summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--abs/extra/hardening-wrapper/PKGBUILD26
-rw-r--r--abs/extra/hardening-wrapper/hardening-wrapper-i686.conf6
-rw-r--r--abs/extra/hardening-wrapper/hardening-wrapper-x86_64.conf6
-rw-r--r--abs/extra/hardening-wrapper/path.sh1
4 files changed, 39 insertions, 0 deletions
diff --git a/abs/extra/hardening-wrapper/PKGBUILD b/abs/extra/hardening-wrapper/PKGBUILD
new file mode 100644
index 0000000..b863f7e
--- /dev/null
+++ b/abs/extra/hardening-wrapper/PKGBUILD
@@ -0,0 +1,26 @@
+# $Id$
+# Maintainer: Daniel Micay <danielmicay@gmail.com>
+pkgname=hardening-wrapper
+pkgver=10
+pkgrel=1
+pkgdesc='Wrapper scripts for building hardened executables by default'
+arch=(i686 x86_64)
+url='https://github.com/thestinger/hardening-wrapper'
+license=('MIT')
+depends=(bash)
+backup=(etc/hardening-wrapper.conf)
+source=("$pkgname-$pkgver.tar.gz::https://github.com/thestinger/hardening-wrapper/archive/$pkgver.tar.gz"
+ path.sh hardening-wrapper-i686.conf hardening-wrapper-x86_64.conf)
+sha1sums=('61e8c7e3062e6830cd7b190aa6b81834138a7137'
+ '1e5f6d9931f01b26bb4b6fbb839e21d34d534cdc'
+ '6729f0a6d2af72b6def9383e8104d0f763d3f01d'
+ '9453d7984a4a90aa884a51a7bf1bd2c72cbddc9f')
+
+package() {
+ install -Dm644 hardening-wrapper-${CARCH}.conf "$pkgdir/etc/hardening-wrapper.conf"
+ install -Dm644 path.sh "$pkgdir/etc/profile.d/hardening-wrapper.sh"
+
+ cd $pkgname-$pkgver
+ make install DESTDIR="$pkgdir" PREFIX=/usr
+ install -Dm644 LICENSE "$pkgdir/usr/share/licenses/$pkgname/LICENSE"
+}
diff --git a/abs/extra/hardening-wrapper/hardening-wrapper-i686.conf b/abs/extra/hardening-wrapper/hardening-wrapper-i686.conf
new file mode 100644
index 0000000..5bc97ed
--- /dev/null
+++ b/abs/extra/hardening-wrapper/hardening-wrapper-i686.conf
@@ -0,0 +1,6 @@
+HARDENING_BINDNOW=0
+HARDENING_PIE=0
+HARDENING_FORTIFY=2
+HARDENING_RELRO=1
+HARDENING_STACK_CHECK=1
+HARDENING_STACK_PROTECTOR=2
diff --git a/abs/extra/hardening-wrapper/hardening-wrapper-x86_64.conf b/abs/extra/hardening-wrapper/hardening-wrapper-x86_64.conf
new file mode 100644
index 0000000..15d4fd1
--- /dev/null
+++ b/abs/extra/hardening-wrapper/hardening-wrapper-x86_64.conf
@@ -0,0 +1,6 @@
+HARDENING_BINDNOW=0
+HARDENING_PIE=1
+HARDENING_FORTIFY=2
+HARDENING_RELRO=1
+HARDENING_STACK_CHECK=1
+HARDENING_STACK_PROTECTOR=2
diff --git a/abs/extra/hardening-wrapper/path.sh b/abs/extra/hardening-wrapper/path.sh
new file mode 100644
index 0000000..640ab75
--- /dev/null
+++ b/abs/extra/hardening-wrapper/path.sh
@@ -0,0 +1 @@
+export PATH="/usr/lib/hardening-wrapper/bin:$PATH"