From 1fe2e15f37ae92179da08673d0220d400baacf13 Mon Sep 17 00:00:00 2001 From: Dan Goodliffe Date: Mon, 21 May 2018 23:02:44 +0100 Subject: All new kernel build and av-scan scripts --- virtual/miller-base/Manifest | 6 +- virtual/miller-base/files/newkernel | 12 ++- virtual/miller-base/files/weekly-av-scan.cron | 73 ++++++++------- virtual/miller-base/miller-base-10.6.2.ebuild | 126 -------------------------- virtual/miller-base/miller-base-10.7.ebuild | 126 ++++++++++++++++++++++++++ 5 files changed, 180 insertions(+), 163 deletions(-) delete mode 100644 virtual/miller-base/miller-base-10.6.2.ebuild create mode 100644 virtual/miller-base/miller-base-10.7.ebuild diff --git a/virtual/miller-base/Manifest b/virtual/miller-base/Manifest index 9035539..7ffa1d5 100644 --- a/virtual/miller-base/Manifest +++ b/virtual/miller-base/Manifest @@ -1,6 +1,6 @@ AUX auto-download-packages 81 BLAKE2B 18de205f954967907ee4e905ea7710483a69f06e958b3d70cab0daef1945f26d85ecdf1e77c5a1ab1e4b5168a5258b3af89453125d68e0ffa30f69dc4296be21 SHA512 ce5a4d320fa33cceaacd6f446340026d14da04a91b57cfe1bc78d026487748b6644d04d30a3d904af416e8914dd69f0dcfb89267011da59e7084f78f74f8a1b7 AUX kernels-cleaner 171 BLAKE2B b6c1085e0c3813048f2199524b8a7ed5e27e720b7dd642eb5115f8eab0c7d09ac938bf71e4386f4899b6f444deb56a4db9573e031aac0faf3a08fa56339728e3 SHA512 944fe9811e652a7a42f907f229bf955583a7107ccc44d2973ca65bb785b9285b6f88f6f8811d2ce26e9faa3e6d2fb0120c96b6602f8d1234ea4bc1d4726ef15d -AUX newkernel 301 BLAKE2B 6f9c525e2ebea8c549e8d0a06dd1bc9ca1e6055cd7d8d45165a4f15a5379da0358ca00468348f5c6580baa2a493b7f338bd1b0a2ecf4ab6c1e21a541cc978380 SHA512 d338d1604c6ff6ad963187da6bf63d2c25c3286f60bc61301d4f516bcdc4becae99234f663aab171c582804792133d7c4ece755db8967b70a2e85d23ba91bc48 +AUX newkernel 459 BLAKE2B 9f095dae88e51e2c7712d6e04b0bc51c97ef3f89bc26cfeee23adc7f7a878c2a87e7a8ebc3eed5d7d5d648ff5091424fb73c6c387e0ad74895e765d9ba6c1f13 SHA512 25f03840330a2cfd952e5f43422cd3c231ec4ac7eac7f51e42dc6a1779be0f47d7acca684139b720a2604c8be1df6062aef816bbdfb537a7dd8c93267b5eee92 AUX service-check.systemd 57 BLAKE2B 2cda658accd9ec3cce11a742f7ded6c26a676cba10c09830b22c933bbcfa31311ccdf1ba7e4cac31dc6779ce5c5441cfc53aa7b63965998876b85f3791dc8a7a SHA512 58d52a5623f478d2e104047c75fb89656e1cda6a7552e56f552bc075f488577dd856ec60d0e8842a07dadb700205a1dbf27baa9e8889692598d661ae26fdc114 AUX sync-distclean-exec.cron 60 BLAKE2B 986476d7cb8a59a554ef07cebabc1d29aa99662c75d2833ae527a4fdf083166b4e5e1970b00027146dd660c439c68d1f53b7d1e4f60f4989a6d9a27dca2d833e SHA512 e8075f330b879f3888f47086e5fdd0144be7decbe264a105e5071f851065bd6eb55a22be6fb4eb90a4e3bca00e76fee79f372adc5c3a8f25660c61bd9379ab0f AUX systemd-reload 38 BLAKE2B 274ffadc1921939d49ca130847a1d4edfcb6b1c6a50085da1489df01e932599e44015accc1278868a3810c8fab2e26f6a9f102bc80fe0bf70054ea36d0fb2e9d SHA512 