* izmjena imena iz kernel-2.6-cn u genericki kernel-cn

* izmjene za Wheezy

diff --git a/50-carnet.conf b/50-carnet.conf
index a794d4b..2e12ab6 100644 (file)
--- a/50-carnet.conf
+++ b/50-carnet.conf
@@ -16,11 +16,8 @@ net.ipv4.conf.eth0.send_redirects=0
 net.ipv4.icmp_echo_ignore_broadcasts=1
 net.ipv4.icmp_ignore_bogus_error_responses=1
 net.ipv4.tcp_ecn=0
 net.ipv4.icmp_echo_ignore_broadcasts=1
 net.ipv4.icmp_ignore_bogus_error_responses=1
 net.ipv4.tcp_ecn=0

-net.ipv4.tcp_max_syn_backlog=2048
-net.ipv4.tcp_mtu_probing=1
-net.ipv4.tcp_retries1=2
+net.ipv4.tcp_max_syn_backlog=4096

 net.ipv4.tcp_rfc1337=1
 net.ipv4.tcp_rfc1337=1

-net.ipv4.tcp_synack_retries=2

 net.ipv4.tcp_syncookies=1
 vm.min_free_kbytes=10240
 vm.mmap_min_addr=65536
 net.ipv4.tcp_syncookies=1
 vm.min_free_kbytes=10240
 vm.mmap_min_addr=65536

diff --git a/NEWS.CARNet b/NEWS.CARNet
index e4069c7..1273f6b 100644 (file)
--- a/NEWS.CARNet
+++ b/NEWS.CARNet
@@ -1,47 +1,7 @@
-kernel-2.6-cn
-~~~~~~~~~~~~~
+kernel-cn
+~~~~~~~~~

 
 

-Kao sto znate, kernel-2.6-cn je modificirani kernel koji sadrzava,
-najcesce sigurnosne, dodatke koje smo odabirali, implementirali i
-testirali za vas.  Nazalost, ovakav pristup je znacio odredjeno kasnjenje
-nasih kernela u odnosu na sluzbene Debianovi zbog dodatnog kompleksnog
-testiranja i provjera.
+Pocevsi od Debian Squeezea, kernel-2.6-cn i kernel-cn su zapravo samo
+skupine tweakova povrh standardnog Debian kernela.

 
 

-Dodatno, s vremenom su Debianovi kerneli postajali sve bolji, a neke
-nastite su postale standardno implementirane u hardveru (poput zastite od
-buffer overflow napada uporabom NX - No eXecute, tehnologije). Vise
-informacija mozete naci na http://en.wikipedia.org/wiki/NX_bit.
-
-Svi posluzitelji isporuceni ustanovama clanicama u zadnjih 5 godina su
-ovog tipa (AMD64), a zasticeni su cak i u 32-bitnom modu (pod uvjetom da
-rabite BIGMEM kernel).
-
-Odvagnuvsi s jedne strane sve prednosti i mane modificiranog, a s druge
-sluzbenog Debianovog kernela, odlucili smo napustiti izradu vlastitog
-kernela u korist uporabe Debianovog.
-
-Za veliku vecinu korisnika vidljivih promjena ne bi trebalo biti.
-Kernel-cn ce i dalje postojati kao paket, jer on radi odredjene
-modifikacije sustava i trebao bi ostati na sustavu.
-
-Od razlika izmedju CARNetovog i Debianovog kernela, spomenut cemo
-najbitnije:
-
-- ExecShield - zamjenjuje ga hardverska zastita (NX-bit) unutar procesora
-   (Athlon 64 i noviji, Pentium 4 i noviji).
-
-- Layer 7 filtering - nije ugradjen u Debianove kernele. Novi paket
-   kernel-2.6-cn ce detektirati ukoliko rabite L7 filtering i odbit ce se
-   instalirati. Svega nekolicina kolega rabi ovu tehnologiju, pa smatramo
-   da ovo nece biti problem. Ukoliko ipak trebate imati ovakav kernel, a
-   ne znate sami komplirati kernel, pomoci cemo vam da sami napravite svoj
-   kernel koji ukljucuje ovaj dodatak.
-
-- druge promjene su male, i u vecini slucajeva se jednak rezultat moze
-   dobiti podesavanjem sustava putem /etc/sysctl.conf konfiguracijske
-   datoteke (sto ce raditi paket kernel-2.6-cn).
-
-Vjerujemo da ce navedena promjena, zbog brzog odziva Debianovog sigurnosnog
-tima, znaciti i povecanu sigurnost nasih i vasih posluzitelja.
-
- -- Dinko Korunic <kreator@carnet.hr>  Thu, 28 Apr 2011 09:40:26 +0200
+ -- Dinko Korunic <kreator@carnet.hr>  Wed, 23 Oct 2013 15:16:20 +0200

