From 3e12215be51a564cc87c01e4424114b7160a582c Mon Sep 17 00:00:00 2001 From: André Fabian Silva Delgado Date: Wed, 28 May 2014 13:03:22 -0300 Subject: vim-runtime-7.4.307-2: updating revision from Arch --- libre/vim-runtime/PKGBUILD | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/libre/vim-runtime/PKGBUILD b/libre/vim-runtime/PKGBUILD index 3f6f01b6b..cf813eb36 100644 --- a/libre/vim-runtime/PKGBUILD +++ b/libre/vim-runtime/PKGBUILD @@ -12,7 +12,7 @@ _patchlevel=307 __hgrev=54d96e3b2eec _versiondir="vim${_topver//./}" pkgver=${_topver}.${_patchlevel} -pkgrel=1 +pkgrel=2 arch=('i686' 'x86_64' 'mips64el') license=('custom:vim') url="http://www.vim.org" @@ -69,7 +69,7 @@ package_vim-runtime() { make -j1 VIMRCLOC=/etc DESTDIR="${pkgdir}" install - # delete binaries and manuals files + # delete binaries and manual files rm -vr "${pkgdir}"/usr/bin rm -vr "${pkgdir}"/usr/share/man -- cgit v1.2.3 From 02e8ea7918564960b15bf4f9a0abb0468a3433d8 Mon Sep 17 00:00:00 2001 From: André Fabian Silva Delgado Date: Wed, 28 May 2014 13:33:10 -0300 Subject: ice{cat,weasel}-adblock-plus-2.6.1-1: updating version --- libre/icecat-adblock-plus/PKGBUILD | 17 ++++++----------- libre/iceweasel-adblock-plus/PKGBUILD | 17 ++++++----------- 2 files changed, 12 insertions(+), 22 deletions(-) diff --git a/libre/icecat-adblock-plus/PKGBUILD b/libre/icecat-adblock-plus/PKGBUILD index 935584aa1..80c94c16b 100644 --- a/libre/icecat-adblock-plus/PKGBUILD +++ b/libre/icecat-adblock-plus/PKGBUILD @@ -1,9 +1,8 @@ -# $Id: PKGBUILD 110697 2014-05-05 09:47:45Z spupykin $ +# $Id: PKGBUILD 112006 2014-05-28 09:45:57Z spupykin $ # Maintainer (Arch): Sergej Pupykin pkgname=icecat-adblock-plus -pkgver=2.6 -_addons_file=254870 +pkgver=2.6.1 pkgrel=1 pkgdesc="plugin for icecat which block ads and banners" arch=('any') @@ -12,21 +11,17 @@ license=('GPL') depends=("icecat") makedepends=('unzip') provides=(firefox-adblock-plus=$pkgver) -noextract=("adblock_plus-$pkgver-fx+tb+fn+sm.xpi") -source=(https://addons.mozilla.org/firefox/downloads/file/${_addons_file}/adblock_plus-$pkgver-fx+tb+fn+sm.xpi) -md5sums=('fa3ccbbd5f9ea6718fbb8cfbb321e556') +noextract=("adblockplus-$pkgver.xpi") +source=("https://downloads.adblockplus.org/adblockplus-$pkgver.xpi") +md5sums=('ad8c04f09515c92c948d384ddd3f6604') package() { -# _ffver=`pacman -Q firefox | cut -f2 -d\ | cut -f1-2 -d.` -# depends=("icecat>=${_ffver}" "icecat<=${_ffver/0/99}") - cd $srcdir - [ $NOEXTRACT -eq 1 ] || unzip adblock_plus-$pkgver-fx+tb+fn+sm.xpi + unzip adblockplus-$pkgver.xpi local emid=$(sed -n -e '/<\?em:id>\?/!d; s/.*\([\"{].*[}\"]\).*/\1/; s/\"//g; p; q' install.rdf) local dstdir=$pkgdir/usr/lib/icecat/browser/extensions/${emid} [ -n ${emid} ] || return 1 install -d $dstdir -# sed -i 's#.*#20.*#' install.rdf cp -R * $dstdir rm $dstdir/*.xpi find $pkgdir -type d -exec chmod 0755 {} \; diff --git a/libre/iceweasel-adblock-plus/PKGBUILD b/libre/iceweasel-adblock-plus/PKGBUILD index 3b2077b2a..c4505269b 100644 --- a/libre/iceweasel-adblock-plus/PKGBUILD +++ b/libre/iceweasel-adblock-plus/PKGBUILD @@ -1,9 +1,8 @@ -# $Id: PKGBUILD 110697 2014-05-05 09:47:45Z spupykin $ +# $Id: PKGBUILD 112006 2014-05-28 09:45:57Z spupykin $ # Maintainer (Arch): Sergej Pupykin pkgname=iceweasel-adblock-plus -pkgver=2.6 -_addons_file=254870 +pkgver=2.6.1 pkgrel=1 pkgdesc="plugin for iceweasel which block ads and banners" arch=('any') @@ -12,21 +11,17 @@ license=('GPL') depends=("iceweasel-libre") makedepends=('unzip') provides=(firefox-adblock-plus=$pkgver) -noextract=("adblock_plus-$pkgver-fx+tb+fn+sm.xpi") -source=(https://addons.mozilla.org/firefox/downloads/file/${_addons_file}/adblock_plus-$pkgver-fx+tb+fn+sm.xpi) -md5sums=('fa3ccbbd5f9ea6718fbb8cfbb321e556') +noextract=("adblockplus-$pkgver.xpi") +source=("https://downloads.adblockplus.org/adblockplus-$pkgver.xpi") +md5sums=('ad8c04f09515c92c948d384ddd3f6604') package() { -# _ffver=`pacman -Q firefox | cut -f2 -d\ | cut -f1-2 -d.