From: Michael Tremer <michael.tremer@ipfire.org>
Date: Sat, 20 Oct 2012 10:06:32 +0000 (+0000)
Subject: kernel: Disable some chroot hardening options.
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=refs%2Fheads%2Fkernel;p=people%2Fms%2Fipfire-3.x.git

kernel: Disable some chroot hardening options.

These are not working very well in a build environment.
---

diff --git a/kernel/config-generic b/kernel/config-generic
index a2b2e3bff..30271fee2 100644
--- a/kernel/config-generic
+++ b/kernel/config-generic
@@ -4107,9 +4107,9 @@ CONFIG_GRKERNSEC_CHROOT_MOUNT=y
 CONFIG_GRKERNSEC_CHROOT_DOUBLE=y
 CONFIG_GRKERNSEC_CHROOT_PIVOT=y
 CONFIG_GRKERNSEC_CHROOT_CHDIR=y
-CONFIG_GRKERNSEC_CHROOT_CHMOD=y
+# CONFIG_GRKERNSEC_CHROOT_CHMOD is not set
 CONFIG_GRKERNSEC_CHROOT_FCHDIR=y
-CONFIG_GRKERNSEC_CHROOT_MKNOD=y
+# CONFIG_GRKERNSEC_CHROOT_MKNOD is not set
 CONFIG_GRKERNSEC_CHROOT_SHMAT=y
 CONFIG_GRKERNSEC_CHROOT_UNIX=y
 CONFIG_GRKERNSEC_CHROOT_FINDTASK=y
diff --git a/kernel/kernel.nm b/kernel/kernel.nm
index 5ff9ba395..37b565826 100644
--- a/kernel/kernel.nm
+++ b/kernel/kernel.nm
@@ -5,7 +5,7 @@
 
 name       = kernel
 version    = 3.5.3
-release    = 0.1
+release    = 0.2
 thisapp    = linux-%{version}
 
 maintainer = Michael Tremer <michael.tremer@ipfire.org>