From: Michael Tremer <michael.tremer@ipfire.org>
Date: Sat, 11 Jun 2011 17:12:31 +0000 (+0200)
Subject: kernel: Change /proc group to gid 10 (=wheel).
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b0cc67f047e6aad1dfe2cc909b425380496fd9f1;p=ipfire-3.x.git

kernel: Change /proc group to gid 10 (=wheel).

grsecurity provides a feature to restrict access to /proc. In our
particular setting, nobody than root is allow to access all of the
/proc fs, but as we need some processes to get access to it as well
(snmpd, radvd, ...) we need a group to allow that.

I have choosen "wheel" as it is recommended by spengler.
---

diff --git a/pkgs/kernel/config b/pkgs/kernel/config
index fd7aad462..9070effef 100644
--- a/pkgs/kernel/config
+++ b/pkgs/kernel/config
@@ -4086,7 +4086,7 @@ CONFIG_GRKERNSEC_ACL_TIMEOUT=30
 CONFIG_GRKERNSEC_PROC=y
 # CONFIG_GRKERNSEC_PROC_USER is not set
 CONFIG_GRKERNSEC_PROC_USERGROUP=y
-CONFIG_GRKERNSEC_PROC_GID=1001
+CONFIG_GRKERNSEC_PROC_GID=10
 CONFIG_GRKERNSEC_PROC_ADD=y
 CONFIG_GRKERNSEC_LINK=y
 CONFIG_GRKERNSEC_FIFO=y
diff --git a/pkgs/kernel/kernel.nm b/pkgs/kernel/kernel.nm
index f78e178fe..4f637c73a 100644
--- a/pkgs/kernel/kernel.nm
+++ b/pkgs/kernel/kernel.nm
@@ -26,7 +26,7 @@ include $(PKGROOT)/Include
 
 PKG_NAME       = linux
 PKG_VER        = 2.6.39
-PKG_REL        = 1
+PKG_REL        = 2
 
 PKG_MAINTAINER = Michael Tremer <michael.tremer@ipfire.org>
 PKG_GROUPS     = System/Kernels