diff options
author | David P <megver83@openmailbox.org> | 2017-09-26 22:18:27 -0300 |
---|---|---|
committer | David P <megver83@openmailbox.org> | 2017-09-26 22:18:27 -0300 |
commit | 889bd5eb1c9f4d6018fcfad65724c0a67cf0d8d1 (patch) | |
tree | b21b988db24618386bb6b3057c89dae4efe772b9 /pcr | |
parent | de9f81790af660d848c317a686716673b62ae39b (diff) | |
download | abslibre-889bd5eb1c9f4d6018fcfad65724c0a67cf0d8d1.tar.gz abslibre-889bd5eb1c9f4d6018fcfad65724c0a67cf0d8d1.tar.bz2 abslibre-889bd5eb1c9f4d6018fcfad65724c0a67cf0d8d1.zip |
Added pcr/openrc-security
Diffstat (limited to 'pcr')
-rw-r--r-- | pcr/apparmor-openrc/PKGBUILD | 32 | ||||
-rw-r--r-- | pcr/apparmor-openrc/apparmor-init | 91 | ||||
-rw-r--r-- | pcr/apparmor/PKGBUILD | 3 | ||||
-rw-r--r-- | pcr/firewalld-openrc/PKGBUILD | 32 | ||||
-rw-r--r-- | pcr/firewalld-openrc/firewalld.init | 13 | ||||
-rw-r--r-- | pcr/openrc-net/PKGBUILD | 23 | ||||
-rw-r--r-- | pcr/openrc-security/PKGBUILD | 114 | ||||
-rw-r--r-- | pcr/openrc-security/apparmor.install (renamed from pcr/apparmor-openrc/apparmor.install) | 0 | ||||
-rw-r--r-- | pcr/openrc-security/firewalld.install (renamed from pcr/firewalld-openrc/firewalld-openrc.install) | 0 |
9 files changed, 116 insertions, 192 deletions
diff --git a/pcr/apparmor-openrc/PKGBUILD b/pcr/apparmor-openrc/PKGBUILD deleted file mode 100644 index 90200d530..000000000 --- a/pcr/apparmor-openrc/PKGBUILD +++ /dev/null @@ -1,32 +0,0 @@ -# Maintainer: David P. <megver83@parabola.nu> - -pkgname=apparmor-openrc -pkgver=20160816 -pkgrel=2 -pkgdesc="OpenRC apparmor init script" -arch=('any') -url="http://apparmor.net/" -license=('GPL2') -depends=('apparmor' 'openrc') -install='apparmor.install' -_filename='apparmor-init' -source=("https://gitweb.gentoo.org/repo/gentoo.git/plain/sys-apps/apparmor/files/$_filename") -sha256sums=('fb8d7b46e682b452ba3061cca6eaf32b6a8f542208e35ea823e8c9c3bc89f764') - -#pkgver() { -# date +%Y%m%d -#} - -_inst_initd(){ - install -Dm755 ${srcdir}/$1.initd ${pkgdir}/etc/init.d/$1 - - sed -e 's|#!/sbin/runscript|#!/usr/bin/openrc-run|' \ - -e 's|/var/run|/run|g' \ - -i "${pkgdir}/etc/init.d/$1" - # ^^--- should work without this, but actually does not (at boot) -} - -package() { - mv "$_filename" -v apparmor.initd - _inst_initd 'apparmor' -} diff --git a/pcr/apparmor-openrc/apparmor-init b/pcr/apparmor-openrc/apparmor-init deleted file mode 100644 index 2c7836b48..000000000 --- a/pcr/apparmor-openrc/apparmor-init +++ /dev/null @@ -1,91 +0,0 @@ -#!/sbin/openrc-run -# Copyright 1999-2013 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -description="Load all configured profiles for the AppArmor security module." -description_reload="Reload all profiles" - -extra_started_commands="reload" - -aa_action() { - local arg=$1 - local return - - shift - $* - return=$? - - if [ ${return} -eq 0 ]; then - aa_log_success_msg $arg - else - aa_log_failure_msg arg - fi - - return $return -} - -aa_log_action_start() { - ebegin $1 -} - -aa_log_action_end() { - eend $1 -} - -aa_log_success_msg() { - einfo $1 -} - -aa_log_warning_msg() { - ewarn $1 -} - -aa_log_failure_msg() { - eerror $1 -} - -aa_log_skipped_msg() { - einfo $1 -} - -aa_log_daemon_msg() { - einfo $1 -} - -aa_log_end_msg() { - eend $1 -} - -. /usr/lib/apparmor/rc.apparmor.functions - -start() { - ebegin "Starting AppArmor" - eindent - - if ! is_apparmor_loaded ; then - load_module - if [ $? -ne 0 ]; then - eerror "AppArmor kernel support is not present" - eend 1 - return 1 - fi - fi - - parse_profiles load - - eoutdent -} - -stop() { - ebegin "Stopping AppArmor" - eindent - apparmor_stop - eoutdent -} - -reload() { - # todo: split out clean_profiles into its own function upstream - # so we can do parse_profiles reload && clean_profiles - # and do a proper reload instead of restart - apparmor_restart -} diff --git a/pcr/apparmor/PKGBUILD b/pcr/apparmor/PKGBUILD index def30d3e4..e537fcd3b 100644 --- a/pcr/apparmor/PKGBUILD +++ b/pcr/apparmor/PKGBUILD @@ -95,7 +95,8 @@ build() { package_apparmor() { pkgdesc='Linux application security framework - mandatory access control for programs (metapackage)' depends=(apparmor-parser apparmor-libapparmor apparmor-utils apparmor-profiles apparmor-pam apparmor-vim) - optdepends=('linux-apparmor: an arch kernel with AppArmor patches') + optdepends=('linux-libre-apparmor: a kernel with AppArmor patches' + 'linux-libre-lts-apparmor: a LTS kernel with AppArmor patches') install='apparmor.install' } diff --git a/pcr/firewalld-openrc/PKGBUILD b/pcr/firewalld-openrc/PKGBUILD deleted file mode 100644 index d90d71b95..000000000 --- a/pcr/firewalld-openrc/PKGBUILD +++ /dev/null @@ -1,32 +0,0 @@ -# Maintainer (Arch): Chris Cromer <chris@cromer.cl> -# Maintainer: Omar Vega Ramos <ovruni@gnu.org.pe> - -pkgname=firewalld-openrc -pkgver=1.0 -pkgrel=2.2 -pkgdesc="OpenRC scripts for firewalld." -arch=('any') -provides=('firewalld-openrc') -conflicts=('iptables-openrc') -pkgname=('firewalld-openrc') -depends=('firewalld' 'openrc') -url="https://github.com/cromerc/arch-openrc" -license=("GPL2") -source=("firewalld.init") -sha256sums=('96593cc0e8efcb60b0aa6b9e994dae31ec31cd812aca1145b7829b0a40e0dfa6') - -_inst_initd(){ - install -Dm755 firewalld.init ${pkgdir}/etc/init.d/firewalld - - sed -e 's|/var/run|/run|g' \ - -e 's|/usr/sbin|/usr/bin|g' \ - -i ${pkgdir}/etc/init.d/$1 -} - -package_firewalld-openrc() { - pkgdesc="OpenRC scripts for firewalld." - depends=('firewalld' 'openrc') - install=firewalld-openrc.install - - _inst_initd 'firewalld' -} diff --git a/pcr/firewalld-openrc/firewalld.init b/pcr/firewalld-openrc/firewalld.init deleted file mode 100644 index b1d7d15d9..000000000 --- a/pcr/firewalld-openrc/firewalld.init +++ /dev/null @@ -1,13 +0,0 @@ -#!/sbin/openrc-run -# Copyright 1999-2012 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Id$ - -description="FirewallD" -command=/usr/sbin/firewalld -pidfile=/var/run/firewalld.pid - -depend() { - need dbus - provide iptables ip6tables ebtables -} diff --git a/pcr/openrc-net/PKGBUILD b/pcr/openrc-net/PKGBUILD index e37e1db79..f6fcc7922 100644 --- a/pcr/openrc-net/PKGBUILD +++ b/pcr/openrc-net/PKGBUILD @@ -14,7 +14,6 @@ pkgname=('autofs-openrc' 'cyrus-sasl-openrc' 'dhcp-openrc' 'hostapd-openrc' - 'iptables-openrc' 'krb5-openrc' 'lighttpd-openrc' 