diff options
author | Anthony G. Basile <blueness@gentoo.org> | 2012-07-28 15:37:52 -0400 |
---|---|---|
committer | Anthony G. Basile <blueness@gentoo.org> | 2012-07-28 15:37:52 -0400 |
commit | d6551facd1e26eeaf88bf0265fe1ec7e74ead5a8 (patch) | |
tree | fd640c9d13915e5707aebf797581740c9e4a2e20 | |
parent | sys-kernel/xtpax-sources: bump to vanilla 3.1.5 + patches (diff) | |
download | hardened-dev-d6551facd1e26eeaf88bf0265fe1ec7e74ead5a8.tar.gz hardened-dev-d6551facd1e26eeaf88bf0265fe1ec7e74ead5a8.tar.bz2 hardened-dev-d6551facd1e26eeaf88bf0265fe1ec7e74ead5a8.zip |
Clear out the branch in case it causes problems
26 files changed, 3 insertions, 2881 deletions
diff --git a/DEPRECATED b/DEPRECATED new file mode 100644 index 00000000..8c89dc79 --- /dev/null +++ b/DEPRECATED @@ -0,0 +1,3 @@ + +Don't use this anymore. Its here only for reference. + diff --git a/HOWTO.txt b/HOWTO.txt deleted file mode 100644 index 9edc600f..00000000 --- a/HOWTO.txt +++ /dev/null @@ -1,314 +0,0 @@ -Nov 22, 2011 - - !!!!! DANGER WILL ROBINSON DANGER !!!!! - -We're going to build a system based on some untested code. I hope everything -will work, but if something serious breaks, you may wind up with a heap of useless -bits all over your floor. Please, for the love of all that is (un)holy, do not -do this on a system you cannot afford to loose! - -If you find a problem, please report it to blueness@gentoo.org. You're feedback -is much appreciated and will help to make this approach to PaX robust. - --------------------------------------------------------------------------------- - -*Step 0. Get yourself a gentoo system. Then switch to an appropriate hardened profile -using - - eselect profile set hardened/linux/x86 - -but don't rebuild anything since we'll be doing that below. - --------------------------------------------------------------------------------- - -*Step 1. This step builds a system where all ELF binaries lack the PT_PAX program -header. While not strictly necessary, this makes testing less suspect because you -can be sure that the kernel is not able to get the PaX flags from the PT_PAX phdr. -It does, however, mean recompiling your entire system. - - -1. First, lets get the overlay with the ebuilds to build an XT_PAX based system. -The goodies are in a branch of the hardened-development overlay: - - layman -L # in case you don't have the list of overlays - layman -a hardened-development - - cd /var/lib/layman/hardened-development/ - git checkout XT_PAX # switch branches - git pull origin XT_PAX # and pull - -2. We need to override portage's pax-utils.eclass with the overlay's eclass, and -make sure that we've added extended attribute support to our use flags: - - cat << EOF >> /etc/portage/repos.conf - [DEFAULT] - eclass-overrides = hardened-dev - EOF - - echo "USE=\"\${USE} xattr\"" >> /etc/make.conf - -There is still a problem with portage preserving xattrs, so the eclass's pax-mark -only works when called from pkg_postinst(), but we're working on fixing this! That's -what our hacked up grub does in the next step. - -3. Now let's emerge the stuff we'll need later: - - emerge =sys-devel/binutils-2.21.1-r2 \ # these are all masked so - =sys-kernel/xtpax-sources-3.1.1 \ # we'll have to unmask them - =sys-apps/elfix-0.3.2 \ - =sys-boot/grub-0.97-r11 \ - --autounmask-write - - etc-update # accept changes the changes - - emerge =sys-devel/binutils-2.21.1-r2 \ # these are unmasked, so emerge - =sys-kernel/xtpax-sources-3.1.1 \ - =sys-apps/elfix-0.3.2 \ - =sys-boot/grub-0.97-r11 - - source /etc/profile # for binutils, if we keep using - # the same shell - -4. Our version of binutils intentionally excluse the PT_PAX program header from -ELF binaries, so let's make sure its really gone - - echo "int main(){;return 0;}" > test.c ; gcc -o test test.c ; readelf -l test - -If you see a PT_PAX header, or possibly one called LOOS+5041580 at the end of the list -(ie after GNU_RELRO), then something went wrong. - - -5. To be safe, let's rebuild our entire toolchain. - - emerge gcc glibc binutils - -6. Then let's rebuild world - - emerge --keep-going -eq world - -7. And finally, let's do any post-world rebuild cleanup: - - etc-update - -8. As a final test that all binaries under /bin (or /sbin or /usr/bin etc) really -have not PT_PAX header: - - paxctl-ng -v /bin/* - -You should see a bunch of reports like this: - - /bin/ls: - PT_PAX: not found - XT_PAX: not found - --------------------------------------------------------------------------------- - -*Step 2. Userland is ready, now let's get kernel land going - -1. Configure the kernel for XT_PAX. It should be emerged as of the above step: - - cd /usr/src/ - rm linux - ln -s linux-3.1.1-xtpax linux - cd linux - make menuconfig - -Set up the kernel for your hardware/virtualware, and make sure you get the -correct grsecurity setting: - - Security options ---> - Grsecurity ---> - Security Level (Hardened Gentoo [server]) #or workstation - -And as a check that XT_PAX was set, navigate to - - Security options ---> - PaX ---> - PaX Control ---> - -*- Use filesystem extended attribute marking - -Also, depending on what you're looking for. Among other options, you may also want: - - CONFIG_PAX_SOFTMODE not configure <- to make the kernel kill violators - CONFIG_PAX_SEGMEXEC=y <- to test S marking on x86 - CONFIG_PAX_EMUTRAMP=y <- to test E marking - CONFIG_PAX_PAGEEXEC=y <- should default on, to test P markings - CONFIG_PAX_MPROTECT=y <- should default on, to test M marking - CONFIG_PAX_RANDMMAP=y <- should default on, to test R marking - -2. Configure the kernel to support Extended File Attributes on whatever filesystem -you want to use. I also recommend xattr support on tmpfs: - - File systems ---> - ... - <*> The Extended 4 (ext4) filesystem # if ext4 is your cup of tea - [*] Ext4 extended attributes - ... - Pseudo filesystems ---> - -*- Tmpfs extended attributes - ... - [*] Miscellaneous filesystems ---> - <*> SquashFS 4.0 - Squashed file system support # optional, as an eg - [*] Squashfs XATTR support - ... - -3. Compile the kernel and boot. If you didn't install grub on the MBR before the -migration, do so now. Make sure it was properly pax marked before running it from -the command line. paxctl-ng -v /sbin/grub should give - -/sbin/grub: - PT_PAX: not found - XT_PAX: --me-x - -If it doesn't, then manually mark it using: - - paxctl-ng -cv /sbin/grub # To create the XT_PAX field - paxctl-ng -mexv /sbin/grub # To properly mark it - --------------------------------------------------------------------------------- - -*Step 3. The new system should be now be a pure XT_PAX system. Let's test that -PaX restrictions really work. - -1. First, make sure your kernel supports XATTRS else you'll get a false negative -on the tests. Pick any file, not necessarily a binary: - - touch mytestfile.txt - setfattr -n user.test -v "works" mytestfile.txt - -If you get - - setfattr: mytestfile.txt: Operation not supported - -then you need to figure out why XATTR support is not there. Check that you configured -your kernel correctly. Also try adding user_xattr to your fstab: - - /dev/sda3 / ext3 noatime,user_xattr 0 1 - -and reboot. - -NOTE: on my x86 test I needed the user_xattr option in fstab, but with my amd64 -I did not. I didn't investigate further why. - - -2. The elfix package has a test suite. Let's run it manually: - - emerge yasm # you'll need this - cp /usr/portage/distfiles/elfix-0.3.2.tar.gz . # should be in your DISTDIR - tar -xf elfix-0.3.2.tar.gz - cd elfix-0.3.2 - ./configure --enable-tests - make check - -Among the output, you should see a table that looks like this: - - make[3]: Entering directory `/root/elfix-0.3.2/tests/pxtpax' - ./dotest.sh - xattr process - pemrs pemrs - pemrS pemrS - pemRs pemRs - pemRS pemRS - peMrs no daemon - peMrS peMrS - peMRs no daemon - peMRS peMRS - pEmrs no daemon - pEmrS pEmrS - pEmRs no daemon - pEmRS pEmRS - pEMrs no daemon - pEMrS pEMrS - pEMRs no daemon - pEMRS pEMRS - Pemrs Pemrs - PemrS Pemrs - PemRs PemRs - PemRS PemRs - PeMrs PeMrs - PeMrS PeMrs - PeMRs PeMRs - PeMRS PeMRs - PEmrs PEmrs - PEmrS PEmrs - PEmRs PEmRs - PEmRS PEmRs - PEMrs PEMrs - PEMrS PEMrs - PEMRs PEMRs - PEMRS PEMRs - -The first column of flags are the markings in the Extended Attributes of the -file on the filesystem, and the second are the flags being imposed by the kernel -on the running process. If everything worked, the first column should be setting -the flags in the second column, and they should be equal --- well almost with -a couple of exceptions: - - 1) "no daemon" means PaX killed the process - - 2) On x86, where pageexec is on (P), then segmexec is always off (s) in - the running process. On amd64, segmexec is always off (s) since there - is not segmentation on amd64. - - 3) If you didn't enable CONFIG_PAX_EMUTRAMP, then its always off (e) in - the running process - -If however, you see the following: - - - make[3]: Entering directory `/root/elfix-0.3.2/tests/pxtpax' - ./dotest.sh - xattr process - pemrs PeMRs - pemrS PeMRs - pemRs PeMRs - pemRS PeMRs - peMrs PeMRs - peMrS PeMRs - peMRs PeMRs - ... etc ... - -then it didn't work. Notice the second column is simply defaulting to PeMRs -which is what the kernel does if it doesn't find PaX markings. - - -3. Finally, you may want to do a generic pax test, to make sure pax is working -in general, not just whether the markings are working: - - emerge paxtest --autounmask-write - etc-update #accept chagnes - paxtest blackhat - -You should see output something like the following: - -Executable anonymous mapping : Killed -Executable bss : Killed -Executable data : Killed -Executable heap : Killed -Executable stack : Killed -Executable shared library bss : Killed -Executable shared library data : Killed -Executable anonymous mapping (mprotect) : Killed -Executable bss (mprotect) : Killed -Executable data (mprotect) : Killed -Executable heap (mprotect) : Killed -Executable stack (mprotect) : Killed -Executable shared library bss (mprotect) : Killed -Executable shared library data (mprotect): Killed -Writable text segments : Killed -Anonymous mapping randomisation test : 18 bits (guessed) -Heap randomisation test (ET_EXEC) : 13 bits (guessed) -Heap randomisation test (PIE) : 24 bits (guessed) -Main executable randomisation (ET_EXEC) : No randomisation -Main executable randomisation (PIE) : 16 bits (guessed) -Shared library randomisation test : 18 bits (guessed) -Stack randomisation test (SEGMEXEC) : 24 bits (guessed) -Stack randomisation test (PAGEEXEC) : 24 bits (guessed) -Return to function (strcpy) : Vulnerable -Return to function (memcpy) : Vulnerable -Return to function (strcpy, PIE) : Vulnerable -Return to function (memcpy, PIE) : Vulnerable - - - - diff --git a/README b/README deleted file mode 100644 index 60258a5e..00000000 --- a/README +++ /dev/null @@ -1,7 +0,0 @@ -This is the README only for the XT_PAX branch. See the README in main branch -for information about the entire overlay. - -This overlay/branch is to test a pure XT_PAX based system, that is a system in -which the pax markins are made *only* in the filesystem extended attributes. -Follow the HOWTO.txt to convert any Gentoo system to a pure XT_PAX based system. - diff --git a/app-arch/tar/ChangeLog b/app-arch/tar/ChangeLog deleted file mode 100644 index 1106a6b6..00000000 --- a/app-arch/tar/ChangeLog +++ /dev/null @@ -1,24 +0,0 @@ - - -*tar-1.26-r3 (24 Sep 2011) - - 24 Sep 2011; Anthony G. Basile <blueness@gentoo.org> -tar-1.26-r2.ebuild, - +tar-1.26-r3.ebuild, +files/tar-1.26-full-xattr.patch, - -files/tar-1.26-xattr.patch: - Added USE="acl caps selinux