diff --git a/README.CARNet b/README.CARNet
index 79e1a77..4e9e952 100644 (file)
--- a/README.CARNet
+++ b/README.CARNet
@@ -1,4 +1,4 @@
-kernel-2.6-cn
+kernel-cn

 ~~~~~~~~~~~~~
 
 Ovo je virtualni paket koji modificira tipicni Debian posluzitelj sa
 ~~~~~~~~~~~~~
 
 Ovo je virtualni paket koji modificira tipicni Debian posluzitelj sa

@@ -30,4 +30,4 @@ Datoteke koje se mijenjaju uvjetno ili bezuvjetno:
   /vmlinuz /vmlinuz.old /boot/vmlinuz.plain -> eliminacija starih i
   zaostalih symlinkova
 
   /vmlinuz /vmlinuz.old /boot/vmlinuz.plain -> eliminacija starih i
   zaostalih symlinkova
 

- -- Dinko Korunic <kreator@carnet.hr>  Thu, 28 Apr 2011 09:40:36 +0200
+ -- Dinko Korunic <kreator@carnet.hr>  Wed, 23 Oct 2013 15:16:43 +0200

diff --git a/debian/changelog b/debian/changelog
index d4e6692..166ba1c 100644 (file)
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+kernel-cn (3:3.2.0) stable; urgency=low
+
+  * izmjena imena iz kernel-2.6-cn u genericki kernel-cn
+  * izmjene za Wheezy
+
+ -- Dinko Korunic <kreator@carnet.hr>  Wed, 23 Oct 2013 15:18:11 +0200
+

 kernel-2.6-cn (3:2.6.32.1) stable; urgency=low
 
   * #14002: kernel-2.6-cn/lenny: koristiti /etc/sysctl.d/
 kernel-2.6-cn (3:2.6.32.1) stable; urgency=low
 
   * #14002: kernel-2.6-cn/lenny: koristiti /etc/sysctl.d/

diff --git a/debian/compat b/debian/compat
index 7f8f011..ec63514 100644 (file)
--- a/debian/compat
+++ b/debian/compat
@@ -1 +1 @@
-7
+9

diff --git a/debian/config b/debian/config
index b0a9aee..9845cb7 100644 (file)
--- a/debian/config
+++ b/debian/config
@@ -19,7 +19,9 @@ for i in $DIVERT_TO; do
         dpkg-divert --remove --rename --package 'kernel-2.6-cn' \
             --divert /usr/sbin/$i.real /usr/sbin/$i
 
         dpkg-divert --remove --rename --package 'kernel-2.6-cn' \
             --divert /usr/sbin/$i.real /usr/sbin/$i
 

-        sed -i "/^\/usr\/sbin\/$i/d" /var/lib/dpkg/info/kernel-2.6-cn.list
+       if [ -e /var/lib/dpkg/info/kernel-2.6-cn.list ]; then
+               sed -i "/^\/usr\/sbin\/$i/d" /var/lib/dpkg/info/kernel-2.6-cn.list
+       fi

     fi
 done
 
     fi
 done
 

diff --git a/debian/control b/debian/control
index 6315c48..6350490 100644 (file)
--- a/debian/control
+++ b/debian/control
@@ -1,16 +1,16 @@
-Source: kernel-2.6-cn
+Source: kernel-cn

 Section: base
 Priority: required
 Maintainer: Dinko Korunic <kreator@CARNet.hr>
 Section: base
 Priority: required
 Maintainer: Dinko Korunic <kreator@CARNet.hr>

