222.exheres-04
-rw-r--r--packages/sys-kernel/caitsith/caitsith-scm.exheres-04
-rw-r--r--packages/sys-kernel/caitsith/caitsith.exlib111
5 files changed, 131 insertions, 1 deletions
diff --git a/metadata/categories.conf b/metadata/categories.conf
index afc51d0..c96c183 100644
--- a/metadata/categories.conf
+++ b/metadata/categories.conf
@@ -25,3 +25,4 @@ sys-apps
sys-auth
sys-devel
sys-fs
+sys-kernel
diff --git a/metadata/repository_mask.conf b/metadata/repository_mask.conf
index 4d1ef4a..0a6ea76 100644
--- a/metadata/repository_mask.conf
+++ b/metadata/repository_mask.conf
@@ -1,4 +1,5 @@
-
+# Copyright 2021 Ali Polatel <alip@exherbo.org>
+# Distributed under the terms of the GNU General Public License v2
(
app-text/jshon[~scm]
dev-util/cppcheck[~scm]
@@ -30,3 +31,12 @@ app-text/namazu[<2.0.21] [[
token = security
description = [ CVE-2009-5028 ]
]]
+
+(
+ sys-kernel/caitsith[~scm]
+) [[
+ *author = [ Ali Polatel <alip@exherbo.org> ]
+ *date = [ 03 Jul 2021 ]
+ *token = scm
+ *description = [ Mask git master version ]
+]]
diff --git a/packages/sys-kernel/caitsith/caitsith-0.2-p20210222.exheres-0 b/packages/sys-kernel/caitsith/caitsith-0.2-p20210222.exheres-0
new file mode 100644
index 0000000..d18a91a
--- /dev/null
+++ b/packages/sys-kernel/caitsith/caitsith-0.2-p20210222.exheres-0
@@ -0,0 +1,4 @@
+# Copyright 2021 Ali Polatel <alip@exherbo.org>
+# Distributed under the terms of the GNU General Public License v2
+
+require caitsith
diff --git a/packages/sys-kernel/caitsith/caitsith-scm.exheres-0 b/packages/sys-kernel/caitsith/caitsith-scm.exheres-0
new file mode 100644
index 0000000..d18a91a
--- /dev/null
+++ b/packages/sys-kernel/caitsith/caitsith-scm.exheres-0
@@ -0,0 +1,4 @@
+# Copyright 2021 Ali Polatel <alip@exherbo.org>
+# Distributed under the terms of the GNU General Public License v2
+
+require caitsith
diff --git a/packages/sys-kernel/caitsith/caitsith.exlib b/packages/sys-kernel/caitsith/caitsith.exlib
new file mode 100644
index 0000000..1d651cf
--- /dev/null
+++ b/packages/sys-kernel/caitsith/caitsith.exlib
@@ -0,0 +1,111 @@
+# Copyright 2021 Alex Elsayed <eternaleye@gmail.com>
+# Distributed under the terms of the GNU General Public License v2
+
+SCM_REPOSITORY="http://svn.osdn.net/svnroot/${PN}/"
+SCM_SUBPATH="caitsith-patch"
+
+if ever is_scm; then
+ require scm-svn
+fi
+
+SUMMARY="A simplified access restriction module for system proection"
+DESCRIPTION="
+Characteristic action inspection tool. See if this helps.
+
+CaitSith is an LSM designed to allow flexible, incrementally developable
+security policies for complex Linux systems.
+"
+HOMEPAGE="http://caitsith.osdn.jp"
+if ! ever is_scm; then
+ DOWNLOADS="https://osdn.net/frs/redir.php?m=tuna&f=${PN}/66537/${PN}-patch-${PV/p/}.tar.gz -> ${PNV}.tar.gz"
+fi
+
+LICENCES="GPL-2"
+SLOT="0"
+PLATFORMS="~amd64"
+MYOPTIONS=""
+
+DEPENDENCIES="
+ build:
+ build+run:
+"
+
+src_unpack() {
+ if ever is_scm; then
+ default
+
+ scm_src_unpack
+ else
+ edo mkdir ${WORK}
+ cd ${WORK}
+ unpack ${ARCHIVES}
+ fi
+}
+
+src_install() {
+ insinto /usr/src
+ doins -r caitsith
+
+ cat <<'KERNEL_INSTALL_BUILDER' > 20-caitsith.install
+#!/bin/bash
+# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*-
+# ex: ts=8 sw=4 sts=4 et filetype=sh
+
+COMMAND="$1"
+KERNEL_VERSION="$2"
+BOOT_DIR_ABS="$3"
+KERNEL_IMAGE="$4"
+KERNEL_DIR="$(dirname "${KERNEL_IMAGE}")"
+
+[[ -n "${KERNEL_VERSION}" ]] || exit 77
+
+ensure() {
+ local DIAGNOSTIC="$1"; shift
+
+ "$@"
+
+ if [[ $? != 0 ]]; then
+ echo "Unable to ensure ${DIAGNOSTIC}" >&2
+ exit 77
+ fi
+}
+
+case "${COMMAND}" in
+ add)
+ ensure "CaitSith is built" \
+ make \
+ -j "$(nproc)" \
+ -C /usr/src/linux/"${KERNEL_VERSION}" \
+ ARCH="$(readlink /usr/host | cut -d- -f1)" \
+ CROSS_COMPILE="$(readlink /usr/host)-" \
+ HOSTCC="$(readlink /usr/host)-cc" \
+ HOSTCXX="$(readlink /usr/host)-c++" \
+ KCONFIG_NOSILENTUPDATE=1 \
+ M=/usr/src/caitsith \
+ KCONFIG_CONFIG=/etc/kernel/preserved/"${KERNEL_VERSION}"/current/config \
+ modules
+
+ ensure "CaitSith is installed" \
+ make \
+ -j "$(nproc)" \
+ -C /usr/src/linux/"${KERNEL_VERSION}" \
+ ARCH="$(readlink /usr/host | cut -d- -f1)" \
+ CROSS_COMPILE="$(readlink /usr/host)-" \
+ HOSTCC="$(readlink /usr/host)-cc" \
+ HOSTCXX="$(readlink /usr/host)-c++" \
+ KCONFIG_NOSILENTUPDATE=1 \
+ M=/usr/src/caitsith \
+ KCONFIG_CONFIG=/etc/kernel/preserved/"${KERNEL_VERSION}"/current/config \
+ modules_install
+ ;;
+ remove)
+ rm -rf /lib/modules/"${KERNEL_VERSION}"
+ ;;
+ *)
+ exit 0
+esac
+KERNEL_INSTALL_BUILDER
+ exeinto /usr/$(exhost --target)/lib/kernel/install.d
+ doexe 20-caitsith.install
+}
+