xattr" flags which --enable-xattr - -*tar-1.26-r2 (24 Sep 2011) - - 24 Sep 2011; Anthony G. Basile <blueness@gentoo.org> -tar-1.26-r1.ebuild, - +tar-1.26-r2.ebuild, files/tar-1.26-xattr.patch: - Switching to USE="xattr" for xattr only patch - bug #382067 - - 10 Sep 2011; Anthony G. Basile <blueness@gentoo.org> tar-1.26-r1.ebuild: - Switching to USE="selinux" - -*tar-1.26 (10 Sep 2011) - - 10 Sep 2011; Anthony G. Basile <blueness@gentoo.org> +tar-1.26-r1.ebuild, - +files/tar-1.26-xattrs.patch, +files/rmt, +files/tar.1: - Testing for bug #382067 - diff --git a/app-arch/tar/Manifest b/app-arch/tar/Manifest deleted file mode 100644 index 6853f3d8..00000000 --- a/app-arch/tar/Manifest +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA256 - -- -----BEGIN PGP SIGNED MESSAGE----- -Hash: SHA256 - -AUX rmt 263 RMD160 c5d680ef166b8afda1e78cb5c7d1b47cdb6c99df SHA1 43b791b49aa06e151b90e8e91e3287af3259a62a SHA256 c0371cb0243a190b6bb43609c86dfb4cd637882d4ff3ff9651ca7ec8d6b59355 -AUX tar-1.26-full-xattr.patch 30674 RMD160 d24c88a738bee992c53c9fed469c93fff90ede2c SHA1 5fd7dcd43adb5812254d684e6ddafd113d1877f7 SHA256 c91bdb1c434fb71a1aa7df3d87466010a32a9f6293dba466c3a5401c2cc6a4db -AUX tar.1 16821 RMD160 f58bc7cfeeee0cc811a6c2b5dd1dffe8b197231e SHA1 b354f0803c03cd59fe24f93d532f27f6f0136316 SHA256 f3558b444ab9427c06bc92838c29194051ed64edd0a909163cfa715cc7e6dcdd -DIST tar-1.26.tar.bz2 2339773 RMD160 d507dc5a57a823701cae5cdd2b98aba48ec74d3f SHA1 70f298c3cd997b694864c55e6d8655324c87a0cc SHA256 5a5369f464502a598e938029c310d4b3abd51e6bb8dfd045663e61c8ea9f6d41 -EBUILD tar-1.26-r3.ebuild 2282 RMD160 dd4d0693d87ed493eba1b0c68d6e648f822486e4 SHA1 b53d5b82a490c76a4c92a6c9adbb4cd61a1fcf56 SHA256 88c4db4c1b9bbb39b6c0cb60594881a36dfd396c0690e9864f49b199bf97ac65 -MISC ChangeLog 768 RMD160 cadfa697d35001b45b5122c305f4df280a11a8c5 SHA1 30b82d62ac8240365e1489da63472d85e615e71d SHA256 14427c79b4ed75dc7f291aaec5a0c6065c6576b4e0e108b0efecbd6131c7c955 -MISC metadata.xml 164 RMD160 f43cbec30b7074319087c9acffdb9354b17b0db3 SHA1 9c213f5803676c56439df3716be07d6692588856 SHA256 f5f2891f2a4791cd31350bb2bb572131ad7235cd0eeb124c9912c187ac10ce92 -- -----BEGIN PGP SIGNATURE----- -Version: GnuPG v2.0.17 (GNU/Linux) - -iEYEAREIAAYFAk5+O7AACgkQl5yvQNBFVTVzCwCfSpsPn/7zkb8GjqBx3+SfKeDl -0e0An0c+5ElPYu2oL2w5AFISil7fMReK -=9FpO -- -----END PGP SIGNATURE----- ------BEGIN PGP SIGNATURE----- -Version: GnuPG v2.0.17 (GNU/Linux) - -iEYEAREIAAYFAk7LobAACgkQl5yvQNBFVTWfYgCgmFCLrxDXu3JOXhkoBy+/V160 -y9QAn2nfsoPF9BSWtdov9O+boNmer36a -=633B ------END PGP SIGNATURE----- diff --git a/app-arch/tar/files/rmt b/app-arch/tar/files/rmt deleted file mode 100644 index 15ed6aa9..00000000 --- a/app-arch/tar/files/rmt +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/sh -# -# This is not a mistake. This shell script (/etc/rmt) has been provided -# for compatibility with other Unix-like systems, some of which have -# utilities that expect to find (and execute) rmt in the /etc directory -# on remote systems. -# -exec rmt "$@" diff --git a/app-arch/tar/files/tar-1.26-full-xattr.patch b/app-arch/tar/files/tar-1.26-full-xattr.patch deleted file mode 100644 index 7a5c7f89..00000000 --- a/app-arch/tar/files/tar-1.26-full-xattr.patch +++ /dev/null @@ -1,953 +0,0 @@ -diff --git a/configure.ac b/configure.ac -index db69cb8..2afa463 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -223,6 +223,20 @@ AC_CHECK_TYPE(iconv_t,:, - #endif - ]) - -+AC_ARG_ENABLE(xattr, -+ AC_HELP_STRING([--enable-xattr], -+ [enable Extended Attribute support (disabled by default)]), -+ [xattr_enabled=$enableval], -+ [xattr_enabled=no]) -+ -+if test "x$xattr_enabled" = xyes; then -+ AC_CHECK_HEADERS(attr/xattr.h) -+ AC_CHECK_FUNCS(getxattr fgetxattr lgetxattr \ -+ setxattr fsetxattr lsetxattr \ -+ listxattr flistxattr llistxattr, -+ AC_DEFINE(HAVE_XATTRS,1,[Define if we have a working extended attributes]),) -+fi -+ - # Gettext. - AM_GNU_GETTEXT([external], [need-formatstring-macros]) - AM_GNU_GETTEXT_VERSION([0.16]) -diff --git a/doc/tar.texi b/doc/tar.texi -index db8f986..d861d12 100644 ---- a/doc/tar.texi -+++ b/doc/tar.texi -@@ -3002,6 +3002,10 @@ mechanism. - Treat all input file or member names literally, do not interpret - escape sequences. @xref{input name quoting}. - -+@opsummary{no-xattrs} -+@item --no-xattrs -+Causes @command{tar} not to store and not to extract xattrs. @xref{Attributes}. -+ - @opsummary{no-wildcards} - @item --no-wildcards - Do not use wildcards. -@@ -3447,6 +3451,10 @@ Enable or disable warning messages identified by @var{keyword}. The - messages are suppressed if @var{keyword} is prefixed with @samp{no-}. - @xref{warnings}. - -+@opsummary{xattrs} -+@item --xattrs -+Causes @command{tar} to store xattrs. @xref{Attributes}. -+ - @opsummary{wildcards} - @item --wildcards - Use wildcards when matching member names with patterns. -@@ -8659,6 +8667,8 @@ implementation able to read @samp{ustar} archives will be able to read - most @samp{posix} archives as well, with the only exception that any - additional information (such as long file names etc.) will in such - case be extracted as plain text files along with the files it refers to. -+This is the only format that can store ACLs, SELinux context and extended -+attributes. - - This archive format will be the default format for future versions - of @GNUTAR{}. -@@ -9293,6 +9303,20 @@ Same as both @option{--same-permissions} and @option{--same-order}. - - This option is deprecated, and will be removed in @GNUTAR{} version 1.23. - -+@opindex xattrs -+@item --xattrs -+This option causes @command{tar} to store the current extended attributes in -+the archive. -+ -+The @option{--xattrs} option has no equivalent short option name. -+ -+@opindex no-xattrs -+@item --no-xattrs -+This option causes @command{tar} not to store the current extended attributes in -+the archive and not to extract any extended attributes in an archive. -+ -+The @option{--no-xattrs} option has no equivalent short option name. -+ - @end table - - @node Portability -diff --git a/src/Makefile.am b/src/Makefile.am -index de310f4..27c28be 100644 ---- a/src/Makefile.am -+++ b/src/Makefile.am -@@ -20,7 +20,7 @@ - - bin_PROGRAMS = tar - --noinst_HEADERS = arith.h common.h tar.h -+noinst_HEADERS = arith.h common.h tar.h xattrs.h - tar_SOURCES = \ - buffer.c\ - checkpoint.c\ -@@ -42,10 +42,11 @@ tar_SOURCES = \ - unlink.c\ - update.c\ - utf8.c\ -- warning.c -+ warning.c\ -+ xattrs.c - - INCLUDES = -I$(top_srcdir)/gnu -I../ -I../gnu -I$(top_srcdir)/lib -I../lib - - LDADD = ../lib/libtar.a ../gnu/libgnu.a $(LIBINTL) $(LIBICONV) - --tar_LDADD = $(LDADD) $(LIB_CLOCK_GETTIME) $(LIB_EACCESS) -+tar_LDADD = $(LIBS) $(LDADD) $(LIB_CLOCK_GETTIME) $(LIB_EACCESS) -diff --git a/src/common.h b/src/common.h -index 0b9bd7a..e4ee345 100644 ---- a/src/common.h -+++ b/src/common.h -@@ -253,6 +253,9 @@ GLOBAL int same_owner_option; - /* If positive, preserve permissions when extracting. */ - GLOBAL int same_permissions_option; - -+/* If positive, save the user and root xattrs. */ -+GLOBAL int xattrs_option; -+ - /* When set, strip the given number of file name components from the file name - before extracting */ - GLOBAL size_t strip_name_components; -@@ -707,6 +710,9 @@ extern char *output_start; - - void update_archive (void); - -+/* Module attrs.c. */ -+#include "xattrs.h" -+ - /* Module xheader.c. */ - - void xheader_decode (struct tar_stat_info *stat); -@@ -727,6 +733,12 @@ bool xheader_string_end (struct xheader *xhdr, char const *keyword); - bool xheader_keyword_deleted_p (const char *kw); - char *xheader_format_name (struct tar_stat_info *st, const char *fmt, - size_t n); -+void xheader_xattr_init(struct tar_stat_info *st); -+void xheader_xattr_free(struct xattr_array *vals, size_t sz); -+void xheader_xattr_copy(const struct tar_stat_info *st, -+ struct xattr_array **vals, size_t *sz); -+void xheader_xattr_add(struct tar_stat_info *st, -+ const char *key, const char *val, size_t len); - - /* Module system.c */ - -diff --git a/src/create.c b/src/create.c -index 43b5a4c..7ed5d10 100644 ---- a/src/create.c -+++ b/src/create.c -@@ -936,6 +936,21 @@ start_header (struct tar_stat_info *st) - GNAME_TO_CHARS (st->gname, header->header.gname); - } - -+ if (archive_format == POSIX_FORMAT) -+ { -+ if (xattrs_option > 0) -+ { -+ size_t scan_xattr = 0; -+ struct xattr_array *xattr_map = st->xattr_map; -+ -+ while (scan_xattr < st->xattr_map_size) -+ { -+ xheader_store (xattr_map[scan_xattr].xkey, st, &scan_xattr); -+ ++scan_xattr; -+ } -+ } -+ } -+ - return header; - } - -@@ -1711,6 +1726,11 @@ dump_file0 (struct tar_stat_info *st, char const *name, char const *p) - bool ok; - struct stat final_stat; - -+ if (fd == 0) -+ xattrs_xattrs_get(st, p, -1); -+ else -+ xattrs_xattrs_get(st, p, fd); -+ - if (is_dir) - { - const char *tag_file_name; -@@ -1829,6 +1849,8 @@ dump_file0 (struct tar_stat_info *st, char const *name, char const *p) - if (NAME_FIELD_SIZE - (archive_format == OLDGNU_FORMAT) < size) - write_long_link (st); - -+ xattrs_xattrs_get(st, p, -1); -+ - block_ordinal = current_block_ordinal (); - st->stat.st_size = 0; /* force 0 size on symlink */ - header = start_header (st); -@@ -1847,11 +1869,20 @@ dump_file0 (struct tar_stat_info *st, char const *name, char const *p) - } - #endif - else if (S_ISCHR (st->stat.st_mode)) -- type = CHRTYPE; -+ { -+ type = CHRTYPE; -+ xattrs_xattrs_get(st, p, -1); -+ } - else if (S_ISBLK (st->stat.st_mode)) -- type = BLKTYPE; -+ { -+ type = BLKTYPE; -+ xattrs_xattrs_get(st, p, -1); -+ } - else if (S_ISFIFO (st->stat.st_mode)) -- type = FIFOTYPE; -+ { -+ type = FIFOTYPE; -+ xattrs_xattrs_get(st, p, -1); -+ } - else if (S_ISSOCK (st->stat.st_mode)) - { - WARNOPT (WARN_FILE_IGNORED, -diff --git a/src/extract.c b/src/extract.c -index aaea56e..5c0a9c9 100644 ---- a/src/extract.c -+++ b/src/extract.c -@@ -97,6 +97,9 @@ struct delayed_set_stat - /* Directory that the name is relative to. */ - int change_dir; - -+ /* extended attributes*/ -+ size_t xattr_map_size; /* Size of the xattr map */ -+ struct xattr_array *xattr_map; - /* Length and contents of name. */ - size_t file_name_len; - char file_name[1]; -@@ -134,6 +137,9 @@ struct delayed_link - hard-linked together. */ - struct string_list *sources; - -+ size_t xattr_map_size; /* Size of the xattr map */ -+ struct xattr_array *xattr_map; -+ - /* The desired target of the desired link. */ - char target[1]; - }; -@@ -335,6 +341,8 @@ set_stat (char const *file_name, - utime_error (file_name); - } - -+ xattrs_xattrs_set(st, file_name, typeflag); -+ - if (0 < same_owner_option && ! interdir) - { - /* Some systems allow non-root users to give files away. Once this -@@ -431,6 +439,13 @@ delay_set_stat (char const *file_name, struct tar_stat_info const *st, - data->atflag = atflag; - data->after_links = 0; - data->change_dir = chdir_current; -+ if (st) -+ xheader_xattr_copy (st, &data->xattr_map, &data->xattr_map_size); -+ else -+ { -+ data->xattr_map = NULL; -+ data->xattr_map_size = 0; -+ } - strcpy (data->file_name, file_name); - delayed_set_stat_head = data; - if (must_be_dot_or_slash (file_name)) -@@ -673,6 +688,31 @@ maybe_recoverable (char *file_name, bool regular, bool *interdir_made) - return RECOVER_NO; - } - -+/* Restore stat extended attributes (xattr) for FILE_NAME, using information -+ given in *ST. Restore before extraction because they may affect layout. -+ If not restoring permissions, invert the -+ INVERT_PERMISSIONS bits from the file's current permissions. -+ TYPEFLAG specifies the type of the file. -+ FILE_CREATED indicates set_xattr has created the file */ -+static int -+set_xattr (char const *file_name, struct tar_stat_info const *st, -+ mode_t invert_permissions, char typeflag, int *file_created) -+{ -+ int status = 0; -+ bool interdir_made = false; -+ -+ if ((xattrs_option >= 0) && st->xattr_map_size) { -+ mode_t mode = current_stat_info.stat.st_mode & MODE_RWX & ~ current_umask; -+ -+ do -+ status = mknod (file_name, mode ^ invert_permissions, 0); -+ while (status && maybe_recoverable ((char *)file_name, false, &interdir_made)); -+ xattrs_xattrs_set(st, file_name, typeflag); -+ *file_created = 1; -+ } -+ return(status); -+} -+ - /* Fix the statuses of all directories whose statuses need fixing, and - which are not ancestors of FILE_NAME. If AFTER_LINKS is - nonzero, do this for all such directories; otherwise, stop at the -@@ -733,12 +773,15 @@ apply_nonancestor_delayed_set_stat (char const *file_name, bool after_links) - sb.stat.st_gid = data->gid; - sb.atime = data->atime; - sb.mtime = data->mtime; -+ sb.xattr_map = data->xattr_map; -+ sb.xattr_map_size = data->xattr_map_size; - set_stat (data->file_name, &sb, - -1, current_mode, current_mode_mask, - DIRTYPE, data->interdir, data->atflag); - } - - delayed_set_stat_head = data->next; -+ xheader_xattr_free (data->xattr_map, data->xattr_map_size); - free (data); - } - } -@@ -854,6 +897,7 @@ extract_dir (char *file_name, int typeflag) - - static int - open_output_file (char const *file_name, int typeflag, mode_t mode, -+ int file_created, - mode_t *current_mode, mode_t *current_mode_mask) - { - int fd; -@@ -864,6 +908,10 @@ open_output_file (char const *file_name, int typeflag, mode_t mode, - ? O_TRUNC | (dereference_option ? 