-Build-Depends: debhelper (>= 7), po-debconf
-Standards-Version: 3.9.1
+Build-Depends: debhelper (>= 9.20120909), po-debconf
+Standards-Version: 3.9.4

 
 

-Package: kernel-2.6-cn
+Package: kernel-cn

 Architecture: all
 Section: admin
 Architecture: all
 Section: admin

-Depends: grub-legacy (>= 0.97-64) | grub-pc (>= 1.98+20100804-14), procps (>= 1:3.2.8-9), udev (>= 164-3), carnet-tools-cn (>= 2.8.2), module-init-tools (>= 3.12-1), mount (>= 2.17.2-9), e2fsprogs (>= 1.41.12-2), microcode.ctl (>= 1.17-13), irqbalance (>= 0.56-1), mdadm (>= 3.1.4-1+8efb9d1), firmware-bnx2 (>= 0.28), linux-image-686-bigmem | linux-image-amd64, debconf, ${misc:Depends}
-Conflicts: iplogger, kernel-cn, kernel-2.4-cn (<< 2.4.33-2), linux-image-2.6.26-2+cn1-486, linux-image-2.6.26-2+cn1-686, linux-image-2.6.26-2+cn1-686-bigmem, linux-image-2.6.26-2+cn1-amd64
-Replaces: kernel-cn, kernel-2.4-cn
+Depends: grub-legacy (>= 0.97-67) | grub-pc (>= 1.99-27+deb7u1), procps (>= 1:3.3.3-3), udev (>= 175-7.2), carnet-tools-cn (>= 3.0.4), kmod (>= 9-3), mount (>= 2.20.1-5.3), e2fsprogs (>= 1.42.5-1.1), irqbalance (>= 1.0.3-3), mdadm (>= 3.2.5-5), firmware-bnx2 (>= 0.36+wheezy.1), firmware-linux-free (>= 3.2), firmware-linux-nonfree (>= 0.36+wheezy.1), linux-image-686-bigmem | linux-image-amd64, debconf, ${misc:Depends}
+Conflicts: iplogger, kernel-2.6-cn, kernel-2.4-cn, linux-image-2.6.26-2+cn1-486, linux-image-2.6.26-2+cn1-686, linux-image-2.6.26-2+cn1-686-bigmem, linux-image-2.6.26-2+cn1-amd64
+Replaces: kernel-2.4-cn, kernel-2.6-cn

 Provides: kernel-cn
 Recommends: memtest86+
 Description: Linux kernel virtual package for CARNet Linux servers
 Provides: kernel-cn
 Recommends: memtest86+
 Description: Linux kernel virtual package for CARNet Linux servers

diff --git a/debian/copyright b/debian/copyright
index 20a44fd..b959369 100644 (file)
--- a/debian/copyright
+++ b/debian/copyright
@@ -1,6 +1,6 @@
 Copyright:
 
 Copyright:
 

-   Copyright (C) 2009  Dinko Korunic, CARNet, Grupa za izradu paketa
+   Copyright (C) 2013  Dinko Korunic, CARNet, Grupa za izradu paketa

 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by

diff --git a/debian/dirs b/debian/dirs
index ba5e80a..a583be7 100644 (file)
--- a/debian/dirs
+++ b/debian/dirs
@@ -1 +1 @@
-usr/share/kernel-2.6-cn
+usr/share/kernel-cn

diff --git a/debian/install b/debian/install
index b39c106..de6844b 100644 (file)
--- a/debian/install
+++ b/debian/install
@@ -1,2 +1,2 @@
-grub-functions.sh usr/share/kernel-2.6-cn
+grub-functions.sh usr/share/kernel-cn

 50-carnet.conf /etc/sysctl.d
 50-carnet.conf /etc/sysctl.d

diff --git a/debian/postinst b/debian/postinst
index 1ff9d57..29e424e 100755 (executable)
--- a/debian/postinst
+++ b/debian/postinst
@@ -1,5 +1,5 @@
 #!/bin/sh
 #!/bin/sh