ffbf5b57643b30fff86ec16c5d25c50337255ba44f930beba614a4600a4bed61e7ca9ecf9c85ddd7555df4e44c2cd77c2aa0ef321575b712f0d66e21a86c9999 @@ -8,6 +8,6 @@ AUX tmpfiles-d-portage.conf 43 BLAKE2B 0dfdac6e38b9a1ace92e5468c83481b6bd76f1eb6 AUX update-autoshutdown 93 BLAKE2B 399eb628b98f8f5846dd1611226de158c5003d9184047c15d50f823702039e4cc803b2f82711899b6d3c80fcd4d5e631acde8eb09ec5115d2428d93713087064 SHA512 4a08701deb2f6ff98225b49bfd498a81f73bc1c7956cfdf6239cd7aadca5cbef0086bc0d8834f861640b0d4ab0ab4d90777abe1da3b116e4e84d69a3dc8a2a46 AUX update-install2 683 BLAKE2B 22d9b0ee5bf4af8f0ababf8228d1d0b72f52d63eb9c513fa8108429ec833d48064c6a74f4c393cc8008b7d3d4f9ac7ba5c2ad22e2d623d4e3e3ed319e681bde3 SHA512 64895037bb13f59a255c75f852249ff1d23088e9b4faf7e908f9f112a1ce30ce9efe9fc568836da43cddc3c3f906f6c92c62642fd17bc19b74689632c03403b1 AUX update.portage.cron-2 48 BLAKE2B 3dfc6ccfc76500300af4c08eab46f309817fe1b50d0aceaad14e05f73fec23146eb9dcedb53c3db78b222f80530fde7533052253fad80eca0f9c6831ad939955 SHA512 431d8ed50c2fc6d4b0e9e3550e4ba5d8320595961c6dab14820ae7b5abd39bf63cb6afb99724f2b4aebb2c0cf14b46927d2abecb6d9509db158000b8ea6a97b8 -AUX weekly-av-scan.cron 1215 BLAKE2B a69994fc9595a338f2deb9a9a050b2c5e5b6a62cb4776bf48e81575dad87721fac4da82ec2ea83034164fbeb8cff9f9cd3b7cb7716f68ee3d70a94735aed8906 SHA512 3da4781490a1703c0a00884e0a3a053b4a65207a5cb1320418cce02a10fd2c8802d6516cd22080b32d2a36212adbf4b5e471623019997dfddfe6cc1c15bf64a6 +AUX weekly-av-scan.cron 1591 BLAKE2B 8262ff9f7c8aadf503b8fbf0c283f87d619f1ee174bd52762cd421064e3ef6ad301dbfbfdf557334e76c11adc963976417c3275e8c1167d7c609cbdda201ead9 SHA512 6d5ca06bfdb020d1435b51837b4f2f8676cab808e7ffdf39be40e822858f0b7150d16d5fce991fab026c236fd3a32e1ff9a0f7eca62a679e77d1799ed15e2366 AUX write-new-updates 409 BLAKE2B 8fef840edaa32393788c02060350dded10a9d737ac1ad7c4cae1a0428ec823d64d3c7dd2c0efa20b4cd6641efc0ac55face9b40e9cc0a0b90dbe5b0536fb79c3 SHA512 5f6b852ec563f764617d747c3024a89044e409345b599e5476963573f4ef639fcf67c7eadc0cc12857c7e3c0be59a2b912d1d06a10c647c5af61cefd182ff1a5 -EBUILD miller-base-10.6.2.ebuild 3733 BLAKE2B 3e26f9f21a27c122971a582d4de9cbbd42316f04c4f666af2a30c0fa93fb8cb73f6d8a13195659eee615f6e56b384639827da4340831f8d71aca65fd6d960697 SHA512 cc26fe10540e7204325e4b4239f4e312a87a2c635689a1f494267be6e0cbe9cc1655e6f5e38c68a94d1243f1cd2b010b64e7683c2c494eed026395d68069bca3 +EBUILD miller-base-10.7.ebuild 3733 BLAKE2B 3e26f9f21a27c122971a582d4de9cbbd42316f04c4f666af2a30c0fa93fb8cb73f6d8a13195659eee615f6e56b384639827da4340831f8d71aca65fd6d960697 SHA512 cc26fe10540e7204325e4b4239f4e312a87a2c635689a1f494267be6e0cbe9cc1655e6f5e38c68a94d1243f1cd2b010b64e7683c2c494eed026395d68069bca3 diff --git a/virtual/miller-base/files/newkernel b/virtual/miller-base/files/newkernel index 450abae..e66e19c 100755 --- a/virtual/miller-base/files/newkernel +++ b/virtual/miller-base/files/newkernel @@ -2,11 +2,17 @@ [ -s "$PORTAGE_TMPDIR" ] && exec -c /bin/bash -l -c $0 +TMPDIR=/var/tmp/kernel +OUTDIR=$TMPDIR/build +export CCACHE_DIR=$TMPDIR/.ccache +export CCACHE_HARDLINK=true + if [ /usr/src/linux -nt /boot ] ; then - if [ ! -f /usr/src/linux/.config -a -f /proc/config.gz ] ; then - zcat /proc/config.gz > /usr/src/linux/.config + mkdir -p $OUTDIR $CCACHE_DIR + if [ ! -f $OUTDIR/.config -a -f /proc/config.gz ] ; then + zcat /proc/config.gz > $OUTDIR/.config fi - genkernel all && \ + genkernel --clean --kernel-outputdir=$OUTDIR all && \ grub-mkconfig -o /boot/grub/grub.cfg touch /boot fi diff --git a/virtual/miller-base/files/weekly-av-scan.cron b/virtual/miller-base/files/weekly-av-scan.cron index 53b1c9f..c16ed8d 100755 --- a/virtual/miller-base/files/weekly-av-scan.cron +++ b/virtual/miller-base/files/weekly-av-scan.cron @@ -9,26 +9,47 @@ if [ -f /etc/conf.d/av-scan ] ; then set +o allexport fi -declare -a EXCL -declare -A M -EXCL=( - $(portageq distdir) - $(portageq pkgdir) - $(portageq get_repo_path / $(portageq get_repos /)) - $(mount | grep -v ^/dev/ | sort -u -k3,3 | cut -d ' ' -f 3 | sort -u) - $(mount | grep ^/dev | while read dev on path type fs opts ; do - devhash=${dev//\//_} - if [ ${M[$devhash]} ] ; then - echo $path - else - M[$devhash]=$path - fi - done) -) -echo "Excluding:" -echo ${EXCL[@]} -echo -EXCLARGS=("${EXCL[@]/#/-x }") +if [ $$ == 1 ]; then + echo "Running in private namespace." + echo + echo "Unmounting non-device file systems..." + grep -v '^\(/dev\|proc\|udev\|none\|systemd-\)' /proc/mounts | cut -d ' ' -f 2 | sort -ru | xargs umount -n + + echo "Remounting remaining devices with noatime..." + grep '^/dev/' /proc/mounts | cut -d ' ' -f 2 | xargs -n1 mount -n -o remount,noatime + echo + + declare -a EXCL + declare -A M + EXCL=( + $(portageq distdir) + $(portageq pkgdir) + $(portageq get_repo_path / $(portageq get_repos /)) + $(mount | grep -v ^/dev/ | sort -u -k3,3 | cut -d ' ' -f 3 | sort -u) + $(mount | grep ^/dev | while read dev on path type fs opts ; do + devhash=${dev//\//_} + if [ ${M[$devhash]} ] ; then + echo $path + else + M[$devhash]=$path + fi + done) + ) + echo "Excluding:" + echo ${EXCL[@]} + echo + EXCLARGS=("${EXCL[@]/#/-x }") + + if [ -S ${CLAMDSOCK} -a ${CLAMD} != "no" ] ; then + echo "Using clamd" + clamdscan -i --fdpass -f <(simplifind -r / ${EXCLARGS[@]}) -m -l /var/log/av-scan.log + else + echo "Using clamscan" + simplifind -r / ${EXCLARGS[@]} | xargs nice clamscan -ri -l /var/log/av-scan.log + fi + + exit +fi if [ ! -S ${CLAMDSOCK} -a ${CLAMD} = "yes" ] ; then echo "Starting clamd..." @@ -36,17 +57,7 @@ if [ ! -S ${CLAMDSOCK} -a ${CLAMD} = "yes" ] ; then CLAMD="started" fi -if [ -S ${CLAMDSOCK} -a ${CLAMD} != "no" ] ; then - echo "Using clamd" - rm -f /tmp/scan - mkfifo /tmp/scan - simplifind -r / ${EXCLARGS[@]} > /tmp/scan & - clamdscan -i --fdpass -f /tmp/scan -m -l /var/log/av-scan.log - rm -f /tmp/scan -else - echo "Using clamscan" - simplifind -r / ${EXCLARGS[@]} | xargs nice clamscan -ri -l /var/log/av-scan.log -fi +unshare --pid --mount --mount-proc --fork $0 if [ -S ${CLAMDSOCK} -a ${CLAMD} = "started" ] ; then echo "Stopping clamd..." diff --git a/virtual/miller-base/miller-base-10.6.2.ebuild b/virtual/miller-base/miller-base-10.6.2.ebuild deleted file mode 100644 index 595ccd7..0000000 --- a/virtual/miller-base/miller-base-10.6.2.ebuild +++ /dev/null @@ -1,126 +0,0 @@ -EAPI="6" -inherit systemd -DESCRIPTION="Virtual for base systems" - -SLOT="0" -KEYWORDS="alpha amd64 arm ia64 mips ppc ppc-macos sparc sparc-fbsd x86 x86-fbsd" -IUSE="cdr hardened nohourlyupdate fuse xfs btrfs bash-completion git samba -minimal autoupdate autoshutdown autoservicerestart sw-suspend mdadm -video_cards_nvidia video_cards_nouveau firmware ischroot" - -RDEPEND=" - app-misc/simplify - app-arch/hardlink - sys-process/htop - sys-process/iotop - sys-apps/less - fuse? ( net-fs/sshfs ) - !ischroot? ( - sys-kernel/kergen - sys-apps/ethtool - sys-cluster/netfs - sys-apps/kexec-tools - >=app-admin/eclean-kernel-1.99 - mdadm? ( sys-fs/mdadm ) - cdr? ( kde-apps/k3b ) - sys-apps/hdparm - xfs? ( sys-fs/xfsdump ) - btrfs? ( sys-fs/btrfs-progs ) - sys-fs/lvm2 - >=sys-boot/grub-2 - sys-apps/busybox - sys-kernel/genkernel-next - sys-process/vixie-cron - sys-apps/pciutils - sys-apps/usbutils - samba? ( || ( net-fs/cifs-utils net-fs/samba[client] ) ) - firmware? ( sys-kernel/linux-firmware ) - app-admin/logrotate - video_cards_nvidia? ( sys-apps/v86d ) - video_cards_nouveau? ( sys-firmware/nvidia-firmware ) - ) - >=app-portage/gentoolkit-0.2.1 - app-admin/sudo - mail-client/mailx - !minimal? ( - app-shells/thefuck - app-shells/hstr - x11-apps/xauth - sys-apps/moreutils - dev-util/strace - net-analyzer/netcat - net-ftp/ncftp - app-text/dos2unix - net-dns/bind-tools - !ischroot? ( - www-servers/apache - app-antivirus/clamav - ) - ) - sys-process/lsof - app-portage/layman[git] - !hardened? ( - sys-devel/prelink - ) - !ischroot? ( - !sw-suspend? ( sys-kernel/gentoo-sources ) - sw-suspend? ( sys-apps/tuxonice-userui - || ( sys-kernel/tuxonice-sources - sys-kernel/pf-sources ) ) ) - app-misc/screen - app-vim/gentoo-syntax - sys-auth/pam_ldap - sys-auth/nss_ldap - app-editors/gvim - git? ( dev-vcs/git ) - bash-completion? ( app-shells/bash-completion ) - sys-apps/systemd - autoservicerestart? ( - sys-apps/autorestart - ) - " - -src_unpack() { - mkdir ${S} -} - -src_install() { - exeinto /etc/cron.hourly - newexe "${FILESDIR}"/service-check.systemd service-check - systemd_newtmpfilesd "${FILESDIR}/tmpfiles-d-portage.conf" "portage.conf" - dodir /etc/systemd/system/multi-user.target.wants - dosym /lib/systemd/system/freshclamd.service /etc/systemd/system/multi-user.target.wants/freshclamd.service - dosym /lib/systemd/system/nscd.service /etc/systemd/system/multi-user.target.wants/nscd.service - dosym /lib/systemd/system/sshd.service /etc/systemd/system/multi-user.target.wants/sshd.service - dosym /lib/systemd/system/vixie-cron.service /etc/systemd/system/multi-user.target.wants/vixie-cron.service - - exeinto /etc/cron.weekly - use !minimal && newexe "${FILESDIR}"/weekly-av-scan.cron av-scan - use !minimal && newexe "${FILESDIR}"/kernels-cleaner kernels-cleaner - - if [ -n "${UPDATETIME}" ]; then - mkdir -p ${D}/etc/cron.d - echo "${UPDATETIME} root /sbin/gentoo-portage-update" > ${D}/etc/cron.d/gentoo-portage-update - exeinto /sbin - else - use nohourlyupdate && exeinto /etc/cron.daily - use !nohourlyupdate && exeinto /etc/cron.hourly - fi - newexe "${FILESDIR}"/update.portage.cron-2 gentoo-portage-update - - exeinto /etc/portage/postsync.d/ - newexe "${FILESDIR}"/sync-distclean-exec.cron 60-portage-distclean-exec - use !autoupdate && newexe "${FILESDIR}"/auto-download-packages 70-auto-download-package - newexe "${FILESDIR}"/write-new-updates 50-write-new-updates - newexe "${FILESDIR}"/newkernel 80-newkernel - newexe "${FILESDIR}"/systemd-reload 90-systemd-reload - if use autoupdate ; then - dosym /sbin/update-install /etc/portage/postsync.d/75-update-install - if use autoshutdown ; then - newexe "${FILESDIR}"/update-autoshutdown 99-auto-shutdown - fi - fi - - exeinto /sbin - newexe "${FILESDIR}"/update-install2 update-install -} diff --git a/virtual/miller-base/miller-base-10.7.ebuild b/virtual/miller-base/miller-base-10.7.ebuild new file mode 100644 index 0000000..595ccd7 --- /dev/null +++ b/virtual/miller-base/miller-base-10.7.ebuild @@ -0,0 +1,126 @@ +EAPI="6" +inherit systemd +DESCRIPTION="Virtual for base systems" + +SLOT="0" +KEYWORDS="alpha amd64 arm ia64 mips ppc ppc-macos sparc sparc-fbsd x86 x86-fbsd" +IUSE="cdr hardened nohourlyupdate fuse xfs btrfs bash-completion git samba +minimal autoupdate autoshutdown autoservicerestart sw-suspend mdadm +video_cards_nvidia video_cards_nouveau firmware ischroot" + +RDEPEND=" + app-misc/simplify + app-arch/hardlink + sys-process/htop + sys-process/iotop + sys-apps/less + fuse? ( net-fs/sshfs ) + !ischroot? ( + sys-kernel/kergen + sys-apps/ethtool + sys-cluster/netfs + sys-apps/kexec-tools + >=app-admin/eclean-kernel-1.99 + mdadm? ( sys-fs/mdadm ) + cdr? ( kde-apps/k3b ) + sys-apps/hdparm + xfs? ( sys-fs/xfsdump ) + btrfs? ( sys-fs/btrfs-progs ) + sys-fs/lvm2 + >=sys-boot/grub-2 + sys-apps/busybox + sys-kernel/genkernel-next + sys-process/vixie-cron + sys-apps/pciutils + sys-apps/usbutils + samba? ( || ( net-fs/cifs-utils net-fs/samba[client] ) ) + firmware? ( sys-kernel/linux-firmware ) + app-admin/logrotate + video_cards_nvidia? ( sys-apps/v86d ) + video_cards_nouveau? ( sys-firmware/nvidia-firmware ) + ) + >=app-portage/gentoolkit-0.2.1 + app-admin/sudo + mail-client/mailx + !minimal? ( + app-shells/thefuck + app-shells/hstr + x11-apps/xauth + sys-apps/moreutils + dev-util/strace + net-analyzer/netcat + net-ftp/ncftp + app-text/dos2unix + net-dns/bind-tools + !ischroot? ( + www-servers/apache + app-antivirus/clamav + ) + ) + sys-process/lsof + app-portage/layman[git] + !hardened? ( + sys-devel/prelink + ) + !ischroot? ( + !sw-suspend? ( sys-kernel/gentoo-sources ) + sw-suspend? ( sys-apps/tuxonice-userui + || ( sys-kernel/tuxonice-sources + sys-kernel/pf-sources ) ) ) + app-misc/screen + app-vim/gentoo-syntax + sys-auth/pam_ldap + sys-auth/nss_ldap + app-editors/gvim + git? ( dev-vcs/git ) + bash-completion? ( app-shells/bash-completion ) + sys-apps/systemd + autoservicerestart? ( + sys-apps/autorestart + ) + " + +src_unpack() { + mkdir ${S} +} + +src_install() { + exeinto /etc/cron.hourly + newexe "${FILESDIR}"/service-check.systemd service-check + systemd_newtmpfilesd "${FILESDIR}/tmpfiles-d-portage.conf" "portage.conf" + dodir /etc/systemd/system/multi-user.target.wants + dosym /lib/systemd/system/freshclamd.service /etc/systemd/system/multi-user.target.wants/freshclamd.service + dosym /lib/systemd/system/nscd.service /etc/systemd/system/multi-user.target.wants/nscd.service + dosym /lib/systemd/system/sshd.service /etc/systemd/system/multi-user.target.wants/sshd.service + dosym /lib/systemd/system/vixie-cron.service /etc/systemd/system/multi-user.target.wants/vixie-cron.service + + exeinto /etc/cron.weekly + use !minimal && newexe "${FILESDIR}"/weekly-av-scan.cron av-scan + use !minimal && newexe "${FILESDIR}"/kernels-cleaner kernels-cleaner + + if [ -n "${UPDATETIME}" ]; then + mkdir -p ${D}/etc/cron.d + echo "${UPDATETIME} root /sbin/gentoo-portage-update" > ${D}/etc/cron.d/gentoo-portage-update + exeinto /sbin + else + use nohourlyupdate && exeinto /etc/cron.daily + use !nohourlyupdate && exeinto /etc/cron.hourly + fi + newexe "${FILESDIR}"/update.portage.cron-2 gentoo-portage-update + + exeinto /etc/portage/postsync.d/ + newexe "${FILESDIR}"/sync-distclean-exec.cron 60-portage-distclean-exec + use !autoupdate && newexe "${FILESDIR}"/auto-download-packages 70-auto-download-package + newexe "${FILESDIR}"/write-new-updates 50-write-new-updates + newexe "${FILESDIR}"/newkernel 80-newkernel + newexe "${FILESDIR}"/systemd-reload 90-systemd-reload + if use autoupdate ; then + dosym /sbin/update-install /etc/portage/postsync.d/75-update-install + if use autoshutdown ; then + newexe "${FILESDIR}"/update-autoshutdown 99-auto-shutdown + fi + fi + + exeinto /sbin + newexe "${FILESDIR}"/update-install2 update-install +} -- cgit v1.2.3