movendo libs...

git-svn-id: svn+slack://slack.fluxo.info/var/svn/slackbuilds@693 370017ae-e619-0410-ac65-c121f96126d4

1 files changed, 0 insertions, 223 deletions

diff --git a/kernel-ratten/rt-lsm-0.8.7-kernel.patch b/kernel-ratten/rt-lsm-0.8.7-kernel.patch
deleted file mode 100644
index 194aecfd..00000000
--- a/kernel-ratten/rt-lsm-0.8.7-kernel.patch
+++ /dev/null
@@ -1,223 +0,0 @@
-diff -puN /dev/null Documentation/realtime-lsm.txt
---- /dev/null	2003-09-15 06:40:47.000000000 -0700
-+++ 25-akpm/Documentation/realtime-lsm.txt	2005-02-06 00:32:52.000000000 -0800
-@@ -0,0 +1,39 @@
-+
-+		    Realtime Linux Security Module
-+
-+
-+This Linux Security Module (LSM) enables realtime capabilities.  It
-+was written by Torben Hohn and Jack O'Quin, under the provisions of
-+the GPL (see the COPYING file).  We make no warranty concerning the
-+safety, security or even stability of your system when using it.  But,
-+we will fix problems if you report them.
-+
-+Once the LSM has been installed and the kernel for which it was built
-+is running, the root user can load it and pass parameters as follows:
-+
-+  # modprobe realtime any=1
-+
-+  Any program can request realtime privileges.  This allows any local
-+  user to crash the system by hogging the CPU in a tight loop or
-+  locking down too much memory.  But, it is simple to administer.  :-)
-+
-+  # modprobe realtime gid=29
-+
-+  All users belonging to group 29 and programs that are setgid to that
-+  group have realtime privileges.  Use any group number you like.  A
-+  `gid' of -1 disables group access.
-+
-+  # modprobe realtime mlock=0
-+
-+  Grants realtime scheduling privileges without the ability to lock
-+  memory using mlock() or mlockall() system calls.  This option can be
-+  used in conjunction with any of the other options.
-+
-+After the module is loaded, its parameters can be changed dynamically
-+via sysfs.
-+
-+  # echo 1  > /sys/module/realtime/parameters/any
-+  # echo 29 > /sys/module/realtime/parameters/gid
-+  # echo 1  > /sys/module/realtime/parameters/mlock
-+
-+Jack O'Quin, joq@joq.us
-diff -puN security/Kconfig~rt-lsm security/Kconfig
---- 25/security/Kconfig~rt-lsm	2005-02-06 00:32:52.000000000 -0800
-+++ 25-akpm/security/Kconfig	2005-02-06 00:32:52.000000000 -0800
-@@ -85,6 +85,17 @@ config SECURITY_SECLVL
- 
- 	  If you are unsure how to answer this question, answer N.
- 
-+config SECURITY_REALTIME
-+	tristate "Realtime Capabilities"
-+	depends on SECURITY && SECURITY_CAPABILITIES!=y
-+	default n
-+	help
-+	  This module selectively grants realtime privileges
-+	  controlled by parameters set at load time or via files in
-+	  /sys/module/realtime/parameters.
-+
-+	  If you are unsure how to answer this question, answer N.
-+
- source security/selinux/Kconfig
- 
- endmenu
-diff -puN security/Makefile~rt-lsm security/Makefile
---- 25/security/Makefile~rt-lsm	2005-02-06 00:32:52.000000000 -0800
-+++ 25-akpm/security/Makefile	2005-02-06 00:32:52.000000000 -0800
-@@ -17,3 +17,4 @@ obj-$(CONFIG_SECURITY_SELINUX)		+= selin
- obj-$(CONFIG_SECURITY_CAPABILITIES)	+= commoncap.o capability.o
- obj-$(CONFIG_SECURITY_ROOTPLUG)		+= commoncap.o root_plug.o
- obj-$(CONFIG_SECURITY_SECLVL)		+= seclvl.o
-+obj-$(CONFIG_SECURITY_REALTIME)		+= commoncap.o realtime.o
-diff -puN /dev/null security/realtime.c
---- /dev/null	2003-09-15 06:40:47.000000000 -0700
-+++ 25-akpm/security/realtime.c	2005-02-06 00:32:52.000000000 -0800
-@@ -0,0 +1,146 @@
-+/*
-+ * Realtime Capabilities Linux Security Module
-+ *
-+ *  Copyright (C) 2003 Torben Hohn
-+ *  Copyright (C) 2003-2005 Jack O'Quin
-+ *
-+ *	This program is free software; you can redistribute it and/or modify
-+ *	it under the terms of the GNU General Public License as published by
-+ *	the Free Software Foundation; either version 2 of the License, or
-+ *	(at your option) any later version.
-+ *
-+ */
-+
-+#include <linux/module.h>
-+#include <linux/security.h>
-+
-+#define RT_LSM "Realtime LSM "		/* syslog module name prefix */
-+#define RT_ERR "Realtime: "		/* syslog error message prefix */