-# postinst script for kernel-2.6-cn
+# postinst script for kernel-cn

 #
 # see: dh_installdeb(1)
 
 #
 # see: dh_installdeb(1)
 

@@ -34,7 +34,7 @@ esac
 . /usr/share/carnet-tools/functions.sh
 
 # import GRUB helper functions
 . /usr/share/carnet-tools/functions.sh
 
 # import GRUB helper functions

-. /usr/share/kernel-2.6-cn/grub-functions.sh
+. /usr/share/kernel-cn/grub-functions.sh

 
 ################################################################################
 
 
 ################################################################################
 

@@ -89,7 +89,7 @@ echo "."
 # detect existing Grub2 installation
 
 GRUB2="no"
 # detect existing Grub2 installation
 
 GRUB2="no"

-if [ \( -e /boot/grub/grub.cfg \) -o \( -e /boot/grub/core.img \) ]; then
+if [ \( -e /boot/grub/grub.cfg \) -o \( -e /boot/grub/core.img \) -o \( -e /usr/lib/grub/i386-pc/ext2.mod \) ]; then

     echo "CN: Detected GRUB2 installation, will try to use it."
     GRUB2="yes"
     if [ -e /boot/grub/menu.lst ]; then
     echo "CN: Detected GRUB2 installation, will try to use it."
     GRUB2="yes"
     if [ -e /boot/grub/menu.lst ]; then

@@ -246,7 +246,7 @@ fi
 echo -n " grub3"
 
 # import GRUB helper functions (again, updated device map)
 echo -n " grub3"
 
 # import GRUB helper functions (again, updated device map)

-. /usr/share/kernel-2.6-cn/grub-functions.sh
+. /usr/share/kernel-cn/grub-functions.sh

 
 if [ "x$GRUB2" = "xno" ]; then
     # Grub1 part
 
 if [ "x$GRUB2" = "xno" ]; then
     # Grub1 part

@@ -420,7 +420,7 @@ else
   /etc/init.d/procps restart >/dev/null 2>&1 || true
 fi
 
   /etc/init.d/procps restart >/dev/null 2>&1 || true
 fi
 

-# finished with basic kernel-2.6-cn stuff
+# finished with basic kernel-cn stuff

 echo "."
 
 ################################################################################
 echo "."
 
 ################################################################################

@@ -432,7 +432,7 @@ echo -n "CN: Setting up PAM configurations:"
 if [ -e /etc/security/limits.conf ]; then
     rm -f /etc/security/limits.conf.$$
     cp /etc/security/limits.conf /etc/security/limits.conf.$$
 if [ -e /etc/security/limits.conf ]; then
     rm -f /etc/security/limits.conf.$$
     cp /etc/security/limits.conf /etc/security/limits.conf.$$

-    cp-update kernel-2.6-cn /etc/security/limits.conf.$$ <<'EOF'
+    cp-update kernel-cn /etc/security/limits.conf.$$ <<'EOF'

 *       soft    core        0
 *              hard    nofile          16384
 *              soft    nofile          16384
 *       soft    core        0
 *              hard    nofile          16384
 *              soft    nofile          16384

@@ -464,72 +464,6 @@ echo "."
 
