blob: 67d52caaa89f06e599e458d1da396f98245200e1 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
|
# Maintainer: Chris Billington <chrisjbillington@gmail.com>
_pkgname=linux-hardened
_pkgver=6.7.11.hardened1
_kernver=6.7.11
_hardenedver=hardened1
_pkgrel=1
pkgbase="${_pkgname}-versioned-bin"
_KERNNAME=6.7.11-hardened1-1-hardened
_versioned_pkgname="linux${_pkgver}-${_pkgrel}-hardened"
pkgname=("${_pkgname}-versioned-bin"
"${_pkgname}-versioned-headers-bin"
"${_pkgname}-versioned-docs-bin"
"${_versioned_pkgname}-bin"
"${_versioned_pkgname}-headers-bin"
"${_versioned_pkgname}-docs-bin")
pkgver=${_pkgver}
pkgrel=${_pkgrel}
pkgdesc="The Security-Hardened Linux kernel and modules | repackaged with a unique package name for each version"
url="https://github.com/anthraxx/linux-hardened"
arch=(x86_64)
license=(GPL2)
options=('!strip')
_kernpkg=${_pkgname}-${_pkgver}-${_pkgrel}-${arch}.pkg.tar.zst
_headerspkg=${_pkgname}-headers-${_pkgver}-${_pkgrel}-${arch}.pkg.tar.zst
_docspkg=${_pkgname}-docs-${_pkgver}-${_pkgrel}-${arch}.pkg.tar.zst
# See if the sources are available from our own mirror:
_kernsrc=$(pacman -Spdd "${_pkgname}" 2> /dev/null)
_headerssrc=$(pacman -Spdd "${_pkgname}-headers" 2> /dev/null)
_docssrc=$(pacman -Spdd "${_pkgname}-docs" 2> /dev/null)
# If not, then use the Arch Linux archive:
if [ "$(basename "${_kernsrc}" 2> /dev/null)" != "${_kernpkg}" ]; then
_arch_archive=https://archive.archlinux.org/packages/.all
_kernsrc=${_arch_archive}/${_kernpkg}
_headerssrc=${_arch_archive}/${_headerspkg}
_docssrc=${_arch_archive}/${_docspkg}
fi
source=("${_kernsrc}"
"${_headerssrc}"
"${_docssrc}")
noextract=("${source[@]##*/}")
sha256sums=('9d21b85cea18f3108ad0f5d16b91989c286d27b3f52e277d3f615d36ddc49bc4'
'b4730eec10870054bf42288134220a28c8e0b54d86117281506e0665dbce4f61'
'23a11a55a67a28bd8504ddc279fb21ee992117ce5013bf632de1974887e6ad83')
package_linux-hardened-versioned-bin() {
pkgdesc="Metapackage depending on ${_versioned_pkgname}-bin"
depends=("${_versioned_pkgname}-bin")
optdepends=('grub-hook: to run grub-mkconfig when kernels are added/removed')
}
package_linux-hardened-versioned-headers-bin() {
pkgdesc="Metapackage depending on ${_versioned_pkgname}-headers-bin"
depends=("${_versioned_pkgname}-headers-bin")
}
package_linux-hardened-versioned-docs-bin() {
pkgdesc="Metapackage depending on ${_versioned_pkgname}-docs-bin"
depends=("${_versioned_pkgname}-docs-bin")
}
package_linux6.7.11.hardened1-1-hardened-bin() {
pkgdesc="The Security-Hardened Linux kernel and modules, version ${_KERNNAME}"
depends=(coreutils
initramfs
kmod)
conflicts=("${_pkgname}")
optdepends=('linux-firmware: firmware images needed for some devices'
'usbctl: deny_new_usb control'
'wireless-regdb: to set the correct wireless channels of your country')
provides=(KSMBD-MODULE
VIRTUALBOX-GUEST-MODULES
WIREGUARD-MODULE)
tar -xf "${_kernpkg}" -C "${pkgdir}"
rm "${pkgdir}"/{.MTREE,.BUILDINFO,.PKGINFO}
sed -ic "s/${_pkgname}/${_KERNNAME}/" "${pkgdir}/usr/lib/modules/${_KERNNAME}/pkgbase"
}
package_linux6.7.11.hardened1-1-hardened-headers-bin() {
pkgdesc="Headers and scripts for building modules for the Security-Hardened Linux kernel ${_KERNNAME}"
depends=(pahole)
conflicts=("${_pkgname}-headers")
tar -xf "${_headerspkg}" -C "${pkgdir}"
rm "${pkgdir}"/{.MTREE,.BUILDINFO,.PKGINFO}
mv "${pkgdir}/usr/src/"{"${_pkgname}","${_versioned_pkgname}"}
}
package_linux6.7.11.hardened1-1-hardened-docs-bin() {
pkgdesc="Documentation for the Security-Hardened Linux kernel ${_KERNNAME}"
conflicts=("${_pkgname}-docs")
tar -xf "${_docspkg}" -C "${pkgdir}"
rm "${pkgdir}"/{.MTREE,.BUILDINFO,.PKGINFO}
mv "${pkgdir}/usr/share/doc/"{"${_pkgname}","${_versioned_pkgname}"}
}
|