0 : O_NOFOLLOW) - : O_EXCL)); - -+ /* File might be created in set_xattr. So clear O_EXCL to avoid open() failure */ -+ if (file_created) -+ openflag = openflag & ~O_EXCL; -+ - if (typeflag == CONTTYPE) - { - static int conttype_diagnosed; -@@ -934,6 +982,7 @@ extract_file (char *file_name, int typeflag) - bool interdir_made = false; - mode_t mode = (current_stat_info.stat.st_mode & MODE_RWX - & ~ (0 < same_owner_option ? S_IRWXG | S_IRWXO : 0)); -+ mode_t invert_permissions = 0 < same_owner_option ? mode & (S_IRWXG | S_IRWXO) : 0; - mode_t current_mode = 0; - mode_t current_mode_mask = 0; - -@@ -950,7 +999,17 @@ extract_file (char *file_name, int typeflag) - } - else - { -+ int file_created = 0; -+ if (set_xattr (file_name, ¤t_stat_info, invert_permissions, -+ typeflag, &file_created)) -+ { -+ skip_member (); -+ open_error (file_name); -+ return 1; -+ } -+ - while ((fd = open_output_file (file_name, typeflag, mode, -+ file_created, - ¤t_mode, ¤t_mode_mask)) - < 0) - { -@@ -1091,6 +1150,7 @@ create_placeholder_file (char *file_name, bool is_symlink, bool *interdir_made) - + strlen (file_name) + 1); - p->sources->next = 0; - strcpy (p->sources->string, file_name); -+ xheader_xattr_copy (¤t_stat_info, &p->xattr_map, &p->xattr_map_size); - strcpy (p->target, current_stat_info.link_name); - - h = delayed_set_stat_head; -@@ -1525,6 +1585,8 @@ apply_delayed_links (void) - st1.stat.st_gid = ds->gid; - st1.atime = ds->atime; - st1.mtime = ds->mtime; -+ st1.xattr_map = ds->xattr_map; -+ st1.xattr_map_size = ds->xattr_map_size; - set_stat (source, &st1, -1, 0, 0, SYMTYPE, - false, AT_SYMLINK_NOFOLLOW); - valid_source = source; -@@ -1539,6 +1601,8 @@ apply_delayed_links (void) - sources = next; - } - -+ xheader_xattr_free (ds->xattr_map, ds->xattr_map_size); -+ - { - struct delayed_link *next = ds->next; - free (ds); -diff --git a/src/list.c b/src/list.c -index cf2de09..6f52579 100644 ---- a/src/list.c -+++ b/src/list.c -@@ -604,6 +604,8 @@ decode_header (union block *header, struct tar_stat_info *stat_info, - assign_string (&stat_info->gname, - header->header.gname[0] ? header->header.gname : NULL); - -+ xheader_xattr_init(stat_info); -+ - if (format == OLDGNU_FORMAT && incremental_option) - { - stat_info->atime.tv_sec = TIME_FROM_HEADER (header->oldgnu_header.atime); -diff --git a/src/tar.c b/src/tar.c -index 928cfdd..75510d8 100644 ---- a/src/tar.c -+++ b/src/tar.c -@@ -304,6 +304,7 @@ enum - NO_UNQUOTE_OPTION, - NO_WILDCARDS_MATCH_SLASH_OPTION, - NO_WILDCARDS_OPTION, -+ NO_XATTR_OPTION, - NULL_OPTION, - NUMERIC_OWNER_OPTION, - OCCURRENCE_OPTION, -@@ -340,7 +341,8 @@ enum - VOLNO_FILE_OPTION, - WARNING_OPTION, - WILDCARDS_MATCH_SLASH_OPTION, -- WILDCARDS_OPTION -+ WILDCARDS_OPTION, -+ XATTR_OPTION - }; - - const char *argp_program_version = "tar (" PACKAGE_NAME ") " VERSION; -@@ -516,6 +518,10 @@ static struct argp_option options[] = { - {"preserve-order", 's', 0, 0, - N_("sort names to extract to match archive"), GRID+1 }, - {"same-order", 0, 0, OPTION_ALIAS, NULL, GRID+1 }, -+ {"xattrs", XATTR_OPTION, 0, 0, -+ N_("Save the user/root xattrs to the archive"), GRID+1 }, -+ {"no-xattrs", NO_XATTR_OPTION, 0, 0, -+ N_("Don't extract the user/root xattrs from the archive"), GRID+1 }, - {"preserve", PRESERVE_OPTION, 0, 0, - N_("same as both -p and -s"), GRID+1 }, - {"delay-directory-restore", DELAY_DIRECTORY_RESTORE_OPTION, 0, 0, -@@ -2079,6 +2085,15 @@ parse_opt (int key, char *arg, struct argp_state *state) - same_permissions_option = -1; - break; - -+ case XATTR_OPTION: -+ set_archive_format ("posix"); -+ xattrs_option = 1; -+ break; -+ -+ case NO_XATTR_OPTION: -+ xattrs_option = -1; -+ break; -+ - case RECURSION_OPTION: - recursion_option = FNM_LEADING_DIR; - break; -@@ -2461,6 +2476,15 @@ decode_options (int argc, char **argv) - || subcommand_option != LIST_SUBCOMMAND)) - USAGE_ERROR ((0, 0, _("--pax-option can be used only on POSIX archives"))); - -+ /* star create's non-POSIX typed archives with xattr support, so allow the -+ extra headers */ -+ if ((xattrs_option > 0) -+ && archive_format != POSIX_FORMAT -+ && (subcommand_option != EXTRACT_SUBCOMMAND -+ || subcommand_option != DIFF_SUBCOMMAND -+ || subcommand_option != LIST_SUBCOMMAND)) -+ USAGE_ERROR ((0, 0, _("--xattrs can be used only on POSIX archives"))); -+ - /* If ready to unlink hierarchies, so we are for simpler files. */ - if (recursive_unlink_option) - old_files_option = UNLINK_FIRST_OLD_FILES; -@@ -2713,6 +2737,7 @@ void - tar_stat_destroy (struct tar_stat_info *st) - { - tar_stat_close (st); -+ xheader_xattr_free (st->xattr_map, st->xattr_map_size); - free (st->orig_file_name); - free (st->file_name); - free (st->link_name); -diff --git a/src/tar.h b/src/tar.h -index ce9850c..955b18e 100644 ---- a/src/tar.h -+++ b/src/tar.h -@@ -276,6 +276,14 @@ struct xheader - uintmax_t string_length; - }; - -+/* Information about xattrs for a file. */ -+struct xattr_array -+ { -+ char *xkey; -+ char *xval_ptr; -+ size_t xval_len; -+ }; -+ - struct tar_stat_info - { - char *orig_file_name; /* name of file read from the archive header */ -@@ -287,6 +295,7 @@ struct tar_stat_info - - char *uname; /* user name of owner */ - char *gname; /* group name of owner */ -+ - struct stat stat; /* regular filesystem stat */ - - /* STAT doesn't always have access, data modification, and status -@@ -309,6 +318,9 @@ struct tar_stat_info - size_t sparse_map_size; /* Size of the sparse map */ - struct sp_array *sparse_map; - -+ size_t xattr_map_size; /* Size of the xattr map */ -+ struct xattr_array *xattr_map; -+ - /* Extended headers */ - struct xheader xhdr; - -diff --git a/src/xattrs.c b/src/xattrs.c -new file mode 100644 -index 0000000..6a9950e ---- /dev/null -+++ b/src/xattrs.c -@@ -0,0 +1,181 @@ -+/* Create a tar archive. -+ -+ Copyright (C) 2006 Free Software Foundation, Inc. -+ -+ Written by James Antill, on 2006-07-27. -+ -+ This program is free software; you can redistribute it and/or modify it -+ under the terms of the GNU General Public License as published by the -+ Free Software Foundation; either version 2, or (at your option) any later -+ version. -+ -+ This program is distributed in the hope that it will be useful, but -+ WITHOUT ANY WARRANTY; without even the implied warranty of -+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General -+ Public License for more details. -+ -+ You should have received a copy of the GNU General Public License along -+ with this program; if not, write to the Free Software Foundation, Inc., -+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. */ -+ -+#include <system.h> -+ -+#include <quotearg.h> -+ -+#include "common.h" -+ -+ -+#ifndef HAVE_ATTR_XATTR_H -+# undef HAVE_XATTRS -+#endif -+ -+#ifdef HAVE_ATTR_XATTR_H -+# include <attr/xattr.h> -+#endif -+ -+ -+void xattrs_xattrs_get(struct tar_stat_info *st, char const *file_name, int fd) -+{ -+ if (xattrs_option > 0) -+ { /* get all xattrs ... this include security.* and system.* if -+ available. We filter them here, but we have to filter them -+ in xattrs_xattrs_set() anyway. -+ */ -+ static ssize_t xsz = 1024; -+ static char *xatrs = NULL; -+ ssize_t xret = -1; -+ -+#ifndef HAVE_XATTRS -+ static int done = 0; -+ if ((xattrs_option > 0) && !done) -+ WARN ((0, 0, _("Xattr support requested, but not available"))); -+ done = 1; -+#else -+ -+ if (!xatrs) xatrs = xmalloc (xsz); -+ -+ while (((fd == -1) ? -+ ((xret = llistxattr (file_name, xatrs, xsz)) == -1) : -+ ((xret = flistxattr (fd, xatrs, xsz)) == -1)) && -+ (errno == ERANGE)) -+ { -+ xsz <<= 1; -+ xatrs = xrealloc (xatrs, xsz); -+ } -+ -+ if (xret == -1) -+ call_arg_warn ((fd == -1) ? "llistxattrs" : "flistxattrs", file_name); -+ else -+ { -+ const char *attr = xatrs; -+ static ssize_t asz = 1024; -+ static char *val = NULL; -+ -+ if (!val) val = xmalloc (asz); -+ -+ while (xret > 0) -+ { -+ size_t len = strlen (attr); -+ ssize_t aret = 0; -+ -+ /* Archive all xattrs during creation, decide at extraction time -+ * which ones are of interest/use for the target filesystem. */ -+ while (((fd == -1) ? -+ ((aret = lgetxattr (file_name, attr, val, asz)) == -1) : -+ ((aret = fgetxattr (fd, attr, val, asz)) == -1)) && -+ (errno == ERANGE)) -+ { -+ asz <<= 1; -+ val = xrealloc (val, asz); -+ } -+ -+ if (aret != -1) -+ xheader_xattr_add (st, attr, val, aret); -+ else if (errno != ENOATTR) -+ call_arg_warn ((fd==-1) ? "lgetxattr" : "fgetxattr", file_name); -+ -+ attr += len + 1; -+ xret -= len + 1; -+ } -+ } -+#endif -+ } -+} -+ -+static void xattrs__fd_set(struct tar_stat_info const *st, -+ char const *file_name, char typeflag, -+ const char *attr, -+ const char *ptr, size_t len) -+{ -+#ifdef HAVE_XATTRS -+ if (ptr) -+ { -+ const char *sysname = "setxattr"; -+ int ret = -1; -+ -+ if (typeflag != SYMTYPE) -+ ret = setxattr (file_name, attr, ptr, len, 0); -+ else -+ { -+ sysname = "lsetxattr"; -+ ret = lsetxattr (file_name, attr, ptr, len, 0); -+ } -+ -+ /* do not print warnings when SELinux is disabled */ -+ if ((ret == -1) && (errno != EPERM) && (errno != ENOTSUP)) -+ call_arg_error(sysname, file_name); -+ } -+#endif -+} -+ -+static char *skip_to_ext_fields(char *ptr) -+{ -+ ptr += strcspn(ptr, ":,\n"); /* skip tag name. Ie. user/group/default/mask */ -+ -+ if (*ptr != ':') -+ return (ptr); /* error? no user/group field */ -+ ++ptr; -+ -+ ptr += strcspn(ptr, ":,\n"); /* skip user/group name */ -+ -+ if (*ptr != ':') -+ return (ptr); /* error? no perms field */ -+ ++ptr; -+ -+ ptr += strcspn(ptr, ":,\n"); /* skip perms */ -+ -+ if (*ptr != ':') -+ return (ptr); /* no extra fields */ -+ -+ return (ptr); -+} -+ -+void xattrs_xattrs_set(struct tar_stat_info const *st, -+ char const *file_name, char typeflag) -+{ -+ if ((xattrs_option >= 0) && st->xattr_map_size) -+ { -+ size_t scan = 0; -+ -+#ifndef HAVE_XATTRS -+ static int done = 0; -+ if (!done) -+ WARN ((0, 0, _("Xattr support requested, but not available"))); -+ done = 1; -+#else -+ while (scan < st->xattr_map_size) -+ { -+ char *keyword = st->xattr_map[scan].xkey; -+ -+ /* assert (!memcpy (keyword, "SCHILY.xattr.", strlen("SCHILY.xattr."))); */ -+ keyword += strlen("SCHILY.xattr."); -+ -+ xattrs__fd_set (st, file_name, typeflag, keyword, -+ st->xattr_map[scan].xval_ptr, -+ st->xattr_map[scan].xval_len); -+ -+ ++scan; -+ } -+#endif -+ } -+} -diff --git a/src/xattrs.h b/src/xattrs.h -new file mode 100644 -index 0000000..7ffdce1 ---- /dev/null -+++ b/src/xattrs.h -@@ -0,0 +1,6 @@ -+ -+extern void xattrs_xattrs_get(struct tar_stat_info *st, -+ char const *file_name, int fd); -+ -+extern void xattrs_xattrs_set(struct tar_stat_info const *st, -+ char const *file_name, char typeflag); -diff --git a/src/xheader.c b/src/xheader.c -index 2284e97..557b3e5 100644 ---- a/src/xheader.c -+++ b/src/xheader.c -@@ -460,6 +460,74 @@ xheader_write_global (struct xheader *xhdr) - } - } - -+void xheader_xattr_init(struct tar_stat_info *st) -+{ -+ st->xattr_map = NULL; -+ st->xattr_map_size = 0; -+} -+ -+void xheader_xattr_free(struct xattr_array *xattr_map, size_t xattr_map_size) -+{ -+ size_t scan = 0; -+ -+ while (scan < xattr_map_size) -+ { -+ free (xattr_map[scan].xkey); -+ free (xattr_map[scan].xval_ptr); -+ -+ ++scan; -+ } -+ free (xattr_map); -+} -+ -+static void xheader_xattr__add(struct xattr_array **xattr_map, -+ size_t *xattr_map_size, -+ const char *key, const char *val, size_t len) -+{ -+ size_t pos = (*xattr_map_size)++; -+ -+ *xattr_map = xrealloc (*xattr_map, -+ *xattr_map_size * sizeof(struct xattr_array)); -+ (*xattr_map)[pos].xkey = xstrdup (key); -+ (*xattr_map)[pos].xval_ptr = xmemdup (val, len + 1); -+ (*xattr_map)[pos].xval_len = len; -+} -+ -+void xheader_xattr_add(struct tar_stat_info *st, -+ const char *key, const char *val, size_t len) -+{ -+ size_t klen = strlen (key); -+ char *xkey = xmalloc (strlen("SCHILY.xattr.") + klen + 1); -+ char *tmp = xkey; -+ -+ tmp = stpcpy (tmp, "SCHILY.xattr."); -+ tmp = stpcpy (tmp, key); -+ -+ xheader_xattr__add (&st->xattr_map, &st->xattr_map_size, xkey, val, len); -+ -+ free (xkey); -+} -+ -+void xheader_xattr_copy(const struct tar_stat_info *st, -+ struct xattr_array **xattr_map, size_t *xattr_map_size) -+{ -+ size_t scan = 0; -+ -+ *xattr_map = NULL; -+ *xattr_map_size = 0; -+ -+ while (scan < st->xattr_map_size) -+ { -+ char *key = st->xattr_map[scan].xkey; -+ char *val = st->xattr_map[scan].xval_ptr; -+ size_t len = st->xattr_map[scan].xval_len; -+ -+ xheader_xattr__add(xattr_map, xattr_map_size, key, val, len); -+ -+ ++scan; -+ } -+} -+ - - /* General Interface */ - -@@ -473,6 +541,7 @@ struct xhdr_tab - struct xheader *, void const *data); - void (*decoder) (struct tar_stat_info *, char const *, char const *, size_t); - int flags; -+ bool prefix; - }; - - /* This declaration must be extern, because ISO C99 section 6.9.2 -@@ -489,8 +558,17 @@ locate_handler (char const *keyword) - struct xhdr_tab const *p; - - for (p = xhdr_tab; p->keyword; p++) -- if (strcmp (p->keyword, keyword) == 0) -- return p; -+ if (p->prefix) -+ { -+ if (strncmp (p->keyword, keyword, strlen(p->keyword)) == 0) -+ return p; -+ } -+ else -+ { -+ if (strcmp (p->keyword, keyword) == 0) -+ return p; -+ } -+ - return NULL; - } - -@@ -500,7 +578,7 @@ xheader_protected_pattern_p (const char *pattern) - struct xhdr_tab const *p; - - for (p = xhdr_tab; p->keyword; p++) -- if ((p->flags & XHDR_PROTECTED) && fnmatch (pattern, p->keyword, 0) == 0) -+ if (!p->prefix && (p->flags & XHDR_PROTECTED) && fnmatch (pattern, p->keyword, 0) == 0) - return true; - return false; - } -@@ -511,7 +589,7 @@ xheader_protected_keyword_p (const char *keyword) - struct xhdr_tab const *p; - - for (p = xhdr_tab; p->keyword; p++) -- if ((p->flags & XHDR_PROTECTED) && strcmp (p->keyword, keyword) == 0) -+ if (!p->prefix && (p->flags & XHDR_PROTECTED) && strcmp (p->keyword, keyword) == 0) - return true; - return false; - } -@@ -1470,6 +1548,27 @@ volume_filename_decoder (struct tar_stat_info *st, - } - - static void -+xattr_coder (struct tar_stat_info const *st , char const *keyword, -+ struct xheader *xhdr, void const *data) -+{ -+ struct xattr_array *xattr_map = st->xattr_map; -+ const size_t *off = data; -+ xheader_print_n (xhdr, keyword, -+ xattr_map[*off].xval_ptr, xattr_map[*off].xval_len); -+} -+ -+static void -+xattr_decoder (struct tar_stat_info *st, -+ char const *keyword, char const *arg, size_t size) -+{ -+ char *xstr = NULL; -+ -+ xstr = xmemdup(arg, size + 1); -+ xheader_xattr_add(st, keyword + strlen("SCHILY.xattr."), xstr, size); -+ free(xstr); -+} -+ -+static void - sparse_major_coder (struct tar_stat_info const *st, char const *keyword, - struct xheader *xhdr, void const *data) - { -@@ -1506,53 +1605,53 @@ sparse_minor_decoder (struct tar_stat_info *st, - } - - struct xhdr_tab const xhdr_tab[] = { -- { "atime", atime_coder, atime_decoder, 0 }, -- { "comment", dummy_coder, dummy_decoder, 0 }, -- { "charset", dummy_coder, dummy_decoder, 0 }, -- { "ctime", ctime_coder, ctime_decoder, 0 }, -- { "gid", gid_coder, gid_decoder, 0 }, -- { "gname", gname_coder, gname_decoder, 0 }, -- { "linkpath", linkpath_coder, linkpath_decoder, 0 }, -- { "mtime", mtime_coder, mtime_decoder, 0 }, -- { "path", path_coder, path_decoder, 0 }, -- { "size", size_coder, size_decoder, 0 }, -- { "uid", uid_coder, uid_decoder, 0 }, -- { "uname", uname_coder, uname_decoder, 0 }, -+ { "atime", atime_coder, atime_decoder, 0, false }, -+ { "comment", dummy_coder, dummy_decoder, 0, false }, -+ { "charset", dummy_coder, dummy_decoder, 0, false }, -+ { "ctime", ctime_coder, ctime_decoder, 0, false }, -+ { "gid", gid_coder, gid_decoder, 0, false }, -+ { "gname", gname_coder, gname_decoder, 0, false }, -+ { "linkpath", linkpath_coder, linkpath_decoder, 0, false }, -+ { "mtime", mtime_coder, mtime_decoder, 0, false }, -+ { "path", path_coder, path_decoder, 0, false }, -+ { "size", size_coder, size_decoder, 0, false }, -+ { "uid", uid_coder, uid_decoder, 0, false }, -+ { "uname", uname_coder, uname_decoder, 0, false }, - - /* Sparse file handling */ - { "GNU.sparse.name", path_coder, path_decoder, -- XHDR_PROTECTED }, -+ XHDR_PROTECTED, false }, - { "GNU.sparse.major", sparse_major_coder, sparse_major_decoder, -- XHDR_PROTECTED }, -+ XHDR_PROTECTED, false }, - { "GNU.sparse.minor", sparse_minor_coder, sparse_minor_decoder, -- XHDR_PROTECTED }, -+ XHDR_PROTECTED, false }, - { "GNU.sparse.realsize", sparse_size_coder, sparse_size_decoder, -- XHDR_PROTECTED }, -+ XHDR_PROTECTED, false }, - { "GNU.sparse.numblocks", sparse_numblocks_coder, sparse_numblocks_decoder, -- XHDR_PROTECTED }, -+ XHDR_PROTECTED, false }, - - /* tar 1.14 - 1.15.90 keywords. */ - { "GNU.sparse.size", sparse_size_coder, sparse_size_decoder, -- XHDR_PROTECTED }, -+ XHDR_PROTECTED, false }, - /* tar 1.14 - 1.15.1 keywords. Multiple instances of these appeared in 'x' - headers, and each of them was meaningful. It confilcted with POSIX specs, - which requires that "when extended header records conflict, the last one - given in the header shall take precedence." */ - { "GNU.sparse.offset", sparse_offset_coder, sparse_offset_decoder, -- XHDR_PROTECTED }, -+ XHDR_PROTECTED, false }, - { "GNU.sparse.numbytes", sparse_numbytes_coder, sparse_numbytes_decoder, -- XHDR_PROTECTED }, -+ XHDR_PROTECTED, false }, - /* tar 1.15.90 keyword, introduced to remove the above-mentioned conflict. */ - { "GNU.sparse.map", NULL /* Unused, see pax_dump_header() */, -- sparse_map_decoder, 0 }, -+ sparse_map_decoder, 0, false }, - - { "GNU.dumpdir", dumpdir_coder, dumpdir_decoder, -- XHDR_PROTECTED }, -+ XHDR_PROTECTED, false }, - - /* Keeps the tape/volume label. May be present only in the global headers. - Equivalent to GNUTYPE_VOLHDR. */ - { "GNU.volume.label", volume_label_coder, volume_label_decoder, -- XHDR_PROTECTED | XHDR_GLOBAL }, -+ XHDR_PROTECTED | XHDR_GLOBAL, false }, - - /* These may be present in a first global header of the archive. - They provide the same functionality as GNUTYPE_MULTIVOL header. -@@ -1561,11 +1660,14 @@ struct xhdr_tab const xhdr_tab[] = { - GNU.volume.offset keeps the offset of the start of this volume, - otherwise kept in oldgnu_header.offset. */ - { "GNU.volume.filename", volume_label_coder, volume_filename_decoder, -- XHDR_PROTECTED | XHDR_GLOBAL }, -+ XHDR_PROTECTED | XHDR_GLOBAL, false }, - { "GNU.volume.size", volume_size_coder, volume_size_decoder, -- XHDR_PROTECTED | XHDR_GLOBAL }, -+ XHDR_PROTECTED | XHDR_GLOBAL, false }, - { "GNU.volume.offset", volume_offset_coder, volume_offset_decoder, -- XHDR_PROTECTED | XHDR_GLOBAL }, -+ XHDR_PROTECTED | XHDR_GLOBAL, false }, -+ -+ /* xattrs use the star format. note we only save some variants... */ -+ { "SCHILY.xattr", xattr_coder, xattr_decoder, 0, true }, - -- { NULL, NULL, NULL, 0 } -+ { NULL, NULL, NULL, 0, false } - }; diff --git a/app-arch/tar/files/tar.1 b/app-arch/tar/files/tar.1 deleted file mode 100644 index 42fd22f1..00000000 --- a/app-arch/tar/files/tar.1 +++ /dev/null @@ -1,816 +0,0 @@ -.TH TAR 1 "Mar 2010" "GNU" "tar" -.SH NAME -tar \- The GNU version of the tape archiver (tar) utility -.SH SYNOPSIS -.B tar -.I <operation> [options] - -.I Operations: -.nf -.B [-]A --catenate --concatenate -.B [-]c --create -.B [-]d --diff --compare -.B [-]r --append -.B [-]t --list -.B [-]u --update -.B [-]x --extract --get -.B --delete -.fi - -.I Common Options: -.nf -.BR -C ", " --directory " DIR" -.BR -f ", " --file " FILE" -.BR -j ", " --bzip2 -.BR -J ", " --xz -.BR -p ", " --preserve-permissions -.BR -v ", " --verbose -.BR -z ", " --gzip -.fi - -.I All Options: -.br -[ -.BR -a ", " --auto-compress -] -[ -.BR --add-file " FILE" -] -[ -.BR --anchored -] -[ -.BR --atime-preserve -] -[ -.BR -b ", " --blocking-factor " N" -] -[ -.BR -B ", " --read-full-records -] -[ -.BR --backup " BACKUP-TYPE" -] -[ -.BR --block-compress -] -[ -.BR -C ", " --directory " DIR" -] -[ -.BR --checkpoint -] -[ -.BR --delay-directory-restore -] -[ -.BR --exclude " PATTERN" -] -[ -.BR --exclude-caches -] -[ -.BR --exclude-caches-all -] -[ -.BR --exclude-caches-under -] -[ -.BR --exclude-tag " FILE" -] -[ -.BR --exclude-tag-all " FILE" -] -[ -.BR --exclude-tag-under " FILE" -] -[ -.BR -f ", " --file " [HOSTNAME:]FILE" -] -[ -.BR -F ", " --info-script " FILE, " --new-volume-script " FILE" -] -[ -.BR --force-local -] -[ -.BR --format " FORMAT" -] -[ -.BR -g ", " --listed-incremental " SNAPSHOT" -] -[ -.BR -G ", " --incremental -] -[ -.BR --group " GROUP" -] -[ -.BR -h ", " --dereference -] -[ -.BR --help -] -[ -.BR -i ", " --ignore-zeros -] -[ -.BR -I ", " --use-compress-program " PROG" -] -[ -.BR --ignore-case -] -[ -.BR --ignore-command-error -] -[ -.BR --ignore-failed-read -] -[ -.BR --index-file " FILE" -] -[ -.BR -j ", " --bzip2 -] -[ -.BR -J ", " --xz -] -[ -.BR -k ", " --keep-old-files -] -[ -.BR -K ", " --starting-file " FILE" -] -[ -.BR --keep-newer-files -] -[ -.BR -l ", " --check-links -] -[ -.BR -L ", " --tape-length " N" -] -[ -.BR --lzip -] -[ -.BR --lzma -] -[ -.BR --lzop -] -[ -.BR -m ", " --touch ", " --modification-time -] -[ -.BR -M ", " --multi-volume -] -[ -.BR --mode " PERMISSIONS" -] -[ -.BR --mtime " DATE" -] -[ -.BR -N ", " --after-date " DATE, " --newer " DATE" -] -[ -.BR --newer-mtime " DATE" -] -[ -.BR --no-anchored -] -[ -.BR --no-auto-compress -] -[ -.BR --no-delay-directory-restore -] -[ -.BR --no-ignore-case -] -[ -.BR --no-ignore-command-error -] -[ -.BR --no-overwrite-dir -] -[ -.BR --no-quote-chars -] -[ -.BR --no-recursion -] -[ -.BR --no-same-permissions -] -[ -.BR --no-unquote -] -[ -.BR --no-wildcards -] -[ -.BR --no-wildcards-match-slash -] -[ -.BR --null -] -[ -.BR --numeric-owner -] -[ -.BR -o ", " --old-archive ", " --portability ", " --no-same-owner -] -[ -.BR -O ", " --to-stdout -] -[ -.BR --occurrence " NUM" -] -[ -.BR --one-file-system -] -[ -.BR --overwrite -] -[ -.BR --overwrite-dir -] -[ -.BR --owner " USER" -] -[ -.BR -p ", " --same-permissions ", " --preserve-permissions -] -[ -.BR -P ", " --absolute-names -] -[ -.BR --pax-option " KEYWORD-LIST" -] -[ -.BR --posix -] -[ -.BR --preserve -] -[ -.BR --quote-chars " STRING" -] -[ -.BR --quote-style " STYLE" -] -[ -.BR -R ", " --block-number -] -[ -.BR --record-size " SIZE" -] -[ -.BR --recursion -] -[ -.BR --recursive-unlink -] -[ -.BR --remove-files -] -[ -.BR --restrict -] -[ -.BR --rmt-command " CMD" -] -[ -.BR --rsh-command " CMD" -] -[ -.BR -s ", " --same-order ", " --preserve-order -] -[ -.BR -S ", " --sparse -] -[ -.BR --same-owner -] -[ -.BR --show-defaults -] -[ -.BR --show-omitted-dirs -] -[ -.BR --show-transformed-names ", " --show-stored-names -] -[ -.BR --strip-components " NUMBER" -] -[ -.BR --suffix " SUFFIX" -] -[ -.BR -T ", " --files-from " FILE" -] -[ -.BR --test-label -] -[ -.BR --to-command " COMMAND" -] -[ -.BR --transform " EXPRESSION" -] -[ -.BR --totals -] -[ -.BR -U ", " --unlink-first -] -[ -.BR --unquote -] -[ -.BR --utc -] -[ -.BR -v ", " --verbose -] -[ -.BR -V ", " --label " NAME" -] -[ -.BR --version -] -[ -.BR --volno-file " FILE" -] -[ -.BR -w ", " --interactive ", " --confirmation -] -[ -.BR -W ", " --verify -] -[ -.BR --wildcards -] -[ -.BR --wildcards-match-slash -] -[ -.BR -X ", " --exclude-from " FILE" -] -[ -.BR -z ", " --gzip ", " --gunzip ", " --ungzip -] -[ -.BR -Z ", " --compress ", " --uncompress -] -[ -.BR -[0-7][lmh] -] -.SH DESCRIPTION -This manual page documents the GNU version of \fBtar\fR, an archiving -program designed to store and extract files from an archive file known -as a \fItarfile\fR. A \fItarfile\fR may be made on a tape drive, -however, it is also common to write a \fItarfile\fR to a normal file. -The first argument to \fBtar\fR must be one of the options \fBAcdrtux\fR, -followed by any optional functions. The final arguments to \fBtar\fR -are the names of the files or directories which should be archived. The -use of a directory name always implies that the subdirectories below -should be included in the archive. -.SH EXAMPLES -.TP -.B tar -xvf foo.tar -verbosely extract foo.tar -.TP -.B tar -xzf foo.tar.gz -extract gzipped foo.tar.gz -.TP -.B tar -cjf foo.tar.bz2 bar/ -create bzipped tar archive of the directory bar called foo.tar.bz2 -.TP -.B tar -xjf foo.tar.bz2 -C bar/ -extract bzipped foo.tar.bz2 after changing directory to bar -.TP -.B tar -xzf foo.tar.gz blah.txt -extract the file blah.txt from foo.tar.gz -.P -Note: When working with archives, specifying the compression option is often -times unnecessary as \fBtar\fR will automatically detect the compression type -based on the suffix of the archive. -.SH "FUNCTION LETTERS" -.TP -.B One of the following options must be used: -.TP -.BR -A ", " --catenate ", " --concatenate -append tar files to an archive -.TP -.BR -c ", " --create -create a new archive -.TP -.BR -d ", " --diff ", " --compare -find differences between archive and file system -.TP -.BR -r ", " --append -append files to the end of an archive -.TP -.BR -t ", " --list -list the contents of an archive -.TP -.BR -u ", " --update -only append files that are newer than the existing in archive -.TP -.BR -x ", " --extract ", " --get -extract files from an archive -.TP -.BR --delete -delete from the archive (not for use on magnetic tapes!) -.SH "COMMON OPTIONS" -.TP -.BR -C ", " --directory " DIR" -change to directory DIR -.TP -.BR -f ", " --file " [HOSTNAME:]FILE" -use archive file or device FILE (default is "-", meaning stdin/stdout) -.TP -.BR -j ", " --bzip2 -filter archive through bzip2; use to decompress .bz2 files -.TP -.BR -J ", " --xz -filter archive through xz; use to decompress .xz files -.TP -.BR -p ", " --preserve-permissions -extract all protection information -.TP -.BR -v ", " --verbose -verbosely list files processed -.TP -.BR -z ", " --gzip ", " --ungzip -filter the archive through gzip -.SH "ALL OPTIONS" -.TP -.BR -a ", " --auto-compress -use archive suffix to determine the compression program -.TP -.BR --add-file " FILE" -add specified FILE to the archive (useful if FILE starts with a dash) -.TP -.BR --anchored -patterns will match the start of file names -.TP -.BR --atime-preserve -don't change access times of files that are archived -.TP -.BR -b ", " --blocking-factor " N" -block size of Nx512 bytes (default N=20) -.TP -.BR -B ", " --read-full-blocks -reblock as we read (for reading 4.2BSD pipes) -.TP -.BR --backup " BACKUP-TYPE" -backup files instead of deleting them using BACKUP-TYPE simple or -numbered -.TP -.BR --block-compress -block the output of compression program for tapes -.TP -.BR -C ", " --directory " DIR" -change to directory DIR -.TP -.BR --checkpoint -print directory names while reading the archive -.TP -.BR --delay-directory-restore -delay setting modification times and permissions of extracted directories -until the end of extraction -.TP -.BR --exclude " PATTERN" -exclude files based upon PATTERN -.TP -.BR --exclude-caches -exclude directories that contain a cache directory tag -.TP -.BR --exclude-tag " FILE" -exclude directories that contain a file named FILE -.TP -.BR -f ", " --file " [HOSTNAME:]FILE" -use archive file or device FILE (default "-", meaning stdin/stdout) -.TP -.BR -F ", " --info-script " FILE, " --new-volume-script " FILE" -run script at end of each tape (implies \fI--multi-volume\fR) -.TP -.BR --force-local -archive file is local even if its name contains a colon -.TP -.BR --format " FORMAT" -selects the format of the created archive -.nf -\fIv7\fR - Unix V7 -\fIoldgnu\fR - GNU tar <=1.12 -\fIgnu\fR - GNU tar 1.13 -\fIustar\fR - POSIX.1-1988 -\fIposix\fR - POSIX.1-2001 -.fi -.TP -.BR -g ", " --listed-incremental " SNAPSHOT" -create/list/extract new GNU-format incremental backup -.TP -.BR --group " GROUP" -give files added to the archive a group id of GROUP instead of the group id -of the source file; this option does not affect extraction -.TP -.BR -G ", " --incremental -create/list/extract old GNU-format incremental backup -.TP -.BR -h ", " --dereference -don't archive symlinks; archive the files they point to -.TP -.BR --help -like this manpage, but not as cool -.TP -.BR -i ", " --ignore-zeros -ignore blocks of zeros in archive (normally mean EOF) -.TP -.BR -I ", " --use-compress-program " PROG" -access the archive through PROG (which is generally a compression program; -it must accept the \fI-d\fR option) -.TP -.BR --ignore-case -ignore case when excluding files -.TP -.BR --ignore-command-error -ignore exit codes of subprocesses -.TP -.BR --ignore-failed-read -don't exit with non-zero status on unreadable files -.TP -.BR --index-file " FILE" -send verbose output to FILE instead of stdout -.TP -.BR -j ", " --bzip2 -filter archive through bzip2, use to decompress .bz2 files -.TP -.BR -J ", " --xz -filter archive through xz; use to decompress .xz files -.TP -.BR -k ", " --keep-old-files -keep existing files; don't overwrite them from archive -.TP -.BR -K ", " --starting-file " FILE" -begin at file FILE in the archive -.TP -.BR --keep-newer-files -do not overwrite files which are newer than the archive -.TP -.BR -l ", " --check-links -warn if number of hard links to the file on the filesystem mismatchs -the number of links recorded in the archive -.TP -.BR -L ", " --tape-length " N" -change tapes after writing N*1024 bytes -.TP -.BR -m ", " --touch ", " --modification-time -don't extract file modified time -.TP -.BR -M ", " --multi-volume -create/list/extract multi-volume archive -.TP -.BR --mode " PERMISSIONS" -apply PERMISSIONS while adding files (see \fBchmod\fR(1)) -.TP -.BR --mtime " DATE" -when creating archives, use DATE as the modification time of the members, -instead of their actual modification times -.TP -.BR -N ", " --after-date " DATE, " --newer " DATE" -only store files that were modified or had status updates (permissions, -ACLs, extended attributes, ...) since DATE -.TP -.BR --newer-mtime " DATE" -like \fI--newer\fR, but only store files that were modified since DATE -.TP -.BR --no-anchored -match any subsequenceof the name's components with \fI--exclude\fR -.TP -.BR --no-auto-compress -do not use archive suffix to determine the compression program -.TP -.BR --no-delay-directory-restore -modification times and permissions of extracted directories are set when -all files from this directory have been extracted; this is the default -.TP -.BR --no-ignore-command-error -print warnings about subprocesses that terminated with a non-zero exit code -.TP -.BR --no-ignore-case -use case-sensitive matching with \fI--exclude\fR -.TP -.BR --no-overwrite-dir -preserve metadata of existing directories when extracting files from an -archive -.TP -.BR --no-quote-chars " STRING" -remove characters listed in STRING from the list of quoted characters -set by a previous \fI--quote-chars\fR option -.TP -.BR --no-recursion -don't recurse into directories -.TP -.BR --no-same-permissions -apply user's umask when extracting files instead of recorded permissions -.TP -.BR --no-unquote -treat all input file or member names literally, do not interpret -escape sequences -.TP -.BR --no-wildcards -don't use wildcards with \fI--exclude\fR -.TP -.BR --no-wildcards-match-slash -wildcards do not match slashes (/) with \fI--exclude\fR -.TP -.BR --null -\fI--files-from\fR reads null-terminated names, disable \fI--directory\fR -.TP -.BR --numeric-owner -always use numbers for user/group names -.TP -.BR -o ", " --old-archive ", " --portability -like \fI--format=v7\fR; \fI-o\fR exhibits this behavior when creating an -archive (deprecated behavior) -.TP -.BR -o ", " --no-same-owner -do not attempt to restore ownership when extracting; \fI-o\fR exhibits -this behavior when extracting an archive -.TP -.BR -O ", " --to-stdout -extract files to standard output -.TP -.BR --occurrence " NUM" -process only NUM occurrences of each named file; used with -\fI--delete\fR, \fI--diff\fR, \fI--extract\fR, or \fI--list\fR -.TP -.BR --one-file-system -stay in local file system when creating an archive -.TP -.BR --one-file-system -stay in local file system when creating an archive -.TP -.BR --overwrite -overwrite existing files and directory metadata when extracting -.TP -.BR --overwrite-dir -overwrite directory metadata when extracting -.TP -.BR --owner " USER" -give files added to the archive a user id of USER instead of the user id -of the source file; this option does not affect extraction -.TP -.BR -p ", " --preserve-permissions ", " --same-permissions -extract all protection information -.TP -.BR -P ", " --absolute-names -don't strip leading `/'s from file names -.TP -.BR --pax-option " KEYWORD-LIST" -used only with POSIX.1-2001 archives to modify the way \fBtar\fR handles -extended header keywords -.TP -.BR --posix -like \fI--format=posix\fR -.TP -.BR --preserve -like \fI--preserve-permissions\fR plus \fI--same-order\fR -.TP -.BR --quote-chars " STRING" -always quote the characters from STRING, even if the selected quoting -style would not quote them -.TP -.BR --quote-style " STYLE" -set the quoting style to be used when printing member and file names -.TP -.BR -R ", " --record-number -show record number within archive with each message -.TP -.BR --record-size " SIZE" -use SIZE bytes per record when accessing archives -.TP -.BR --recursion -recurse into directories -.TP -.BR --recursive-unlink -remove existing directories before extracting directories of the same name -.TP -.BR --remove-files -remove files after adding them to