'nfs-utils-openrc' @@ -63,9 +62,6 @@ source=("${_dev_url}/gentoo-apache-${_apver}-${_aprel}.tar.bz2" "dhcrelay.initd::${_url}/net-misc/dhcp/files/dhcrelay.init3" "hostapd.confd::${_url}/net-wireless/hostapd/files/hostapd-conf.d" "hostapd.initd::${_url}/net-wireless/hostapd/files/hostapd-init.d" - "iptables.confd::${_url}/net-firewall/iptables/files/iptables-1.4.13.confd" - "ip6tables.confd::${_url}/net-firewall/iptables/files/ip6tables-1.4.13.confd" - "iptables.initd::${_url}/net-firewall/iptables/files/iptables-1.4.13-r1.init" "krb5kadmind.initd::${_url}/app-crypt/mit-krb5/files/mit-krb5kadmind.initd-r2" "krb5kdc.initd::${_url}/app-crypt/mit-krb5/files/mit-krb5kdc.initd-r2" "krb5kpropd.initd::${_url}/app-crypt/mit-krb5/files/mit-krb5kpropd.initd-r2" @@ -324,25 +320,6 @@ package_hostapd-openrc() { sed -e 's|/usr/sbin|/usr/bin|g' -i "${pkgdir}/etc/init.d/hostapd" } -package_iptables-openrc() { - pkgdesc="OpenRC iptables init script" - depends=('openrc' 'iptables') - backup=('etc/conf.d/iptables' - 'etc/conf.d/ip6tables') - - _inst_confd 'iptables' - _inst_initd 'iptables' - - _inst_confd 'ip6tables' -# _inst_initd 'iptables' - - install -Dm755 "${srcdir}/iptables.initd" "${pkgdir}/etc/init.d/ip6tables" - - for f in ${pkgdir}/etc/init.d/*;do - sed -e 's|/sbin|/usr/bin|g' -i $f - done -} - package_krb5-openrc() { pkgdesc="OpenRC krb5 init script" depends=('openrc' 'krb5') diff --git a/pcr/openrc-security/PKGBUILD b/pcr/openrc-security/PKGBUILD new file mode 100644 index 000000000..2a13cd700 --- /dev/null +++ b/pcr/openrc-security/PKGBUILD @@ -0,0 +1,114 @@ +# Maintainer: David P. <megver83@parabola.nu> +# Maintainer: Omar Vega Ramos <ovruni@gnu.org.pe> + +_url="https://raw.githubusercontent.com/gentoo/gentoo/master" + +_sed_args=(-e 's|/var/run|/run|g') +prefix=true + +$_prefix && _sed_args+=(-e 's|#!/sbin/openrc-run|#!/usr/bin/openrc-run|g') + +pkgbase=openrc-base +pkgname=('apparmor-openrc' + 'iptables-openrc' + 'shorewall-openrc' + 'shorewall6-openrc' + 'firewalld-openrc') +pkgver=20170505 +pkgrel=1.1 +pkgdesc="OpenRC init scripts" +arch=('any') +url="https://github.com/manjaro/packages-openrc" +license=('GPL2') +# groups=('openrc-base' 'base-nosystemd') +groups=('base-openrc' 'openrc-base') +conflicts=('systemd-sysvcompat') +source=("iptables.confd::${_url}/net-firewall/iptables/files/iptables-1.4.13.confd" + "ip6tables.confd::${_url}/net-firewall/iptables/files/ip6tables-1.4.13.confd" + "iptables.initd::${_url}/net-firewall/iptables/files/iptables-1.4.13-r1.init" + "firewalld.initd::${_url}/net-firewall/firewalld/files/firewalld.init" + "apparmor.initd::${_url}/sys-apps/apparmor/files/apparmor-init" + "shorewall.initd::${_url}/net-firewall/shorewall/files/shorewall-init.initd" + "shorewall.confd::${_url}/net-firewall/shorewall/files/shorewall-init.confd" + "shorewall6.initd::${_url}/net-firewall/shorewall/files/shorewall6.initd-r1" + "shorewall6.confd::${_url}/net-firewall/shorewall/files/shorewall6.confd-r1" + "shorewallrc::${_url}/net-firewall/shorewall/files/shorewallrc-r1") +sha512sums=('bd67d53e997ea65755148ba071fe6e3856d6e604b9167c666900721bc3dc24f63d395bc33a1a34ae50f95e72760da630db1a8d35afc81ec5973e60ba5343dc70' + '8de9a5de4061bef217fbc07577688a8110f1116af7f3b936dfd18100a6a7a47ec6e70c456b24cf3432fb4f2034b741a487fe6af8d9740f174d51c6eb16945c6e' + '9b74344043f48ce2a4691f09199cfa752bd7ee360d912d412fe1cf51de54821b0d082c9585a11b84020454f9759af78ff097d7dfc8f5148ef9e987e6d990edde' + 