1 %define name procprotect
5 ### legacy from locally-built kernels, used to define these
6 # kernel_release : 1.fc16 (24 is then the planetlab taglevel)
7 # kernel_version : 3.3.7
8 # kernel_arch : i686 | x86_64
10 # when no custom kernel is being built, kernel_version is defined but empty
11 %define _with_planetlab_kernel %{?kernel_version:1}%{!?kernel_version:0}
12 %if ! %{_with_planetlab_kernel}
13 # compute this with "rpm -q --qf .. kernel-devel" when with the stock kernel
15 #%define module_release %( rpm -q --qf "%{version}" kernel-headers )
16 # causes recursive macro definition no matter how much you quote
20 %define kernel_version %( rpm -q --qf %{percent}%{braop}version%{bracl} kernel-headers )
21 %define kernel_release %( rpm -q --qf %{percent}%{braop}release%{bracl} kernel-headers )
22 %define kernel_arch %( rpm -q --qf %{percent}%{braop}arch%{bracl} kernel-headers )
25 # this is getting really a lot of stuff, could be made simpler probably
26 %define release %{kernel_version}.%{kernel_release}.%{taglevel}%{?pldistro:.%{pldistro}}%{?date:.%{date}}
28 %define kernel_id %{kernel_version}-%{kernel_release}.%{kernel_arch}
29 %define kernelpath /usr/src/kernels/%{kernel_id}
33 Packager: PlanetLab Central <support@planet-lab.org>
34 Distribution: PlanetLab %{plrelease}
42 Group: System Environment/Kernel
43 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-buildroot
44 Source0: procprotect-%{version}.tar.gz
47 ACLs for protecting entries in the proc filesystem.
53 make -C %{kernelpath} V=1 M=$(pwd) modules
56 install -D -m 755 procprotect.ko $RPM_BUILD_ROOT/lib/modules/%{kernel_id}/kernel/net/procprotect/procprotect.ko
57 install -D -m 644 procprotect.conf $RPM_BUILD_ROOT/etc/modules-load.d/procprotect.conf
58 install -D -m 644 procprotect.service $RPM_BUILD_ROOT/usr/lib/systemd/system/procprotect.service
59 install -D -m 755 procprotect.init $RPM_BUILD_ROOT/usr/sbin/procprotect.init
62 rm -rf $RPM_BUILD_ROOT
65 /lib/modules/%{kernel_id}
66 /etc/modules-load.d/procprotect.conf
67 /usr/sbin/procprotect.init
68 /usr/lib/systemd/system/procprotect.service
72 /bin/systemctl enable procprotect.service
77 * Fri Mar 21 2014 Thierry Parmentelat <thierry.parmentelat@sophia.inria.fr> - procprotect-0.4-3
78 - guarded against some hypothetically possible errors
80 * Wed Aug 28 2013 Sapan Bhatia <sapanb@cs.princeton.edu> - procprotect-0.4-2
81 - * Bug fixes that should lead to increased stability
82 - * Install via make and make install
84 * Mon Aug 19 2013 Thierry Parmentelat <thierry.parmentelat@sophia.inria.fr> - procprotect-0.4-1
85 - working version with kernels 3.10
87 * Tue May 21 2013 Sapan Bhatia <sapanb@cs.princeton.edu> - procprotect-0.3-4
88 - Compatibility with kernel 3.9
90 * Wed Apr 24 2013 Sapan Bhatia <sapanb@cs.princeton.edu> - procprotect-0.3-3
91 - - Support for arbitrating writes to entries in /proc
92 - - Compatibility fixes to support kernel 3.8
93 - - Fixed a slippery race condition that may have been responsible an for intermittent kernel crash, and was causing fedora 18 build tests to fail
95 * Wed Apr 24 2013 Sapan Bhatia <sapanb@cs.princeton.edu> - procprotect-0.3-2
97 * Thu Feb 21 2013 Thierry Parmentelat <thierry.parmentelat@sophia.inria.fr> - procprotect-0.3-1
98 - changes for kernel 3.6.2
100 * Mon Nov 26 2012 Thierry Parmentelat <thierry.parmentelat@sophia.inria.fr> - procprotect-0.1-3
101 - Fixed bad security loophole in write path
103 * Mon Jul 09 2012 Thierry Parmentelat <thierry.parmentelat@sophia.inria.fr> - procprotect-0.1-2
104 - module to get loaded at boot-time
git://git.onelab.eu / procprotect.git / blob