` -# depends=("iceweasel-libre>=${_ffver}" "iceweasel-libre<=${_ffver/0/99}") - cd $srcdir - [ $NOEXTRACT -eq 1 ] || unzip adblock_plus-$pkgver-fx+tb+fn+sm.xpi + unzip adblockplus-$pkgver.xpi local emid=$(sed -n -e '/<\?em:id>\?/!d; s/.*\([\"{].*[}\"]\).*/\1/; s/\"//g; p; q' install.rdf) local dstdir=$pkgdir/usr/lib/iceweasel/browser/extensions/${emid} [ -n ${emid} ] || return 1 install -d $dstdir -# sed -i 's#.*#20.*#' install.rdf cp -R * $dstdir rm $dstdir/*.xpi find $pkgdir -type d -exec chmod 0755 {} \; -- cgit v1.2.3 From d1661aeec41ddf3de98e72b309ff89994d10d414 Mon Sep 17 00:00:00 2001 From: André Fabian Silva Delgado Date: Thu, 29 May 2014 15:32:12 -0300 Subject: vim-runtime-7.4.307-3: updating revision from Arch --- libre/vim-runtime/PKGBUILD | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libre/vim-runtime/PKGBUILD b/libre/vim-runtime/PKGBUILD index cf813eb36..f26e026c3 100644 --- a/libre/vim-runtime/PKGBUILD +++ b/libre/vim-runtime/PKGBUILD @@ -12,7 +12,7 @@ _patchlevel=307 __hgrev=54d96e3b2eec _versiondir="vim${_topver//./}" pkgver=${_topver}.${_patchlevel} -pkgrel=2 +pkgrel=3 arch=('i686' 'x86_64' 'mips64el') license=('custom:vim') url="http://www.vim.org" -- cgit v1.2.3 From b41d1250002b20994265253093a78b8e64031c4c Mon Sep 17 00:00:00 2001 From: André Fabian Silva Delgado Date: Thu, 29 May 2014 20:01:43 -0300 Subject: linux-libre-grsec-3.14.4.201405281922-1: updating version --- libre/linux-libre-grsec/PKGBUILD | 8 ++++---- libre/linux-libre-grsec/config.i686 | 4 ++-- libre/linux-libre-grsec/config.x86_64 | 4 ++-- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/libre/linux-libre-grsec/PKGBUILD b/libre/linux-libre-grsec/PKGBUILD index 5e0aa6eeb..582efe043 100644 --- a/libre/linux-libre-grsec/PKGBUILD +++ b/libre/linux-libre-grsec/PKGBUILD @@ -14,7 +14,7 @@ pkgbase=linux-libre-grsec # Build stock -LIBRE-GRSEC kernel _basekernel=3.14 _sublevel=4 _grsecver=3.0 -_timestamp=201405271114 +_timestamp=201405281922 _pkgver=${_basekernel}.${_sublevel} pkgver=${_basekernel}.${_sublevel}.${_timestamp} pkgrel=1 @@ -51,10 +51,10 @@ source=("http://linux-libre.fsfla.org/pub/linux-libre/releases/${_basekernel}-gn "http://www.linux-libre.fsfla.org/pub/linux-libre/lemote/gnewsense/pool/debuginfo/linux-patches-${_lxopkgver}-gnu_0loongsonlibre_mipsel.tar.xz") sha256sums=('477555c709b9407fe37dbd70d3331ff9dde1f9d874aba2741f138d07ae6f281b' '01de5e15a2081197859e617c441de5cac9ddf60bed6fcf4dcff7a54e210e7815' - '76daa7e437ab5fedc51c1fec3a84b7e6901a073b083a94e3a55671bca9e67d34' + '5b1a2efe49736d3b0417f3b76df779de4166fe5890489491e1d0b99fed653b57' 'SKIP' - 'ffba30739752c6bba5ce0cf33d82748f0c35c3642ac3ca45ad3b99bf85dbb1fc' - '3cfcfcdb946be20cb651b331859bdd2e59947e711f690605d730ff7b75a17fc4' + 'a82a5b673dae3f1aa8124e91c485cb8648623d560b7543da63fffab2606443d6' + '51e86aeeb4fadbb2ead2b4af115f0bfd04afb83c9959856e3495d704cec55db6' '9d2f34f1a8c514a7117b9b017a1f7312fb351f4d0b079eed102f89361534d486' 'c5451d5e1eafc4f8d28b1a2958ec3102c124433a414a86450fc32058e004156b' '55bf07738a3286168a7929ae16dbca29defd14e77b9d24c487ae4c3d12bb9eb9' diff --git a/libre/linux-libre-grsec/config.i686 b/libre/linux-libre-grsec/config.i686 index fdf8e2d25..99ccdb5bf 100644 --- a/libre/linux-libre-grsec/config.i686 +++ b/libre/linux-libre-grsec/config.i686 @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 3.14.4.201405271114-1 Kernel Configuration +# Linux/x86 3.14.4.201405281922-1 Kernel Configuration # # CONFIG_64BIT is not set CONFIG_X86_32=y @@ -6221,7 +6221,7 @@ CONFIG_DEBUG_MEMORY_INIT=y # CONFIG_DEBUG_PER_CPU_MAPS is not set # CONFIG_DEBUG_HIGHMEM is not set CONFIG_HAVE_DEBUG_STACKOVERFLOW=y -CONFIG_DEBUG_STACKOVERFLOW=y +# CONFIG_DEBUG_STACKOVERFLOW is not set CONFIG_HAVE_ARCH_KMEMCHECK=y # CONFIG_DEBUG_SHIRQ is not set diff --git a/libre/linux-libre-grsec/config.x86_64 b/libre/linux-libre-grsec/config.x86_64 index a1afbacc7..2e13102ee 100644 --- a/libre/linux-libre-grsec/config.x86_64 +++ b/libre/linux-libre-grsec/config.x86_64 @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 