 ################################################################################
 
 
 ################################################################################
 

-# fix old kernel-2.4-cn postrm
-if [ -e /var/lib/dpkg/info/kernel-2.4-cn.postrm ]; then
-    echo "CN: Fixed old kernel-2.4-cn postrm."
-    cat > /var/lib/dpkg/info/kernel-2.4-cn.postrm.$$ <<'EOF'
-#!/bin/sh
-
-set -e
-
-# be sure, be safe
-if [ "$1" != "remove" ]; then
-  exit 0
-fi
-
-# import CN-functions
-. /usr/share/carnet-tools/functions.sh
-
-# remove us from limits.conf
-cp-update -r kernel-2.4-cn /etc/security/limits.conf
-
-# remove us from modules
-cp-update -r kernel-2.4-cn /etc/modules
-EOF
-    if ! cmp -s /var/lib/dpkg/info/kernel-2.4-cn.postrm \
-        /var/lib/dpkg/info/kernel-2.4-cn.postrm.$$; then
-        mv /var/lib/dpkg/info/kernel-2.4-cn.postrm.$$ \
-            /var/lib/dpkg/info/kernel-2.4-cn.postrm
-        chmod +x /var/lib/dpkg/info/kernel-2.4-cn.postrm
-    fi
-    rm -f /var/lib/dpkg/info/kernel-2.4-cn.postrm.$$
-fi
-
-################################################################################
-
-# fix old kernel-cn postrm
-if [ -e /var/lib/dpkg/info/kernel-cn.postrm ]; then
-    echo "CN: Fixed old kernel-cn postrm."
-    cat > /var/lib/dpkg/info/kernel-cn.postrm.$$ <<'EOF'
-#!/bin/sh
-
-set -e
-
-# be sure, be safe
-if [ "$1" != "remove" ]; then
-  exit 0
-fi
-
-# import CN-functions
-. /usr/share/carnet-tools/functions.sh
-
-# remove us from limits.conf
-cp-update -r kernel-cn /etc/security/limits.conf
-
-# remove us from modules
-cp-update -r kernel-cn /etc/modules
-EOF
-    if ! cmp -s /var/lib/dpkg/info/kernel-cn.postrm \
-        /var/lib/dpkg/info/kernel-cn.postrm.$$; then
-        mv /var/lib/dpkg/info/kernel-cn.postrm.$$ \
-            /var/lib/dpkg/info/kernel-cn.postrm
-        chmod +x /var/lib/dpkg/info/kernel-cn.postrm
-    fi
-    rm -f /var/lib/dpkg/info/kernel-cn.postrm.$$
-fi
-
-################################################################################
-

 # dh_installdeb will replace this with shell code automatically
 # generated by other debhelper scripts.
 
 # dh_installdeb will replace this with shell code automatically
 # generated by other debhelper scripts.
 

diff --git a/debian/postrm b/debian/postrm
index 5c733a3..28f52e5 100755 (executable)
--- a/debian/postrm
+++ b/debian/postrm
@@ -1,5 +1,5 @@
 #!/bin/sh
 #!/bin/sh

-# postrm script for kernel-2.6-cn
+# postrm script for kernel-cn

 #
 # see: dh_installdeb(1)
 
 #
 # see: dh_installdeb(1)
 

@@ -38,11 +38,11 @@ esac
 echo -n "CN: Cleaning up..."
 
 # remove us from limits.conf
 echo -n "CN: Cleaning up..."
 
 # remove us from limits.conf

-cp-update -r kernel-2.6-cn /etc/security/limits.conf
+cp-update -r kernel-cn /etc/security/limits.conf

 echo -n " limits"
 
 # remove us from modules
 echo -n " limits"
 
 # remove us from modules

-cp-update -r kernel-2.6-cn /etc/modules
+cp-update -r kernel-cn /etc/modules

 echo -n " modules"
 
 echo "."
 echo -n " modules"
 
 echo "."

diff --git a/debian/preinst b/debian/preinst
index d13bffc..6c5b763 100755 (executable)
--- a/debian/preinst
+++ b/debian/preinst
@@ -1,5 +1,5 @@
 #!/bin/sh
 #!/bin/sh

-# preinst script for kernel-2.6-cn
+# preinst script for kernel-cn

 #
 # see: dh_installdeb(1)
 
 #
 # see: dh_installdeb(1)
 

@@ -34,7 +34,7 @@ esac
 
 # check if the config script fixed the grub diverts
 if [ -e /usr/sbin/grub.real -o -e /usr/sbin/grub-probe.real ]; then
 
 # check if the config script fixed the grub diverts
 if [ -e /usr/sbin/grub.real -o -e /usr/sbin/grub-probe.real ]; then

-    echo "CN: Please install this package using apt-get."
+    echo "CN: Please install Grub2 package using: apt-get install grub-pc"

     exit 1
 fi
 
     exit 1
 fi
 

diff --git a/debian/templates b/debian/templates
index fdf6a3e..c4b23f0 100644 (file)
--- a/debian/templates
+++ b/debian/templates
@@ -1,4 +1,4 @@
-Template: kernel-2.6-cn/dummy
+Template: kernel-cn/dummy

 Type: note
 _Description: Dummy template to satisfy lintian
  Lintian warns if templates file is empty.
 Type: note
 _Description: Dummy template to satisfy lintian
  Lintian warns if templates file is empty.