'ed71564d92f4235bb1209cf1141e28f825e4b0e3d84e7214456399e1ac0a787c02d06fecd38eaa7643b4c571b90bfe2e3c93d9826ea448ebd480c0794b62265d' + '4ee4747ec98a0828beb690bf5e01bc112d958bff4c68d60fc0cbb9f0707bd8daecc011dba3916aa6e6368f460eedce7f2ce42aad9ccea49a5d898dcae3d01148' + '5cb410e0fe0391fd467f212b3e1cf3ec4c7fa3289de2341edbf301ce9087e7cba05a36999a8203d7bce28ac35a429c10bc017a96b750aec1bf257987aec23245' + '105393c3cbdd1820066e41ed941b6a79cafde3196eb723c06ca984fc663370d6902757467339b6b4ebfb8d00167b9f85311b6842dadc564029313eb36f1a389b' + '3149b1848ed76b1d04466195810572c96cf1a68ffce6005c8c6cca08df7d7c8914f3c185ed80a357cf30cef23f076559ccb1df3236f443abf089133eeffe42b3' + 'fee275ba8089b0abda5239edb06a3ab70c96acbbcd715c1a3aa5e92ba976294525c251b67b00d876e45f7c827767db45bd7623df42cc68c822234a7ea13d527b' + '9cf87d5b5807b224a325c9d038f159e55d277ad3eca62a1fd82d06d9ec1d0f71e58b239c57532b9b081271c7ab6f90b281cea1dca0bb9ea26e1e1c8ddaf3a691') + +pkgver() { + date +%Y%m%d +} + +_inst_initd(){ + install -Dm755 ${srcdir}/$1.initd ${pkgdir}/etc/init.d/$1 + + sed ${_sed_args[@]} -i ${pkgdir}/etc/init.d/$1 +} + +_inst_confd(){ + install -Dm755 ${srcdir}/$1.confd ${pkgdir}/etc/conf.d/$1 +} + +package_iptables-openrc() { + pkgdesc="OpenRC iptables init script" + depends=('openrc' 'iptables') + backup=('etc/conf.d/iptables' + 'etc/conf.d/ip6tables') + + _inst_confd 'iptables' + _inst_initd 'iptables' + + _inst_confd 'ip6tables' +# _inst_initd 'iptables' + + install -Dm755 "${srcdir}/iptables.initd" "${pkgdir}/etc/init.d/ip6tables" + + for f in ${pkgdir}/etc/init.d/*;do + sed -e 's|/sbin|/usr/bin|g' -i $f + done +} + +package_firewalld-openrc() { + pkgdesc="OpenRC firewalld init script" + depends=('firewalld' 'openrc') + install=firewalld.install + + _inst_initd 'firewalld' + sed -e 's|/usr/sbin|/usr/bin|g' +} + +package_apparmor-openrc() { + pkgdesc="OpenRC apparmor init script" + depends=('apparmor' 'openrc') + install='apparmor.install' + + _inst_initd 'apparmor' +} + +package_shorewall-openrc() { + pkgdes="OpenRC shorewall init script" + depends=('shorewall' 'openrc') + + _inst_initd 'shorewall' + _inst_confd 'shorewall' + + install -Dm644 ${srcdir}/shorewallrc ${pkgdir}/usr/share/shorewall/shorewallrc +} + +package_shorewall6-openrc() { + pkgdes="OpenRC shorewall6 init script" + depends=('shorewall6' 'openrc') + + _inst_initd 'shorewall6' + _inst_confd 'shorewall6' + sed -e 's|/usr/sbin|/usr/bin|g' +} diff --git a/pcr/apparmor-openrc/apparmor.install b/pcr/openrc-security/apparmor.install index a59542111..a59542111 100644 --- a/pcr/apparmor-openrc/apparmor.install +++ b/pcr/openrc-security/apparmor.install diff --git a/pcr/firewalld-openrc/firewalld-openrc.install b/pcr/openrc-security/firewalld.install index ddab9e43a..ddab9e43a 100644 --- a/pcr/firewalld-openrc/firewalld-openrc.install +++ b/pcr/openrc-security/firewalld.install |