the archive -.TP -.BR --restrict -disable the use of some potentially harmful options; currently this -disables shell invocation from the multi-volume menu -.TP -.BR --rmt-command " CMD" -use CMD instead of the default /usr/sbin/rmt -.TP -.BR --rsh-command " CMD" -use remote CMD instead of \fBrsh\fR(1) -.TP -.BR -s ", " --same-order ", " --preserve-order -list of names to extract is sorted to match archive -.TP -.BR -S ", " --sparse -handle sparse files efficiently -.TP -.BR --same-owner -create extracted files with the same ownership -.TP -.BR --show-defaults -display the default options used by \fBtar\fR -.TP -.BR --show-omitted-dirs -print directories \fBtar\fR skips while operating on an archive -.TP -.BR --show-transformed-names ", " --show-stored-names -display file or member names after applying any \fBsed\fR transformations -.TP -.BR --strip-components " NUMBER" -strip NUMBER of leading path components from file names before extraction -.TP -.BR --suffix " SUFFIX" -use SUFFIX instead of default '~' when backing up files -.TP -.BR -T ", " --files-from " FILE" -get names to extract or create from file FILE -.TP -.BR --test-label -read the volume label; if an argument is specified, test whether it -matches the volume label -.TP -.BR --to-command " COMMAND" -during extraction, pipe extracted files to the standard input of COMMAND -.TP -.BR --totals -print total bytes written with --create -.TP -.BR --transform " EXPRESSION" -transform file or member names using the \fBsed\fR replacement expression -EXPRESSION -.TP -.BR -U ", " --unlink-first -remove existing files before extracting files of the same name -.TP -.BR --unquote -enable unquoting input file or member names; this is the default -.TP -.BR --utc -display file modification dates in UTC -.TP -.BR -v ", " --verbose -verbosely list files processed -.TP -.BR -V ", " --label " NAME" -create archive with volume name NAME -.TP -.BR --version -print \fBtar\fR program version number -.TP -.BR --volno-file " FILE" -keep track of which volume of a multi-volume archive its working in -FILE; used with \fI--multi-volume\fR -.TP -.BR -w ", " --interactive ", " --confirmation -ask for confirmation for every action -.TP -.BR -W ", " --verify -attempt to verify the archive after writing it -.TP -.BR --wildcards -use wildcards with \fI--exclude\fR -.TP -.BR --wildcards-match-slash -wildcards match slashes (/) with \fI--exclude\fR -.TP -.BR -X ", " --exclude-from " FILE" -exclude files listed in FILE -.TP -.BR -z ", " --gzip ", " --gunzip ", " --ungzip -filter the archive through gzip -.TP -.BR -Z ", " --compress ", " --uncompress -filter the archive through compress -.TP -.BR -[0-7][lmh] -specify drive and density -.SH BUGS -The GNU folks, in general, abhor man pages and create info documents instead. -The maintainer of \fBtar\fR falls into this category. Thus, this man page may -not be complete nor current, and it is included in the Gentoo portage tree -because man is a great tool :). This man page was first taken from Debian -Linux and has since been lovingly updated here. -.SH "REPORTING BUGS" -Please report bugs via http://bugs.gentoo.org/ -.SH "AUTHORS" -.nf -Debian Linux http://www.debian.org/ -Mike Frysinger <vapier@gentoo.org> -.fi diff --git a/app-arch/tar/metadata.xml b/app-arch/tar/metadata.xml deleted file mode 100644 index 96a2d586..00000000 --- a/app-arch/tar/metadata.xml +++ /dev/null @@ -1,5 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> -<pkgmetadata> -<herd>base-system</herd> -</pkgmetadata> diff --git a/app-arch/tar/tar-1.26-r3.ebuild b/app-arch/tar/tar-1.26-r3.ebuild deleted file mode 100644 index 4049bac0..00000000 --- a/app-arch/tar/tar-1.26-r3.ebuild +++ /dev/null @@ -1,78 +0,0 @@ -# Copyright 1999-2011 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/app-arch/tar/tar-1.26.ebuild,v 1.1 2011/03/13 20:46:42 vapier Exp $ - -EAPI="3" - -inherit autotools flag-o-matic - -DESCRIPTION="Use this to make tarballs :)" -HOMEPAGE="http://www.gnu.org/software/tar/" -SRC_URI="http://ftp.gnu.org/gnu/tar/${P}.tar.bz2 - ftp://alpha.gnu.org/gnu/tar/${P}.tar.bz2 - mirror://gnu/tar/${P}.tar.bz2" - -LICENSE="GPL-3" -SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~x86-fbsd ~x64-freebsd ~x86-freebsd ~hppa-hpux ~ia64-hpux ~x86-interix ~amd64-linux ~ia64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" -IUSE="nls static userland_GNU acl caps selinux xattr" - -RDEPEND="" -DEPEND="${RDEPEND} - nls? ( >=sys-devel/gettext-0.10.35 )" - -src_prepare() { - epatch "${FILESDIR}"/${P}-full-xattr.patch #382067 - eautoreconf - - if ! use userland_GNU ; then - sed -i \ - -e 's:/backup\.sh:/gbackup.sh:' \ - scripts/{backup,dump-remind,restore}.in \ - || die "sed non-GNU" - fi -} - -src_configure() { - local myconf - use static && append-ldflags -static - use userland_GNU || myconf="--program-prefix=g" - if use acl || use caps || use selinux || use xattr ; then - myconf+=" --enable-xattr" - fi - # Work around bug in sandbox #67051 - gl_cv_func_chown_follows_symlink=yes \ - FORCE_UNSAFE_CONFIGURE=1 \ - econf \ - --enable-backup-scripts \ - --bindir="${EPREFIX}"/bin \ - --libexecdir="${EPREFIX}"/usr/sbin \ - $(use_enable nls) \ - ${myconf} -} - -src_install() { - local p="" - use userland_GNU || p=g - - emake DESTDIR="${D}" install || die - - if [[ -z ${p} ]] ; then - # a nasty yet required piece of baggage - exeinto /etc - doexe "${FILESDIR}"/rmt || die - fi - - # autoconf looks for gtar before tar (in configure scripts), hence - # in Prefix it is important that it is there, otherwise, a gtar from - # the host system (FreeBSD, Solaris, Darwin) will be found instead - # of the Prefix provided (GNU) tar - if use prefix ; then - dosym tar /bin/gtar - fi - - dodoc AUTHORS ChangeLog* NEWS README* THANKS - newman "${FILESDIR}"/tar.1 ${p}tar.1 - mv "${ED}"/usr/sbin/${p}backup{,-tar} - mv "${ED}"/usr/sbin/${p}restore{,-tar} -} diff --git a/eclass/pax-utils.eclass b/eclass/pax-utils.eclass deleted file mode 100644 index 216b89aa..00000000 --- a/eclass/pax-utils.eclass +++ /dev/null @@ -1,137 +0,0 @@ -# Copyright 1999-2011 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/eclass/pax-utils.eclass,v 1.15 2011/08/22 04:46:32 vapier Exp $ - -# @ECLASS: pax-utils.eclass -# @MAINTAINER: -# The Gentoo Linux Hardened Team <hardened@gentoo.org> -# @AUTHOR: -# Original Author: Kevin F. Quinn <kevquinn@gentoo.org> -# Modifications for bug #365825, @ ECLASS markup: Anthony G. Basile <blueness@gentoo.org> -# Modifications for XT_PAX markings: Anthony G. Basile <blueness@gentoo.org> -# @BLURB: functions to provide pax markings -# @DESCRIPTION: -# This eclass provides support for manipulating PaX markings on ELF binaries, -# wrapping the use of the paxctl-ng utilities. -# -# To control what markings are made, set PAX_MARKINGS in /etc/make.conf to -# contain either "XT", "PT" or "none". -# -# If PAX_MARKINGS is set to "XT" and paxctl-ng is installed, then both XT_PAX -# and PT_PAX markings will be made, where possible: XT_PAX will not be made if -# the file system doesn't support extended attributes and PT_PAX will not be -# made if the ELF binary doesn't have a PT_PAX header. -# -# If PAX_MARKINGS is setto "PT" and paxctl is installed, then only PT_PAX -# markings will be made. -# -# Finally, if neither utility is found, or PAX_MARKINGS is set to "none", -# then no markings will be made. -# -# Note: unlike the original pax-utils.eclass, we will not try to use paxctl -c -# or paxctl -C to convert or create a PT_PAX program header. Nor will we fall -# back on scanelf. - -inherit eutils - -RDEPEND="=sys-apps/elfix-0.3.2" - -# Default to XT markings. -PAX_MARKINGS=${PAX_MARKINGS:="XT"} - -# @FUNCTION: pax-mark -# @USAGE: <flags> {<ELF files>} -# @RETURN: Shell true if we succeed, shell false otherwise -# @DESCRIPTION: -# Marks <ELF files> with provided PaX <flags> -# -# Flags are passed directly to the utilities unchanged. Possible flags at the -# time of writing, taken from /usr/sbin/paxctl-ng, are: -# -# p: disable PAGEEXEC P: enable PAGEEXEC -# e: disable EMUTRMAP E: enable EMUTRMAP -# m: disable MPROTECT M: enable MPROTECT -# r: disable RANDMMAP R: enable RANDMMAP -# s: disable SEGMEXEC S: enable SEGMEXEC -# -# Default flags are 'PeMRS', which are the most restrictive settings. -# Do not use the obsolete flag 'x'/'X'. -pax-mark() { - local f flags fail=0 failures="" zero_load_alignment - # Remove all dashes from the flags - flags=${1//-} - shift - if type -p paxctl-ng > /dev/null && has XT ${PAX_MARKINGS}; then - elog "XT PaX marking -${flags}" - _pax_list_files elog "$@" - for f in "$@"; do - paxctl-ng -C "${f}" - paxctl-ng -${flags} "${f}" && continue - fail=1 - failures="${failures} ${f}" - done - elif type -p paxctl > /dev/null && has PT ${PAX_MARKINGS}; then - elog "PT PaX marking -${flags}" - _pax_list_files elog "$@" - for f in "$@"; do - paxctl -q${flags} "${f}" && continue - fail=1 - failures="${failures} ${f}" - done - elif [[ ${PAX_MARKINGS} != "none" ]]; then - failures="$*" - fail=1 - fi - if [[ ${fail} == 1 ]]; then - ewarn "Failed to set PaX markings -${flags} for:" - _pax_list_files ewarn ${failures} - ewarn "Executables may be killed by PaX kernels." - fi - return ${fail} -} - -# @FUNCTION: list-paxables -# @USAGE: {<files>} -# @RETURN: Subset of {<files>} which are ELF executables or shared objects -# @DESCRIPTION: -# Print to stdout all of the <files> that are suitable to have PaX flag -# markings, i.e., filter out the ELF executables or shared objects from a list -# of files. This is useful for passing wild-card lists to pax-mark, although -# in general it is preferable for ebuilds to list precisely which ELFS are to -# be marked. Often not all the ELF installed by a package need remarking. -# @EXAMPLE: -# pax-mark -m $(list-paxables ${S}/{,usr/}bin/*) -list-paxables() { - file "$@" 2> /dev/null | grep -E 'ELF.*(executable|shared object)' | sed -e 's/: .