3.14.4.201405271114-1 Kernel Configuration +# Linux/x86 3.14.4.201405281922-1 Kernel Configuration # CONFIG_64BIT=y CONFIG_X86_64=y @@ -6002,7 +6002,7 @@ CONFIG_HAVE_DEBUG_KMEMLEAK=y CONFIG_DEBUG_MEMORY_INIT=y # CONFIG_DEBUG_PER_CPU_MAPS is not set CONFIG_HAVE_DEBUG_STACKOVERFLOW=y -CONFIG_DEBUG_STACKOVERFLOW=y +# CONFIG_DEBUG_STACKOVERFLOW is not set CONFIG_HAVE_ARCH_KMEMCHECK=y # CONFIG_DEBUG_SHIRQ is not set -- cgit v1.2.3 From 52cc248bab3d2478ef7e4e04dc9d3b8a0370311c Mon Sep 17 00:00:00 2001 From: André Fabian Silva Delgado Date: Thu, 29 May 2014 23:42:18 -0300 Subject: add paxd-libre to [libre] and remove pax-flags-libre from [kernels] --- kernels/pax-flags-libre/PKGBUILD | 54 ------ kernels/pax-flags-libre/browsers.conf | 10 -- kernels/pax-flags-libre/clamav.conf | 6 - kernels/pax-flags-libre/games.conf | 20 --- kernels/pax-flags-libre/imagemagick.conf | 13 -- kernels/pax-flags-libre/java.conf | 13 -- kernels/pax-flags-libre/kde.conf | 22 --- kernels/pax-flags-libre/pax-flags-libre.8 | 112 ------------ kernels/pax-flags-libre/pax-flags-libre.rb | 278 ----------------------------- kernels/pax-flags-libre/pax-flags-libre.sh | 13 -- kernels/pax-flags-libre/polkit.conf | 5 - kernels/pax-flags-libre/qemu.conf | 51 ------ kernels/pax-flags-libre/replicant.conf | 8 - kernels/pax-flags-libre/ruby.conf | 8 - kernels/pax-flags-libre/simple.conf | 56 ------ kernels/pax-flags-libre/valgrind.conf | 25 --- kernels/pax-flags-libre/wine.conf | 4 - libre/paxd-libre/10-enable-pax.conf | 2 + libre/paxd-libre/PKGBUILD | 34 ++++ 19 files changed, 36 insertions(+), 698 deletions(-) delete mode 100644 kernels/pax-flags-libre/PKGBUILD delete mode 100644 kernels/pax-flags-libre/browsers.conf delete mode 100644 kernels/pax-flags-libre/clamav.conf delete mode 100644 kernels/pax-flags-libre/games.conf delete mode 100644 kernels/pax-flags-libre/imagemagick.conf delete mode 100644 kernels/pax-flags-libre/java.conf delete mode 100644 kernels/pax-flags-libre/kde.conf delete mode 100644 kernels/pax-flags-libre/pax-flags-libre.8 delete mode 100755 kernels/pax-flags-libre/pax-flags-libre.rb delete mode 100755 kernels/pax-flags-libre/pax-flags-libre.sh delete mode 100644 kernels/pax-flags-libre/polkit.conf delete mode 100644 kernels/pax-flags-libre/qemu.conf delete mode 100644 kernels/pax-flags-libre/replicant.conf delete mode 100644 kernels/pax-flags-libre/ruby.conf delete mode 100644 kernels/pax-flags-libre/simple.conf delete mode 100644 kernels/pax-flags-libre/valgrind.conf delete mode 100644 kernels/pax-flags-libre/wine.conf create mode 100644 libre/paxd-libre/10-enable-pax.conf create mode 100644 libre/paxd-libre/PKGBUILD diff --git a/kernels/pax-flags-libre/PKGBUILD b/kernels/pax-flags-libre/PKGBUILD deleted file mode 100644 index 882031ffe..000000000 --- a/kernels/pax-flags-libre/PKGBUILD +++ /dev/null @@ -1,54 +0,0 @@ -# Contributors: -# henning mueller -# Ahmad24, duncant, echoblack, niki, ShadowKyogre, s1gma, test0 -# -# Forked libre version which blacklists nonfree software for Parabola here: -# https://github.com/g4jc/pax-flags-libre -# - -pkgname=pax-flags-libre -pkgdesc='Deactivates PaX flags for several binaries to work with PaX enabled kernels (a libre fork of linux-pax-flags)' -pkgver=2.0.17 -pkgrel=1 -arch=(any) -url='https://github.com/g4jc/pax-flags-libre' -license=(GPL3) -depends=(ruby paxctl) -optdepends=('sudo: Run as root automatically.') -replaces=(linux-pax-flags) -conflicts=(linux-pax-flags) -provides=(linux-pax-flags) -source=( - $pkgname.sh $pkgname.rb $pkgname.8 - replicant.conf browsers.conf clamav.conf games.conf imagemagick.conf java.conf - kde.conf polkit.conf qemu.conf ruby.conf simple.conf valgrind.conf wine.conf -) - -package() { - install -D -m755 $srcdir/$pkgname.sh $pkgdir/usr/bin/$pkgname - install -D -m755 $srcdir/$pkgname.rb $pkgdir/usr/bin/$pkgname.rb - install -D -m644 $srcdir/$pkgname.8 $pkgdir/usr/share/man/man8/$pkgname.8 - - for config in $srcdir/*.conf; do - install -D -m600 $config $pkgdir/usr/share/$pkgname/$(basename $config) - done - - mkdir -p $pkgdir/etc/pax-flags-libre -} - -sha256sums=('06295e9d2afea0ea01c42620f0cd5e3ae785bc42c2749d4bef52f7d5b8a043ce' - '79367f1b72eb836557e24df20fc4ad142af55669c0fee1e3e7a0d34d35bfc9dc' - '9d62896dd51be4979cd85bfcd09de219f6068ec312f27e2a66f7a2f2c78d1f38' - '7bbbad18a19150893916995723cd7e256a7b4e2baa5c2ff57bc27886c40f51fc' - 'aedce25acf41fffa7a5c15c2ad7e5034eb56bfedcde65612ae4bc3f86ef4841a' - 'bb87f4dce8e20f2ce601bdcb888dd688d8f0e9d0ab367e09c8081daffa15b03a' - '95471682765c3c5ca31b29e3de7f8a07de6b2857e999dcdd714d062fe3da04ea' - '7dc92a303004c9d74a1fe4d40d75105a703366ade8b2b459b0aae8d6f8b62ed0' - '71afe786955d149fe216ff1a60348562914a6820d3b7f9dc42aa44913062b04e' - '01ddeec77c605e1d3aa00a1fdc4c3537989468ab78da5f37b893cdbcfe34176c' - '1f205fddfb427a696fb00221a3007453e25fbbf180ea026c264d23eeac9e1870' - '2736d0ef20d0127c34e132db38d8993dee3062ba0ac0cdf8d444a8d3665698b8' - 'e5562d68df885c5ceeb51709fc57c86d7b2c7849b9d99f828a77228878e25d71' - '7d9f510e649e4ead08be3bb5f6fe1b6371b47a9fbb2f9b829cf329caa16bad94' - 'ea003c4201745cd0c4bcf5cec5ca2d0a79cc6b1b04ceaa276ace0ad0287b8c50' - 'd78fe0a02b5801c70e3d64045b12c3cbee358689da9082d71003b1cffda73ee3') diff --git a/kernels/pax-flags-libre/browsers.conf b/kernels/pax-flags-libre/browsers.conf deleted file mode 100644 index a37590b80..000000000 --- a/kernels/pax-flags-libre/browsers.conf +++ /dev/null @@ -1,10 +0,0 @@ -# MPROTECT and RANDMMAP off -PSmXEr: - - /usr/bin/elinks - - /usr/bin/qupzilla - - /usr/lib/iceweasel/iceweasel - - /usr/lib/iceweasel/plugin-container - -# MPROTECT off -PSmXER: - - /usr/bin/midori diff --git a/kernels/pax-flags-libre/clamav.conf b/kernels/pax-flags-libre/clamav.conf deleted file mode 100644 index 7cb614bca..000000000 --- a/kernels/pax-flags-libre/clamav.conf +++ /dev/null @@ -1,6 +0,0 @@ -# MPROTECT off -PSmXER: - - /usr/bin/clamscan - - /usr/bin/freshclam - - /usr/sbin/clamd: - type: systemd diff --git a/kernels/pax-flags-libre/games.conf b/kernels/pax-flags-libre/games.conf deleted file mode 100644 index 59d5c7296..000000000 --- a/kernels/pax-flags-libre/games.conf +++ /dev/null @@ -1,20 +0,0 @@ -# MPROTECT and RANDMMAP off -PSmXEr: - - /usr/bin/pyrogenesis - - /usr/bin/hwengine - -# PAGEEXEC and MPROTECT off -#pSmXER: -# TODO - -# MPROTECT off -PSmXER: - - /opt/doom3/doom.x86 - - /opt/enemy-territory/et.x86 - - /opt/quake3/ioquake3.i386 - - /opt/quake3/ioquake3.x86_64 - - /opt/ryzom/ryzom_client - - /usr/bin/bzflag - - /usr/bin/minetest - - /usr/bin/opencity - diff --git a/kernels/pax-flags-libre/imagemagick.conf b/kernels/pax-flags-libre/imagemagick.conf deleted file mode 100644 index a2201a754..000000000 --- a/kernels/pax-flags-libre/imagemagick.conf +++ /dev/null @@ -1,13 +0,0 @@ -# MPROTECT off -PSmXER: - - /usr/bin/animate - - /usr/bin/compare - - /usr/bin/composite - - /usr/bin/conjure - - /usr/bin/convert - - /usr/bin/display - - /usr/bin/identify - - /usr/bin/import - - /usr/bin/mogrify - - /usr/bin/montage - - /usr/bin/stream diff --git a/kernels/pax-flags-libre/java.conf b/kernels/pax-flags-libre/java.conf deleted file mode 100644 index 7c10aa16e..000000000 --- a/kernels/pax-flags-libre/java.conf +++ /dev/null @@ -1,13 +0,0 @@ -# All off :( -psmxer: - - /opt/java/bin/java - - /opt/java/bin/javac - - /usr/lib/jvm/java-6-openjdk/bin/java - - /usr/lib/jvm/java-6-openjdk/bin/javac - - /usr/lib/jvm/java-6-openjdk/jre/bin/java - - /usr/lib/jvm/java-7-openjdk/bin/javac - - /usr/lib/jvm/java-7-openjdk/jre/bin/java - -# MPROTECT off -PSmXER: - - /usr/lib/jvm/java-7-openjdk/bin/jar diff --git a/kernels/pax-flags-libre/kde.conf b/kernels/pax-flags-libre/kde.conf deleted file mode 100644 index 09c03cc51..000000000 --- a/kernels/pax-flags-libre/kde.conf +++ /dev/null @@ -1,22 +0,0 @@ -# MPROTECT off -PSmXER: - - /usr/bin/akonadi_sendlater_agent - - /usr/bin/akonadi_archivemail_agent - - /usr/bin/akonadi_mailfilter_agent - - /usr/bin/akonadiconsole - - /usr/bin/akregator - - /usr/bin/blogilo - - /usr/bin/kdeinit4 - - /usr/bin/kdenlive - - /usr/bin/kmail - - /usr/bin/knode - - /usr/bin/knotify4 - - /usr/bin/kontact - - /usr/bin/kwin - - /usr/bin/okular - - /usr/lib/kde4/libexec/drkonqi - - /usr/lib/kde4/libexec/kwin_opengl_test - -# MPROTECT and RANDMMAP off -PSmXEr: - - /usr/lib/kde4/libexec/kscreenlocker_greet diff --git a/kernels/pax-flags-libre/pax-flags-libre.8 b/kernels/pax-flags-libre/pax-flags-libre.8 deleted file mode 100644 index f27ae82f8..000000000 --- a/kernels/pax-flags-libre/pax-flags-libre.8 +++ /dev/null @@ -1,112 +0,0 @@ -.TH pax-flags-libre 8 "" 2013-02-18 -.SH NAME -\fBpax-flags-libre\fR \- Configure PaX flags for several binaries -.SH SYNOPSIS -\fBpax-flags-libre\fR [options] [filter] -.SH DESCRIPTION -\fBpax-flags-libre\fR is written to configure PaX flags for a set of binaries. -It is intended to ease the usage of PaX (linux-libre-pax) or grsecurity (linux-libre-grsec, -linux-libre-grsec-lts) enabled kernel on Parabola GNU/Linux-libre. -.P -PaX flags for a set of binaries are collected in YAML format configuration -files. By default, every .conf file from /etc/pax-flags and -/usr/share/pax-flags-libre is read. See the CONFIGURATION section for the file -format. -.P -Root privileges are needed. If you set a value to $PAX_FLAGS_SUDO, -\fBpax-flags-libre\fR will be called with sudo. -.SH OPTIONS -.TP -\-c, \-\-config -Override default configuration paths. Requires one path argument. Can contain -globs (escape them in some shells (zsh for example)). -.TP -\-h, \-\-help -Displays a short usage message and option summary. -.TP -\-p, \-\-prepend -Do not actually change anything. -.TP -\-x, \-\-xattr -Sets the PaX flags through setfattr, underlying filesystems need xattr support. -.TP -\-y, \-\-yes -Non-interactive mode. Assume yes on any question. -.SH FILES -.TP -/etc/pax-flags/*.conf -Files for overriding the standard flag set and path pattern configuration. -.TP -/usr/share/pax-flags-libre/*.conf -The shipped configuration. -.SH CONFIGURATION -There are \fBsimple\fR configuration entries and \fBcomplex\fR ones. Complex -configuration for a certain flag set and path pattern overrides simple. To -override a simple entry with a complex one, the flag sets and path patterns have -to match exactly. -.SS "Simple entries" -Simple configuration entries just set the PaX flags for a set of binaries. The -format is as follows: -.P -PSmXER: -.br - \- /usr/bin/ruby - \- /usr/bin/glx* -.P -\fBPSmXER\fR is the set of flags. Every letter represents a PaX flag. Uppercase -enables the flag, lowercase disables it. See paxctl(1) for more details. This -example disables MPROTECT on /usr/bin/ruby and /usr/bin/glx*. -.SS "Complex entries" -With complex entries it is possible to stop a daemon before setting the flags -and starting it afterwards. The format is as follows: -.P -PSmXER: -.br - \- /usr/sbin/clamd: - type: systemd -.P -This would stop clamd, disable MPROTECT for the binary and start the daemon -again. The \fBtype\fR option values correspond to presets of status, start, stop -actions. Currently there exists only "systemd". By default the systemd unit file -would be "clamd" in this case or the basename of the path in general. -.P -PSmXEr: -.br - \- /usr/lib/polkit-1/polkitd: - type: systemd - systemd_name: polkit -.P -The \fBsystemd_name\fR option can be used to configure a differing systemd unit -name. -.P -PSmXEr: -.br - \- /usr/lib/iceweasel/iceweasel: - status: "pidof iceweasel" - start: "iceweasel &" - stop: "killall iceweasel" -.P -This would configure custom actions for \fBstatus\fR, \fBstart\fR and -\fBstop\fR. -.P -PSmXER: -.br - \- /usr/bin/ruby: - skip: true -.P -This would override a simple entry for the same flag set and path pattern and -cause it to be skipped. -.P -PSmXER: -.br - \- /usr/lib32/somebinary: - header: create -.P -This would cause paxctl to not convert the old binary header, but create a new -one. See paxctl(1) for more details. -.SH AUTHOR -henning mueller -.SH SEE ALSO -\- paxctl(1) -.br -\- http://www.yaml.org diff --git a/kernels/pax-flags-libre/pax-flags-libre.rb b/kernels/pax-flags-libre/pax-flags-libre.rb deleted file mode 100755 index 72a1a2b2c..000000000 --- a/kernels/pax-flags-libre/pax-flags-libre.rb +++ /dev/null @@ -1,278 +0,0 @@ -#!