-+
-+#include <linux/vermagic.h>
-+MODULE_INFO(vermagic,VERMAGIC_STRING);
-+
-+/* module parameters
-+ *
-+ *  These values could change at any time due to some process writing
-+ *  a new value in /sys/module/realtime/parameters.  This is OK,
-+ *  because each is referenced only once in each function call.
-+ *  Nothing depends on parameters having the same value every time.
-+ */
-+
-+/* if TRUE, any process is realtime */
-+static int rt_any;
-+module_param_named(any, rt_any, int, 0644);
-+MODULE_PARM_DESC(any, " grant realtime privileges to any process.");
-+
-+/* realtime group id, or NO_GROUP */
-+static int rt_gid = -1;
-+module_param_named(gid, rt_gid, int, 0644);
-+MODULE_PARM_DESC(gid, " the group ID with access to realtime privileges.");
-+
-+/* enable mlock() privileges */
-+static int rt_mlock = 1;
-+module_param_named(mlock, rt_mlock, int, 0644);
-+MODULE_PARM_DESC(mlock, " enable memory locking privileges.");
-+
-+/* helper function for testing group membership */
-+static inline int gid_ok(int gid)
-+{
-+	if (gid == -1)
-+		return 0;
-+
-+	if (gid == current->gid)
-+		return 1;
-+
-+	return in_egroup_p(gid);
-+}
-+
-+static void realtime_bprm_apply_creds(struct linux_binprm *bprm, int unsafe)
-+{
-+	cap_bprm_apply_creds(bprm, unsafe);
-+
-+	/*  If a non-zero `any' parameter was specified, we grant
-+	 *  realtime privileges to every process.  If the `gid'
-+	 *  parameter was specified and it matches the group id of the
-+	 *  executable, of the current process or any supplementary
-+	 *  groups, we grant realtime capabilites.
-+	 */
-+
-+	if (rt_any || gid_ok(rt_gid)) {
-+		cap_raise(current->cap_effective, CAP_SYS_NICE);
-+		if (rt_mlock) {
-+			cap_raise(current->cap_effective, CAP_IPC_LOCK);
-+		}
-+	}
-+}
-+
-+static struct security_operations capability_ops = {
-+	.ptrace =			cap_ptrace,
-+	.capget =			cap_capget,
-+	.capset_check =			cap_capset_check,
-+	.capset_set =			cap_capset_set,
-+	.capable =			cap_capable,
-+	.netlink_send =			cap_netlink_send,
-+	.netlink_recv =			cap_netlink_recv,
-+	.bprm_apply_creds =		realtime_bprm_apply_creds,
-+	.bprm_set_security =		cap_bprm_set_security,
-+	.bprm_secureexec =		cap_bprm_secureexec,
-+	.task_post_setuid =		cap_task_post_setuid,
-+	.task_reparent_to_init =	cap_task_reparent_to_init,
-+	.syslog =                       cap_syslog,
-+	.vm_enough_memory =             cap_vm_enough_memory,
-+};
-+
-+#define MY_NAME __stringify(KBUILD_MODNAME)
-+
-+static int secondary;	/* flag to keep track of how we were registered */
-+
-+static int __init realtime_init(void)
-+{
-+	/* register ourselves with the security framework */
-+	if (register_security(&capability_ops)) {
-+
-+		/* try registering with primary module */
-+		if (mod_reg_security(MY_NAME, &capability_ops)) {
-+			printk(KERN_INFO RT_ERR "Failure registering "
-+			       "capabilities with primary security module.\n");
-+			printk(KERN_INFO RT_ERR "Is kernel configured "
-+			       "with CONFIG_SECURITY_CAPABILITIES=m?\n");
-+			return -EINVAL;
-+		}
-+		secondary = 1;
-+	}
-+
-+	if (rt_any)
-+		printk(KERN_INFO RT_LSM
-+		       "initialized (all groups, mlock=%d)\n", rt_mlock);
-+	else if (rt_gid == -1)
-+		printk(KERN_INFO RT_LSM
-+		       "initialized (no groups, mlock=%d)\n", rt_mlock);
-+	else
-+		printk(KERN_INFO RT_LSM
-+		       "initialized (group %d, mlock=%d)\n", rt_gid, rt_mlock);
-+
-+	return 0;
-+}
-+
-+static void __exit realtime_exit(void)
-+{
-+	/* remove ourselves from the security framework */
-+	if (secondary) {
-+		if (mod_unreg_security(MY_NAME, &capability_ops))
-+			printk(KERN_INFO RT_ERR "Failure unregistering "
-+				"capabilities with primary module.\n");
-+
-+	} else if (unregister_security(&capability_ops)) {
-+		printk(KERN_INFO RT_ERR
-+		       "Failure unregistering capabilities with the kernel\n");
-+	}
-+	printk(KERN_INFO "Realtime Capability LSM exiting\n");
-+}
-+
-+security_initcall(realtime_init);
-+module_exit(realtime_exit);
-+
-+MODULE_DESCRIPTION("Realtime Capabilities Security Module");
-+MODULE_LICENSE("GPL");
-_