*$//' -} - -# @FUNCTION: host-is-pax -# @RETURN: Shell true if the build process is PaX enabled, shell false otherwise -# @DESCRIPTION: -# This is intended for use where the build process must be modified conditionally -# depending on whether the host is PaX enabled or not. It is not intedened to -# determine whether the final binaries need PaX markings. Note: if procfs is -# not mounted on /proc, this returns shell false (e.g. Gentoo/FBSD). -host-is-pax() { - grep -qs ^PaX: /proc/self/status -} - - -# INTERNAL FUNCTIONS -# ------------------ -# -# These functions are for use internally by the eclass - do not use -# them elsewhere as they are not supported (i.e. they may be removed -# or their function may change arbitratily). - -# Display a list of things, one per line, indented a bit, using the -# display command in $1. -_pax_list_files() { - local f cmd - cmd=$1 - shift - for f in "$@"; do - ${cmd} " ${f}" - done -} - diff --git a/profiles/repo_name b/profiles/repo_name deleted file mode 100644 index e8748ede..00000000 --- a/profiles/repo_name +++ /dev/null @@ -1 +0,0 @@ -hardened-dev diff --git a/sys-boot/grub/ChangeLog b/sys-boot/grub/ChangeLog deleted file mode 100644 index 139597f9..00000000 --- a/sys-boot/grub/ChangeLog +++ /dev/null @@ -1,2 +0,0 @@ - - diff --git a/sys-boot/grub/Manifest b/sys-boot/grub/Manifest deleted file mode 100644 index 059da041..00000000 --- a/sys-boot/grub/Manifest +++ /dev/null @@ -1,7 +0,0 @@ -AUX grub.conf.gentoo 627 RMD160 d90fb4373bad476f98ec9c5065d6cdfd9e3b706f SHA1 004f2fc04605ec9190de0a87e7df8bbc33daff89 SHA256 914b15af252210a32776196437cd8013e10e57d5780e66877ef3fe9a2b4b9776 -DIST grub-0.97-patches-1.11.tar.bz2 55261 RMD160 cc0fd57305abc550e932470032d34839b0332d78 SHA1 3af9f703349dfe9f0cffa7f88689ec5195f3e834 SHA256 f74d7deffbbb5440d6a1c8cbced22ccbef3146c1084b005b7ac9fb9ef30f4782 -DIST grub-0.97.tar.gz 971783 RMD160 7fb5674edf0c950bd38e94f85ff1e2909aa741f0 SHA1 2580626c4579bd99336d3af4482c346c95dac4fb SHA256 4e1d15d12dbd3e9208111d6b806ad5a9857ca8850c47877d36575b904559260b -DIST splash.xpm.gz 33856 RMD160 2fead61f91c368429e80936248bb02af2bdf15ff SHA1 98e679f9698be43426f971f89a088c053e8c804a SHA256 b95600f777331b0dd31d51c68f60f0e846e4c8b628857a41165f4e6b30e6acaf -EBUILD grub-0.97-r11.ebuild 9488 RMD160 92e3625386cc6bec7f5aeae4364080bf48a6be3d SHA1 06b9c4b40945321696aa21d0d97634cf362dd7fa SHA256 8779f047509924e06a01c439be3227ec2eea7ae8d12ee70e4ed52a1436eafb0c -MISC ChangeLog 2 RMD160 e5043315c7d228fbf17daf82b8e725f54b1ac2f6 SHA1 71853c6197a6a7f222db0f1978c7cb232b87c5ee SHA256 75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070 -MISC metadata.xml 164 RMD160 f43cbec30b7074319087c9acffdb9354b17b0db3 SHA1 9c213f5803676c56439df3716be07d6692588856 SHA256 f5f2891f2a4791cd31350bb2bb572131ad7235cd0eeb124c9912c187ac10ce92 diff --git a/sys-boot/grub/files/grub.conf.gentoo b/sys-boot/grub/files/grub.conf.gentoo deleted file mode 100644 index 0027099e..00000000 --- a/sys-boot/grub/files/grub.conf.gentoo +++ /dev/null @@ -1,16 +0,0 @@ -# This is a sample grub.conf for use with Genkernel, per the Gentoo handbook -# http://www.gentoo.org/doc/en/handbook/handbook-x86.xml?part=1&chap=10#doc_chap2 -# If you are not using Genkernel and you need help creating this file, you -# should consult the handbook. Alternatively, consult the grub.conf.sample that -# is included with the Grub documentation. - -default 0 -timeout 30 -#splashimage=(hd0,0)/boot/grub/splash.xpm.gz - -#title Gentoo Linux 2.6.24-r5 -#root (hd0,0) -#kernel /boot/kernel-genkernel-x86-2.6.24-gentoo-r5 root=/dev/ram0 real_root=/dev/sda3 -#initrd /boot/initramfs-genkernel-x86-2.6.24-gentoo-r5 - -# vim:ft=conf: diff --git a/sys-boot/grub/grub-0.97-r11.ebuild b/sys-boot/grub/grub-0.97-r11.ebuild deleted file mode 100644 index 0c9e6523..00000000 --- a/sys-boot/grub/grub-0.97-r11.ebuild +++ /dev/null @@ -1,292 +0,0 @@ -# Copyright 1999-2011 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-boot/grub/grub-0.97-r10.ebuild,v 1.11 2011/09/10 02:33:59 dirtyepic Exp $ - -# XXX: we need to review menu.lst vs grub.conf handling. We've been converting -# all systems to grub.conf (and symlinking menu.lst to grub.conf), but -# we never updated any of the source code (it still all wants menu.lst), -# and there is no indication that upstream is making the transition. - -# If you need to roll a new grub-static distfile, here is how. -# - Robin H. Johnson <robbat2@gentoo.org> - 29 Nov 2010 -# USE='static -ncurses -netboot -custom-cflags' \ -# GRUB_STATIC_PACKAGE_BUILDING=1 ebuild \ -# grub-${PVR}.ebuild package && \ -# cp -f ${PKGDIR}/${CAT}/${PF}.tbz2 ${DISTDIR}/grub-static-${PVR}.tar.bz2 - -inherit mount-boot eutils flag-o-matic toolchain-funcs autotools linux-info pax-utils - -PATCHVER="1.11" # Should match the revision ideally -DESCRIPTION="GNU GRUB Legacy boot loader" -HOMEPAGE="http://www.gnu.org/software/grub/" -SRC_URI="mirror://gentoo/${P}.tar.gz - ftp://alpha.gnu.org/gnu/${PN}/${P}.tar.gz - mirror://gentoo/splash.xpm.gz - mirror://gentoo/${P}-patches-${PATCHVER}.tar.bz2" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~amd64 ~x86" -IUSE="custom-cflags ncurses netboot static" - -RDEPEND="ncurses? ( - >=sys-libs/ncurses-5.2-r5 - amd64? ( app-emulation/emul-linux-x86-baselibs ) - )" -DEPEND="${RDEPEND}" - -pkg_setup() { - local arch="$(tc-arch)" - case ${arch} in - amd64) CONFIG_CHECK='~IA32_EMULATION' check_extra_config ;; - esac -} - -src_unpack() { - unpack ${A} - cd "${S}" - - # patch breaks booting for some people #111885 - rm "${WORKDIR}"/patch/400_*reiser4* - - # Grub will not handle a kernel larger than EXTENDED_MEMSIZE Mb as - # discovered in bug 160801. We can change this, however, using larger values - # for this variable means that Grub needs more memory to run and boot. For a - # kernel of size N, Grub needs (N+1)*2. Advanced users should set a custom - # value in make.conf, it is possible to make kernels ~16Mb in size, but it - # needs the kitchen sink built-in. - local t="custom" - if [[ -z ${GRUB_MAX_KERNEL_SIZE} ]] ; then - case $(tc-arch) in - amd64) GRUB_MAX_KERNEL_SIZE=9 ;; - x86) GRUB_MAX_KERNEL_SIZE=5 ;; - esac - t="default" - fi - einfo "Grub will support the ${t} maximum kernel size of ${GRUB_MAX_KERNEL_SIZE} Mb (GRUB_MAX_KERNEL_SIZE)" - - sed -i \ - -e "/^#define.*EXTENDED_MEMSIZE/s,3,${GRUB_MAX_KERNEL_SIZE},g" \ - "${S}"/grub/asmstub.c \ - || die "Failed to hack memory size" - - if [[ -n ${PATCHVER} ]] ; then - EPATCH_SUFFIX="patch" - epatch "${WORKDIR}"/patch - eautoreconf - fi -} - -src_compile() { - filter-flags -fPIE #168834 - - use amd64 && multilib_toolchain_setup x86 - - unset BLOCK_SIZE #73499 - - ### i686-specific code in the boot loader is a bad idea; disabling to ensure - ### at least some compatibility if the hard drive is moved to an older or - ### incompatible system. - - # grub-0.95 added -fno-stack-protector detection, to disable ssp for stage2, - # but the objcopy's (faulty) test fails if -fstack-protector is default. - # create a cache telling configure that objcopy is ok, and add -C to econf - # to make use of the cache. - # - # CFLAGS has to be undefined running econf, else -fno-stack-protector detection fails. - # STAGE2_CFLAGS is not allowed to be used on emake command-line, it overwrites - # -fno-stack-protector detected by configure, removed from netboot's emake. - use custom-cflags || unset CFLAGS - - export grub_cv_prog_objcopy_absolute=yes #79734 - use static && append-ldflags -static - - # Per bug 216625, the emul packages do not provide .a libs for performing - # suitable static linking - if use amd64 && use static ; then - if [ -z "${GRUB_STATIC_PACKAGE_BUILDING}" ]; then - die "You must use the grub-static package if you want a static Grub on amd64!" - else - eerror "You have set GRUB_STATIC_PACKAGE_BUILDING. This" - eerror "is specifically intended for building the tarballs for the" - eerror "grub-static package via USE='static -ncurses'." - eerror "All bets are now off." - ebeep 10 - fi - fi - - # build the net-bootable grub first, but only if "netboot" is set - if use netboot ; then - econf \ - --libdir=/lib \ - --datadir=/usr/lib/grub \ - --exec-prefix=/ \ - --disable-auto-linux-mem-opt \ - --enable-diskless \ - --enable-{3c{5{03,07,09,29,95},90x},cs89x0,davicom,depca,eepro{,100}} \ - --enable-{epic100,exos205,ni5210,lance,ne2100,ni{50,65}10,natsemi} \ - --enable-{ne,ns8390,wd,otulip,rtl8139,sis900,sk-g16,smc9000,tiara} \ - --enable-{tulip,via-rhine,w89c840} || die "netboot econf failed" - - emake w89c840_o_CFLAGS="-O" || die "making netboot stuff" - - mv -f stage2/{nbgrub,pxegrub} "${S}"/ - mv -f stage2/stage2 stage2/stage2.netboot - - make clean || die "make clean failed" - fi - - # Now build the regular grub - # Note that FFS and UFS2 support are broken for now - stage1_5 files too big - econf \ - --libdir=/lib \ - --datadir=/usr/lib/grub \ - --exec-prefix=/ \ - --disable-auto-linux-mem-opt \ - $(use_with ncurses curses) \ - || die "econf failed" - - # sanity check due to common failure - use ncurses && ! grep -qs "HAVE_LIBCURSES.*1" config.h && die "USE=ncurses but curses not found" - - emake || die "making regular stuff" -} - -src_test() { - # non-default block size also give false pass/fails. - unset BLOCK_SIZE - make check || die "make check failed" -} - -src_install() { - emake DESTDIR="${D}" install || die - if use netboot ; then - exeinto /usr/lib/grub/${CHOST} - doexe nbgrub pxegrub stage2/stage2.netboot || die "netboot install" - fi - - dodoc AUTHORS BUGS ChangeLog NEWS README THANKS TODO - newdoc docs/menu.lst grub.conf.sample - dodoc "${FILESDIR}"/grub.conf.gentoo - prepalldocs - - [ -n "${GRUB_STATIC_PACKAGE_BUILDING}" ] && \ - mv \ - "${D}"/usr/share/doc/${PF} \ - "${D}"/usr/share/doc/grub-static-${PF/grub-} - - insinto /usr/share/grub - doins "${DISTDIR}"/splash.xpm.gz -} - -setup_boot_dir() { - local boot_dir=$1 - local dir=${boot_dir} - - mkdir -p "${dir}" - [[ ! -L ${dir}/boot ]] && ln -s . "${dir}/boot" - dir="${dir}/grub" - if [[ ! -e ${dir} ]] ; then - mkdir "${dir}" || die "${dir} does not exist!" - fi - - # change menu.lst to grub.conf - if [[ ! -e ${dir}/grub.conf ]] && [[ -e ${dir}/menu.lst ]] ; then - mv -f "${dir}"/menu.lst "${dir}"/grub.conf - ewarn - ewarn "*** IMPORTANT NOTE: menu.lst has been renamed to grub.conf" - ewarn - fi - - if [[ ! -e ${dir}/menu.lst ]]; then - einfo "Linking from new grub.conf name to menu.lst" - ln -snf grub.conf "${dir}"/menu.lst - fi - - if [[ -e ${dir}/stage2 ]] ; then - mv "${dir}"/stage2{,.old} - ewarn "*** IMPORTANT NOTE: you must run grub and install" - ewarn "the new version's stage1 to your MBR. Until you do," - ewarn "stage1 and stage2 will still be the old version, but" - ewarn "later stages will be the new version, which could" - ewarn "cause problems such as an unbootable system." - ewarn "This means you must use either grub-install or perform" - ewarn "root/setup manually! For more help, see the handbook:" - ewarn "http://www.gentoo.org/doc/en/handbook/handbook-${ARCH}.xml?part=1&chap=10#grub-install-auto" - ebeep - fi - - einfo "Copying files from /lib/grub, /usr/lib/grub and /usr/share/grub to ${dir}" - for x in \ - "${ROOT}"/lib*/grub/*/* \ - "${ROOT}"/usr/lib*/grub/*/* \ - "${ROOT}"/usr/share/grub/* ; do - [[ -f ${x} ]] && cp -p "${x}" "${dir}"/ - done - - if [[ ! -e ${dir}/grub.conf ]] ; then - s="${ROOT}/usr/share/doc/${PF}/grub.conf.gentoo" - [[ -e "${s}" ]] && cat "${s}" >${dir}/grub.conf - [[ -e "${s}.gz" ]] && zcat "${s}.gz" >${dir}/grub.conf - [[ -e "${s}.bz2" ]] && bzcat "${s}.bz2" >${dir}/grub.conf - fi - - # Per bug 218599, we support grub.conf.install for users that want to run a - # specific set of Grub setup commands rather than the default ones. - grub_config=${dir}/grub.conf.install - [[ -e ${grub_config} ]] || grub_config=${dir}/grub.conf - if [[ -e ${grub_config} ]] ; then - egrep \ - -v '^[[:space:]]*(#|$|default|fallback|initrd|password|splashimage|timeout|title)' \ - "${grub_config}" | \ - /sbin/grub --batch \ - --device-map="${dir}"/device.map \ - > /dev/null - fi - - # the grub default commands silently piss themselves if - # the default file does not exist ahead of time - if [[ ! -e ${dir}/default ]] ; then - grub-set-default --root-directory="${boot_dir}" default - fi - einfo "Grub has been installed to ${boot_dir} successfully." -} - -pkg_postinst() { - mount-boot_mount_boot_partition - - # bug 330745 - # must be pax-marked before setup_boot_dir - pax-mark -m /sbin/grub - - if [[ -n ${DONT_MOUNT_BOOT} ]]; then - elog "WARNING: you have DONT_MOUNT_BOOT in effect, so you must apply" - elog "the following instructions for your /boot!" - elog "Neglecting to do so may cause your system to fail to boot!" - elog - else - setup_boot_dir "${ROOT}"/boot - # Trailing output because if this is run from pkg_postinst, it gets mixed into - # the other output. - einfo "" - fi - elog "To interactively install grub files to another device such as a USB" - elog "stick, just run the following and specify the directory as prompted:" - elog " emerge --config =${PF}" - elog "Alternately, you can export GRUB_ALT_INSTALLDIR=/path/to/use to tell" - elog "grub where to install in a non-interactive way." - - # needs to be after we call setup_boot_dir - mount-boot_pkg_postinst -} - -pkg_config() { - local dir - if [ ! -d "${GRUB_ALT_INSTALLDIR}" ]; then - einfo "Enter the