This may be useful e.g. if we attach an additional sysctl by a hardening patch like ebcecf9f12 and then enable that sysctl from another package. That package should require kernel-hardened.
* "E: unstripped-binary-or-object" - debuginfo package has such files
* "W: non-executable-script", "W: script-without-shebang" - kernel
packages have many special scripts which are not expected to be called
directly.
Previous regexp assumed that first level domain is <=4 symbols,
but modern domain zones are longer, e.g. email foo@foo.forex
was incorrectly considered invalid by the old regexp
Move this stuff from macro expansion to the script itself:
the new regexp does not work inside RPM-invoked shell due to
further subshells being invoked by '()' in the regexp
(I don't know how to deal with it, `shopt -u expand_aliases` does not help)
[ Regexp is from logist/wl.cgi ]
eshatokhin@: CONFIG_SECURITY_SELINUX_BOOTPARAM_VALUE is not used since
mainline commit be6ec88f41ba "selinux: Remove SECURITY_SELINUX_BOOTPARAM_VALUE",
so it is not set here.
1f5dcdbf22
eshatokhin@: CONFIG_SECURITY_SELINUX_BOOTPARAM_VALUE is not used since
mainline commit be6ec88f41ba "selinux: Remove SECURITY_SELINUX_BOOTPARAM_VALUE",
so it is not set here.
Starting from the mainline kernel 5.3, it is no longer needed. See
commit 6471384af2a6530696fc0203bafe4de41a23c9ef
Author: Alexander Potapenko <glider@google.com>
Date: Thu Jul 11 20:59:19 2019 -0700
mm: security: introduce init_on_alloc=1 and init_on_free=1 boot options
Now that we have only "nrj-desktop" kernel flavour here, let us remove the
machinery to build several flavours using the same spec file. It should make
its maintenance easier.
Keep the kernel config in a single file for each arch as well.
The changes made to kernel.spec are similar to a combination of the
following commits from import/kernel-desktop-4.15 (it was quite difficult
to port these here one by one, so I ported them together):
bf1aa99555f5 "Simplify the spec file: we have only one kernel flavour per project"
f72456261c92 "Do not waste time creating modules.description"
ef83d37d46c4 "Do not build kernel-source"
eeaf8147710f "Removed the remnant of the old %preun"
2dbf502fd987 "Do not escape '$' in the scriptlets"
