[Devil-linux-commit] build/scripts finalize, 1.15, 1.16 functions, 1.79, 1.80 grub, 1.25, 1.26

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Update of /cvsroot/devil-linux/build/scripts
In directory vz-cvs-3.sog:/tmp/cvs-serv21541/scripts

Modified Files:
	finalize functions grub 
Log Message:
grub is finally operational
removed textrel and other checks


Index: functions
===================================================================
RCS file: /cvsroot/devil-linux/build/scripts/functions,v
retrieving revision 1.79
retrieving revision 1.80
diff -u -d -r1.79 -r1.80

--- functions	5 Dec 2011 09:20:27 -0000	1.79
+++ functions	18 Dec 2011 21:22:49 -0000	1.80
@@ -535,8 +535,6 @@
 	    echo "ERROR couldn't find file $!"
 	    exit 1
 	fi
-	
-	set -x
 
 	if [ ! -f ${FLAGDIR} ]; then
 		for PATCH in $(cat $1 2>/dev/null)

Index: finalize
===================================================================
RCS file: /cvsroot/devil-linux/build/scripts/finalize,v
retrieving revision 1.15
retrieving revision 1.16
diff -u -d -r1.15 -r1.16
--- finalize	10 Dec 2011 20:30:58 -0000	1.15
+++ finalize	18 Dec 2011 21:22:49 -0000	1.16
@@ -35,34 +35,6 @@
 		    ln -sf lib $CDDIR/usr/lib64 || exit 1
 		fi
 
-		TEXT_REL=$(scanelf -qtyR $CDDIR)
-		if [ -n "$TEXT_REL" ]; then
-		    echo "************ WARNING ************"
-		    echo "The following files contain text relocations, please try to get those files to PIC"
-		    echo "$TEXT_REL"
-		fi
-		
-		# now let's search for libraries which have the executable stack flag set 
-		# and error out if we find any (only if PAX or GRSecurity are on)
-		GNU_EXEC_STACK=$(scanelf $CDDIR -eRq | grep -v /boot/grub/kernel.img | grep -v /usr/lib/grub/i386-pc/kernel.img)
-		if [ -n "$GNU_EXEC_STACK" ]; then
-		    if [ "$CONFIG_GRSECURITY" = "y" ] || [ "$CONFIG_PAX" == "y" ]; then
-		        echo "************ ERROR ************"
-		    else
-		        echo "************ WARNING ************"
-		    fi
-		    echo "The following files have the GNU_EXEC_STACK turned on:"
-		    echo "$GNU_EXEC_STACK"
-		    echo "fix this by adding either:"
-		    echo "-Wa,--noexecstack to CC"
-		    echo "or"
-		    echo "-Wl,-z,noexecstack to LD"
-		    echo "worst case just disable it with scanelf"
-		    echo "see http://www.gentoo.org/proj/en/hardened/pax-utils.xml for details"
-		    if [ "$CONFIG_GRSECURITY" = "y" ] || [ "$CONFIG_PAX" == "y" ]; then
-			exit 1
-		    fi
-		fi
 		;;
 
 	* )

Index: grub
===================================================================
RCS file: /cvsroot/devil-linux/build/scripts/grub,v
retrieving revision 1.25
retrieving revision 1.26
diff -u -d -r1.25 -r1.26
--- grub	9 Dec 2011 12:59:49 -0000	1.25
+++ grub	18 Dec 2011 21:22:49 -0000	1.26
@@ -20,19 +20,19 @@
 	build )
 		patch_from_dir ../grub-patches
 		
-                if [ "$CONFIG_GCC_HARDENED" = "y" ]; then
-			export CC="gcc -fno-stack-protector -fno-pic -fno-pie -nopie -Wa,--noexecstack"
-		fi
 		unset CFLAGS
 		unset CXXFLAGS
+		export CC="gcc -specs=${WORKDIR}/gcc-specs-default" 
 		./configure --prefix=/usr --sbindir=/sbin --sysconfdir=/etc --disable-nls || exit 1
-		make $PMAKE LDFLAGS="-Wl,-z,noexecstack" || exit 1
+		make $PMAKE || exit 1
 		;;
 
 	install )
 		rm -rf $TMPDIR || exit 1
 		mkdir -p $TMPDIR || exit 1
 		make install DESTDIR=$TMPDIR || exit 1
+		paxctl -pemrxs $TMPDIR/sbin/*
+		paxctl -pemrxs $TMPDIR/usr/bin/*
 		copy_docs $TMPDIR
 		cp -dpvR $TMPDIR/etc/* $ETCDIR/etc/ || exit 1
 		rm -rf $TMPDIR/etc