directory where you want to setup grub:" - read dir - else - dir="${GRUB_ALT_INSTALLDIR}" - fi - setup_boot_dir "${dir}" -} diff --git a/sys-boot/grub/metadata.xml b/sys-boot/grub/metadata.xml deleted file mode 100644 index 96a2d586..00000000 --- a/sys-boot/grub/metadata.xml +++ /dev/null @@ -1,5 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> -<pkgmetadata> -<herd>base-system</herd> -</pkgmetadata> diff --git a/sys-devel/binutils/ChangeLog b/sys-devel/binutils/ChangeLog deleted file mode 100644 index 9c2ac333..00000000 --- a/sys-devel/binutils/ChangeLog +++ /dev/null @@ -1,8 +0,0 @@ - - -*binutils-2.21.1-r2 (22 Nov 2011) - - 22 Nov 2011; Anthony G. Basile <blueness@gentoo.org> - +binutils-2.21.1-r2.ebuild, +metadata.xml: - Remove patch which adds PT_PAX headers - diff --git a/sys-devel/binutils/Manifest b/sys-devel/binutils/Manifest deleted file mode 100644 index c3f6d49b..00000000 --- a/sys-devel/binutils/Manifest +++ /dev/null @@ -1,15 +0,0 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA256 - -DIST binutils-2.21.1-patches-1.3.tar.bz2 19837 RMD160 3762e20b8b0098f5efb5cf1336208005c0e38288 SHA1 9dc634fbe91619bc7ab5c9b5059d2ddc54a191fe SHA256 e66847c2fe300affb82eb05fc122f093ecdb673688f39101c7d4f7333e850c90 -DIST binutils-2.21.1.tar.bz2 18997755 RMD160 de5ce1d7cb0d44e3ec18c557beefb2a292d59a60 SHA1 525255ca6874b872540c9967a1d26acfbc7c8230 SHA256 cdecfa69f02aa7b05fbcdf678e33137151f361313b2f3e48aba925f64eabf654 -EBUILD binutils-2.21.1-r2.ebuild 364 RMD160 91be2cda612ef9b58d9978fc5a5a3c2cd1e0e3cf SHA1 d7164169722fca8b0583ea56d76f0a630198c6c7 SHA256 00dcce8ae2f750220035727e209e48380b582e09e9f569efc86d4db46ebf804e -MISC ChangeLog 179 RMD160 33bf8b29c532c465da70211052ae333cf8f8457b SHA1 099b434cfb1e845a9469ce01a1c2afd999e74fa7 SHA256 59037413858347201746f08dc009d2242979992d8990aee8e8ef5688199b9801 -MISC metadata.xml 386 RMD160 c7d423f8beaf5a89ed58b4438d3090ad38ee6efa SHA1 929a22d4a3a63a181ff80a4d7e6344ac227e6a25 SHA256 58db91727c014c22db0fde315c25cb22c59dc5c15af5d30ee4c01a248500b67c ------BEGIN PGP SIGNATURE----- -Version: GnuPG v2.0.17 (GNU/Linux) - -iEYEAREIAAYFAk7LpHYACgkQl5yvQNBFVTVE7gCdERYxnvVX20VStNt5zM5l4C8W -wbYAoIPktfzdmyPoGx+40eYd5FTkWNMZ -=3+aS ------END PGP SIGNATURE----- diff --git a/sys-devel/binutils/binutils-2.21.1-r2.ebuild b/sys-devel/binutils/binutils-2.21.1-r2.ebuild deleted file mode 100644 index f364066d..00000000 --- a/sys-devel/binutils/binutils-2.21.1-r2.ebuild +++ /dev/null @@ -1,9 +0,0 @@ -# Copyright 1999-2011 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-devel/binutils/binutils-2.21.1-r1.ebuild,v 1.9 2011/11/19 21:15:07 vapier Exp $ - -PATCHVER="1.3" -ELF2FLT_VER="" -inherit toolchain-binutils -EPATCH_EXCLUDE="63_all_binutils-2.21.1-pt-pax-flags-20110918.patch" -KEYWORDS="" diff --git a/sys-devel/binutils/metadata.xml b/sys-devel/binutils/metadata.xml deleted file mode 100644 index b7564370..00000000 --- a/sys-devel/binutils/metadata.xml +++ /dev/null @@ -1,9 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> -<pkgmetadata> -<herd>toolchain</herd> -<use> -<flag name='multislot'>Allow for multiple versions of binutils to be emerged at once for same CTARGET</flag> -<flag name='multitarget'>Adds support to binutils for cross compiling (does not work with gas)</flag> -</use> -</pkgmetadata> diff --git a/sys-kernel/xtpax-sources/ChangeLog b/sys-kernel/xtpax-sources/ChangeLog deleted file mode 100644 index 08b16c9a..00000000 --- a/sys-kernel/xtpax-sources/ChangeLog +++ /dev/null @@ -1,20 +0,0 @@ - - -*xtpax-sources-3.1.5 (13 Dec 2011) - - 13 Dec 2011; Anthony G. Basile <blueness@gentoo.org> - +xtpax-sources-3.1.5.ebuild: - Version bump - -*xtpax-sources-3.1.1 (20 Nov 2011) - - 20 Nov 2011; Anthony G. Basile <blueness@gentoo.org> - +xtpax-sources-3.1.1.ebuild, +metadata.xml: - Renamed hardened-xtpax-sources to xtpax-sources to avoid name collision - -*hardened-xtpax-sources-3.1.1 (20 Nov 2011) - - 20 Nov 2011; Anthony G. Basile <blueness@gentoo.org> - +hardened-xtpax-sources-3.1.1.ebuild, +metadata.xml: - Initial commit XT_PAX based kernel - diff --git a/sys-kernel/xtpax-sources/Manifest b/sys-kernel/xtpax-sources/Manifest deleted file mode 100644 index 9f526aac..00000000 --- a/sys-kernel/xtpax-sources/Manifest +++ /dev/null @@ -1,13 +0,0 @@ -DIST deblob-3.1 103909 RMD160 723d36ef2574419417bbf30eda6a83aaa91922d7 SHA1 39d2c6e69f4e3b84e112b6e3e9389c983976fe4b SHA256 9dcf6f981cb3681f8afab0a4f814aebd6c2f46f8e635d2f35657d8344ef6b30e -DIST deblob-check-3.1 405438 RMD160 da7efe959bc7c0017214daa764fcb486ff4434f2 SHA1 397157d3f6bf225f8cc4f48b6c05bc56482c2934 SHA256 77d125ae5466049fb3f1fe39ddb9320b66239de782a348c66133de591049db43 -DIST genpatches-3.1-4.base.tar.bz2 107620 RMD160 ffc262a61b4da49a60c09ee666b696405d956389 SHA1 1c8d681e62cf837295012369c2d28daabb1387f6 SHA256 8a025365b17b4b7ed4a5c2e03315932b3ce7c1aa76206a96a80157c57c95f6f4 -DIST genpatches-3.1-4.extras.tar.bz2 17200 RMD160 fa8aa6ba8bc1e554758017d371769536d025bdc1 SHA1 47240cdc21d69d2af05d0b2bd7dcbb1615508f86 SHA256 b108dbf3b5ddad1701cacd2f1c936a63b60d1a4cd86fd7f9311230e3bacac56b -DIST genpatches-3.1-8.base.tar.bz2 164116 RMD160 619061ed81cee8ca391937f4b15c2805948e168e SHA1 abc55d0cad5b98461441c3790a7356d869ec90cf SHA256 c35165f1931f93ccfe477f11d5e842c2510097f017293a55aaa34dce903a2da9 -DIST genpatches-3.1-8.extras.tar.bz2 17200 RMD160 fa8aa6ba8bc1e554758017d371769536d025bdc1 SHA1 47240cdc21d69d2af05d0b2bd7dcbb1615508f86 SHA256 b108dbf3b5ddad1701cacd2f1c936a63b60d1a4cd86fd7f9311230e3bacac56b -DIST hardened-xtpax-patches-3.1.1-1.extras.tar.bz2 487283 RMD160 b1556d1969ae961d4256783f5ad835355ace9ab7 SHA1 ee7f3df3f66faf30730662417b8a4a484c195ddf SHA256 e60592eb4537e861c1b8ffd6a4d9a762ce278454825959c4e1a879ade9f73653 -DIST linux-3.1.tar.bz2 77190238 RMD160 f9a3ce57b9f20a1402ef340792d3c223140ce1d2 SHA1 ac792701561b1cd4279302b8bb8f474731762ad1 SHA256 2573d2378c754b0c602b57586e9311e5b38c5d1e6c137f02873833633a4b9359 -DIST xtpax-patches-3.1.5-1.extras.tar.bz2 519312 RMD160 3abd402fd673cb34a3467adbdb743a281ad98fd7 SHA1 cc2f38af375b3259661c8264c5f7f80e32dd10fc SHA256 45b8b609b5e0c3030f5f85ff5b1178de107cbb5ddd414d3b55e6852608019400 -EBUILD xtpax-sources-3.1.1.ebuild 1792 RMD160 42d146f71609717e273439eb206fca7f65749650 SHA1 3810a7853073f1db179a151fa91f7694a8bba312 SHA256 24503d9969db4cdedc003dfcdea7693449c4d9dde0f9ccee3494d5cb36082f1b -EBUILD xtpax-sources-3.1.5.ebuild 1774 RMD160 0d19502b3f40fc4952a9088f69a8cad00d160f7b SHA1 b6426059e66274f35ef137688a0ebbaa613bd5de SHA256 7bf31d58f211e0d067ac92dfc5994aa8154798609828c7c0ce8c06d57eef0a8e -MISC ChangeLog 545 RMD160 488c871290d0d0ee6209dbfeb6962ffaa01ec797 SHA1 f00a7fd35293723cf1b5f4f1b3e4ce73a12cc802 SHA256 0a862d0f83e846162d1b78fedfe65caa0c48da3633ba09fd2e62d3ab57265bbf -MISC metadata.xml 578 RMD160 7ea189a37d0f863ae9c52170bb85df27d21686fb SHA1 4765c25d7770a69f7b9dda2b1accc8ff27b74ad0 SHA256 64140e091b51002a5355d8fcfd351f2f39ed63da68af3a5751fc2058d0d03813 diff --git a/sys-kernel/xtpax-sources/metadata.xml b/sys-kernel/xtpax-sources/metadata.xml deleted file mode 100644 index 6fa414d9..00000000 --- a/sys-kernel/xtpax-sources/metadata.xml +++ /dev/null @@ -1,17 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> -<pkgmetadata> - <herd>kernel</herd> - <herd>hardened</herd> - <maintainer> - <email>blueness@gentoo.org</email> - <name>Anthony G. Basile</name> - </maintainer> - <longdescription> - hardened-sources is based upon genpatches, and adds the grsecurity - patch from http://www.grsecurity.net, which also includes PaX. - </longdescription> - <use> - <flag name='deblob'>Remove binary blobs from kernel sources to provide libre license compliance.</flag> - </use> -</pkgmetadata> diff --git a/sys-kernel/xtpax-sources/xtpax-sources-3.1.1.ebuild b/sys-kernel/xtpax-sources/xtpax-sources-3.1.1.ebuild deleted file mode 100644 index c30f6af1..00000000 --- a/sys-kernel/xtpax-sources/xtpax-sources-3.1.1.ebuild +++ /dev/null @@ -1,49 +0,0 @@ -# Copyright 1999-2011 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/hardened-sources-3.1.1.ebuild,v 1.1 2011/11/19 18:57:05 blueness Exp $ - -EAPI="4" - -ETYPE="sources" -K_WANT_GENPATCHES="base extras" -K_GENPATCHES_VER="4" -K_DEBLOB_AVAILABLE="1" - -inherit kernel-2 -detect_version - -HGPV="${KV_MAJOR}.${KV_MINOR}.${KV_PATCH}-1" -HGPV_URI="http://dev.gentoo.org/~blueness/hardened-sources/hardened-patches/hardened-xtpax-patches-${HGPV}.extras.tar.bz2" -SRC_URI="${KERNEL_URI} ${HGPV_URI} ${GENPATCHES_URI} ${ARCH_URI}" - -UNIPATCH_LIST="${DISTDIR}/hardened-xtpax-patches-${HGPV}.extras.tar.bz2" -UNIPATCH_EXCLUDE="4200_fbcondecor-0.9.6.patch" - -DESCRIPTION="Hardened kernel sources (kernel series ${KV_MAJOR}.${KV_MINOR})" -HOMEPAGE="http://www.gentoo.org/proj/en/hardened/" -IUSE="deblob" - -KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86" - -pkg_postinst() { - kernel-2_pkg_postinst - - local GRADM_COMPAT="sys-apps/gradm-2.2.2*" - - ewarn - ewarn "Hardened Gentoo provides three different predefined grsecurity level:" - ewarn "[server], [workstation], and [virtualization]." - ewarn - ewarn "Those who intend to use one of these predefined grsecurity levels" - ewarn "should read the help associated with the level. Users importing a" - ewarn "kernel configuration from a kernel prior to ${PN}-2.6.32," - ewarn "should review their selected grsecurity/PaX options carefully." - ewarn - ewarn "Users of grsecurity's RBAC system must ensure they are using" - ewarn "${GRADM_COMPAT}, which is compatible with ${PF}." - ewarn "It is strongly recommended that the following command is issued" - ewarn "prior to booting a ${PF} kernel for the first time:" - ewarn - ewarn "emerge -na =${GRADM_COMPAT}" - ewarn -} diff --git a/sys-kernel/xtpax-sources/xtpax-sources-3.1.5.ebuild b/sys-kernel/xtpax-sources/xtpax-sources-3.1.5.ebuild deleted file mode 100644 index 19420451..00000000 --- a/sys-kernel/xtpax-sources/xtpax-sources-3.1.5.ebuild +++ /dev/null @@ -1,49 +0,0 @@ -# Copyright 1999-2011 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/hardened-sources-3.1.1.ebuild,v 1.1 2011/11/19 18:57:05 blueness Exp $ - -EAPI="4" - -ETYPE="sources" -K_WANT_GENPATCHES="base extras" -K_GENPATCHES_VER="8" -K_DEBLOB_AVAILABLE="1" - -inherit kernel-2 -detect_version - -HGPV="${KV_MAJOR}.${KV_MINOR}.${KV_PATCH}-1" -HGPV_URI="http://dev.gentoo.org/~blueness/hardened-sources/hardened-patches/xtpax-patches-${HGPV}.extras.tar.bz2" -SRC_URI="${KERNEL_URI} ${HGPV_URI} ${GENPATCHES_URI} ${ARCH_URI}" - -UNIPATCH_LIST="${DISTDIR}/xtpax-patches-${HGPV}.extras.tar.bz2" -UNIPATCH_EXCLUDE="4200_fbcondecor-0.9.6.patch" - -DESCRIPTION="Hardened kernel sources (kernel series ${KV_MAJOR}.${KV_MINOR})" -HOMEPAGE="http://www.gentoo.org/proj/en/hardened/" -IUSE="deblob" - -KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86" - -pkg_postinst() { - kernel-2_pkg_postinst - - local GRADM_COMPAT="sys-apps/gradm-2.2.2*" - - ewarn - ewarn "Hardened Gentoo provides three different predefined grsecurity level:" - ewarn "[server], [workstation], and [virtualization]." - ewarn - ewarn "Those who intend to use one of these predefined grsecurity levels" - ewarn "should read the help associated with the level. Users importing a" - ewarn "kernel configuration from a kernel prior to ${PN}-2.6.32," - ewarn "should review their selected grsecurity/PaX options carefully." - ewarn - ewarn "Users of grsecurity's RBAC system must ensure they are using" - ewarn "${GRADM_COMPAT}, which is compatible with ${PF}." - ewarn "It is strongly recommended that the following command is issued" - ewarn "prior to booting a ${PF} kernel for the first time:" - ewarn - ewarn "emerge -na =${GRADM_COMPAT}" - ewarn -} |