/usr/bin/env ruby - -require 'getoptlong' -require 'readline' -require 'singleton' -require 'yaml' - -# Monkey-path the Array class. -class Array - # ["foo", {"foo" => 1}].cleanup => [{"foo" => 1}] - # If the key in a Hash element of an Array is also present as an element of - # the Array, delete the latter. - def cleanup - array = self.dup - self.grep(Hash).map(&:keys).flatten.each do |x| - array.delete x - end - array - end -end - -# Class handles configuration parameters. -class FlagsConfig < Hash - # This is a singleton class. - include Singleton - - # Merges a Hash or YAML file (containing a Hash) with itself. - def load config - if config.class == Hash - merge! config - return - end - - unless config.nil? - merge_yaml! config - end - end - - # Merge Config Hash with Hash in YAML file. - def merge_yaml! path - merge!(load_file path) do |key, old, new| - (old + new).uniq.cleanup if old.is_a? Array and new.is_a? Array - end - end - - # Load YAML file and work around tabs not working for identation. - def load_file path - YAML.load open(path).read.gsub(/\t/, ' ') - rescue Psych::SyntaxError => e - print path, ':', e.message.split(':').last, "\n" - exit 1 - end -end - -# A method to print a beautiful usage message. -def usage - $stderr.puts < e - usage -end - -# Whatever is left over is a filter. -filters = ARGV - -# Exit if we are not running with root privileges. -if Process.uid != 0 - $stderr << "Root privileges needed.\n" - exit 1 -end - -# Either default config paths or overridden ones. -config_paths = if new_configs.empty? - ['/etc/pax-flags-libre/*.conf', '/usr/share/pax-flags-libre/*.conf'] -else - new_configs -end - -# Initialize the singleton config object... -config = FlagsConfig.instance - -# ... and load every config file. -config_paths.each do |path| - Dir.glob(path).each do |file| - config.load file - end -end - -# Helper text for simple entries. -puts < /dev/null') - system stop unless prepend - start_again = true if start - end - end - - if xattr - # setfattr seems to be picky about the order of the flags, - # rearrange it beforehand - xflags = flags[/[Pp]/] + flags[/[Ee]/] + flags[/[Mm]/] + - flags[/[Rr]/] + flags[/[Ss]/] - print xflags, ' ', path, "\n" - else - print flags, ' ', path, "\n" - end - - # Set the flags and notify the user. - unless prepend - if xattr - `setfattr -n user.pax.flags -v #{xflags} "#{path}"` - else - header = 'c' - header = 'C' if e['header'] == 'create' - `paxctl -#{header}#{flags} "#{path}"` - end - end - - # Start the complex entries service again, if it is neccessary. - system start unless prepend if start_again - end -end diff --git a/kernels/pax-flags-libre/pax-flags-libre.sh b/kernels/pax-flags-libre/pax-flags-libre.sh deleted file mode 100755 index 97b45cc87..000000000 --- a/kernels/pax-flags-libre/pax-flags-libre.sh +++ /dev/null @@ -1,13 +0,0 @@ -#!/bin/sh - -ruby=$(which ruby) - -[ -z $PAX_FLAGS_SUDO ] && sudo='' || sudo='sudo' - -[ "$(paxctl -v $ruby 2>/dev/null)" ] || { - $sudo paxctl -cm $ruby -} - -$sudo systemctl --system daemon-reload - -$sudo pax-flags-libre.rb $@ diff --git a/kernels/pax-flags-libre/polkit.conf b/kernels/pax-flags-libre/polkit.conf deleted file mode 100644 index 5a97136d2..000000000 --- a/kernels/pax-flags-libre/polkit.conf +++ /dev/null @@ -1,5 +0,0 @@ -# MPROTECT and RANDMMAP off -PSmXEr: - - /usr/lib/polkit-1/polkitd: - type: systemd - systemd_name: polkit diff --git a/kernels/pax-flags-libre/qemu.conf b/kernels/pax-flags-libre/qemu.conf deleted file mode 100644 index 428d2928b..000000000 --- a/kernels/pax-flags-libre/qemu.conf +++ /dev/null @@ -1,51 +0,0 @@ -# SEGMEXEC and MPROTECT off -# (RANDEXEC is not activatable for qemu. The binaries seem to be compiled -# with PIE enabled, though.) -PsmxER: - - /usr/bin/qemu-alpha - - /usr/bin/qemu-arm - - /usr/bin/qemu-armeb - - /usr/bin/qemu-cris - - /usr/bin/qemu-i386 - - /usr/bin/qemu-m68k - - /usr/bin/qemu-microblaze - - /usr/bin/qemu-microblazeel - - /usr/bin/qemu-mips - - /usr/bin/qemu-mipsel - - /usr/bin/qemu-ppc - - /usr/bin/qemu-ppc64 - - /usr/bin/qemu-ppc64abi32 - - /usr/bin/qemu-s390x - - /usr/bin/qemu-sh4 - - /usr/bin/qemu-sh4eb - - /usr/bin/qemu-sparc - - /usr/bin/qemu-sparc32plus - - /usr/bin/qemu-sparc64 - - /usr/bin/qemu-unicore32 - - /usr/bin/qemu-x86_64 - -# MPROTECT off -PSmXER: - - /usr/bin/qemu-system-alpha - - /usr/bin/qemu-system-arm - - /usr/bin/qemu-system-cris - - /usr/bin/qemu-system-i386 - - /usr/bin/qemu-system-lm32 - - /usr/bin/qemu-system-m68k - - /usr/bin/qemu-system-microblaze - - /usr/bin/qemu-system-microblazeel - - /usr/bin/qemu-system-mips - - /usr/bin/qemu-system-mips64 - - /usr/bin/qemu-system-mips64el - - /usr/bin/qemu-system-mipsel - - /usr/bin/qemu-system-ppc - - /usr/bin/qemu-system-ppc64 - - /usr/bin/qemu-system-ppcemb - - /usr/bin/qemu-system-s390x - - /usr/bin/qemu-system-sh4 - - /usr/bin/qemu-system-sh4eb - - /usr/bin/qemu-system-sparc - - /usr/bin/qemu-system-sparc64 - - /usr/bin/qemu-system-x86_64 - - /usr/bin/qemu-system-xtensa - - /usr/bin/qemu-system-xtensaeb diff --git a/kernels/pax-flags-libre/replicant.conf b/kernels/pax-flags-libre/replicant.conf deleted file mode 100644 index a916c34b8..000000000 --- a/kernels/pax-flags-libre/replicant.conf +++ /dev/null @@ -1,8 +0,0 @@ -# MPROTECT off -PSmXER: - - /opt/replicant-sdk/tools/emulator-arm - - /opt/replicant-sdk/tools/emulator-x86 - - /opt/replicant-sdk/platform-tools/adb: - status: "pidof adb" - start: "adb start-server" - stop: "adb kill-server" diff --git a/kernels/pax-flags-libre/ruby.conf b/kernels/pax-flags-libre/ruby.conf deleted file mode 100644 index c6d976649..000000000 --- a/kernels/pax-flags-libre/ruby.conf +++ /dev/null @@ -1,8 +0,0 @@ -# MPROTECT off -PSmXER: - - ~/.rbenv/versions/?.?.?{,-p*}/bin/ruby - - ~/.rbenv/versions/?.?.?{,-p*}/lib/ruby/gems/*/gems/capybara-webkit-*/bin/webkit_server - - ~/.rvm/rubies/ruby-?.?.?{,-p*}/bin/ruby - - ~/.rvm/gems/ruby-?.?.?{,-p*}/gems/capybara-webkit-*/bin/webkit_server - - /usr/bin/rbx - - /usr/bin/ruby diff --git a/kernels/pax-flags-libre/simple.conf b/kernels/pax-flags-libre/simple.conf deleted file mode 100644 index 3039f1215..000000000 --- a/kernels/pax-flags-libre/simple.conf +++ /dev/null @@ -1,56 +0,0 @@ -# RANDMMAP off -PSMXEr: - - /usr/bin/grub-script-check - -# MPROTECT and RANDMMAP off -PSmXEr: - - /usr/bin/gnome-shell - - /usr/bin/grub-bios-setup - - /usr/lib/gcc/x86_64-unknown-linux-gnu/*/cc1plus - - /usr/lib/icedove/icedove - -# MPROTECT off -PSmXER: - - /usr/bin/blender - - /usr/bin/btsync - - /usr/bin/cabal - - /usr/bin/cheese - - /usr/bin/dolphin-emu - - /usr/bin/dosbox - - /usr/bin/epiphany - - /usr/bin/gendesk - - /usr/bin/glxdemo - - /usr/bin/glxgears - - /usr/bin/glxinfo - - /usr/bin/glxspheres - - /usr/bin/goldendict - - /usr/bin/gtk-query-immodules-* - - /usr/bin/inkscape - - /usr/bin/konstruktor - - /usr/bin/liferea - - /usr/bin/minitube - - /usr/bin/mono - - /usr/bin/mplayer - - /usr/bin/mumble - - /usr/bin/obex-data-server - - /usr/bin/python2 - - /usr/bin/rhythmbox - - /usr/bin/scheme - - /usr/bin/seahorse - - /usr/bin/spicec - - /usr/bin/systemsettings - - /usr/bin/tcc - - /usr/bin/vlc - - /usr/lib/erlang/erts-*/bin/beam - - /usr/lib/erlang/erts-*/bin/beam.smp - - /usr/lib/ghc-*/ghc - - /usr/lib/libreoffice/program/soffice.bin - - /usr/lib/webkitgtk/WebKitWebProcess - - /usr/lib/xbmc/xbmc.bin - - /usr/sbin/grub-probe - - /usr/sbin/vbetool - - /usr/bin/xiphos - -# PAGEEXEC, MPROTECT, EMUTRAMP and RANDMMAP off -pSmXer: - - /usr/bin/sbcl diff --git a/kernels/pax-flags-libre/valgrind.conf b/kernels/pax-flags-libre/valgrind.conf deleted file mode 100644 index 6d25559ae..000000000 --- a/kernels/pax-flags-libre/valgrind.conf +++ /dev/null @@ -1,25 +0,0 @@ -# MPROTECT off -PSmXER: - - /usr/bin/valgrind - - /usr/lib/valgrind/cachegrind-amd64-linux - - /usr/lib/valgrind/cachegrind-x86-linux - - /usr/lib/valgrind/callgrind-amd64-linux - - /usr/lib/valgrind/callgrind-x86-linux - - /usr/lib/valgrind/drd-amd64-linux - - /usr/lib/valgrind/drd-x86-linux - - /usr/lib/valgrind/exp-bbv-amd64-linux - - /usr/lib/valgrind/exp-bbv-x86-linux - - /usr/lib/valgrind/exp-dhat-amd64-linux - - /usr/lib/valgrind/exp-dhat-x86-linux - - /usr/lib/valgrind/exp-sgcheck-amd64-linux - - /usr/lib/valgrind/exp-sgcheck-x86-linux - - /usr/lib/valgrind/helgrind-amd64-linux - - /usr/lib/valgrind/helgrind-x86-linux - - /usr/lib/valgrind/lackey-amd64-linux - - /usr/lib/valgrind/lackey-x86-linux - - /usr/lib/valgrind/massif-amd64-linux - - /usr/lib/valgrind/massif-x86-linux - - /usr/lib/valgrind/memcheck-amd64-linux - - /usr/lib/valgrind/memcheck-x86-linux - - /usr/lib/valgrind/none-amd64-linux - - /usr/lib/valgrind/none-x86-linux diff --git a/kernels/pax-flags-libre/wine.conf b/kernels/pax-flags-libre/wine.conf deleted file mode 100644 index 77b33053d..000000000 --- a/kernels/pax-flags-libre/wine.conf +++ /dev/null @@ -1,4 +0,0 @@ -# All off :( -psmxer: - - /usr/bin/wine-preloader - - /usr/bin/wine64-preloader diff --git a/libre/paxd-libre/10-enable-pax.conf b/libre/paxd-libre/10-enable-pax.conf new file mode 100644 index 000000000..77e51d87c --- /dev/null +++ b/libre/paxd-libre/10-enable-pax.conf @@ -0,0 +1,2 @@ +# Disable PaX soft mode (set earlier by 05-grsecurity.conf) +kernel.pax.softmode = 0 diff --git a/libre/paxd-libre/PKGBUILD b/libre/paxd-libre/PKGBUILD new file mode 100644 index 000000000..924010bcf --- /dev/null +++ b/libre/paxd-libre/PKGBUILD @@ -0,0 +1,34 @@ +# Maintainer (Arch): Daniel Micay +# Maintainer: André Silva +# Contributor: Gaming4JC + +_pkgname=paxd +pkgname=paxd-libre +pkgver=1.0.1 +pkgrel=1 +pkgdesc='PaX exception daemon, without nonfree software support' +arch=(i686 x86_64) +url='https://github.com/g4jc/paxd-libre/' +license=(MIT) +replaces=($_pkgname linux-pax-flags) +conflicts=($_pkgname linux-pax-flags) +provides=($_pkgname linux-pax-flags) +depends=(glibc) +makedepends=(git) +source=(git://github.com/g4jc/paxd-libre#tag=$pkgver 10-enable-pax.conf) +md5sums=('SKIP' + 'a40677d2cd39ada4c2560927c67e0ea2') +backup=(etc/paxd-libre.conf) + +build() { + cd $pkgname + make CC=gcc +} + +package() { + cd $pkgname + mkdir -p "$pkgdir/usr/lib/systemd/system/sysinit.target.wants" + make PREFIX=/usr DESTDIR="$pkgdir" install + install -Dm644 LICENSE "$pkgdir/usr/share/licenses/$pkgname/LICENSE" + install -Dm644 ../10-enable-pax.conf "$pkgdir/etc/sysctl.d/10-enable-pax.conf" +} -- cgit v1.2.3 From a9fcc70cdcfef12667a333374680ba0c04e56b46 Mon Sep 17 00:00:00 2001 From: André Fabian Silva Delgado Date: Thu, 29 May 2014 23:58:44 -0300 Subject: paxd-libre-1.0.1.0-1: updating version --- libre/paxd-libre/PKGBUILD | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libre/paxd-libre/PKGBUILD b/libre/paxd-libre/PKGBUILD index 924010bcf..e792c3461 100644 --- a/libre/paxd-libre/PKGBUILD +++ b/libre/paxd-libre/PKGBUILD @@ -4,7 +4,7 @@ _pkgname=paxd pkgname=paxd-libre -pkgver=1.0.1 +pkgver=1.0.1.0 pkgrel=1 pkgdesc='PaX exception daemon, without nonfree software support' arch=(i686 x86_64) -- cgit v1.2.3 From 1bc954106832578b9d5e2ee307910a3ea6326b6d Mon Sep 17 00:00:00 2001 From: André Fabian Silva Delgado Date: Fri, 30 May 2014 00:01:35 -0300 Subject: paxd-libre: improve description --- libre/paxd-libre/PKGBUILD | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libre/paxd-libre/PKGBUILD b/libre/paxd-libre/PKGBUILD index e792c3461..f4f9cda1f 100644 --- a/libre/paxd-libre/PKGBUILD +++ b/libre/paxd-libre/PKGBUILD @@ -6,7 +6,7 @@ _pkgname=paxd pkgname=paxd-libre pkgver=1.0.1.0 pkgrel=1 -pkgdesc='PaX exception daemon, without nonfree software support' +pkgdesc='PaX exception daemon (a libre fork of paxd)' arch=(i686 x86_64) url='https://github.com/g4jc/paxd-libre/' license=(MIT) -- cgit v1.2.3