Setup/questions for GRS kernel - Need help please

Discuss usability issues, general maintenance, and general support issues for a grsecurity-enabled system.

Setup/questions for GRS kernel - Need help please

Postby CBG » Thu Apr 17, 2014 9:13 am

Hi,

I have a OVH VPS with vmware, running CentOS 6.5 and cPanel/WHM so can have a custom kernel.
I did have a kernel but replaced it with the CentOS version as it was causing issues with ConfigServer Firewall (CSF).

I would like to put back on the GRS kernel, but with my own setup and am a little lost, so far I have got the following noted


wget http://www.kernel.org/pub/linux/kernel/ ... .57.tar.gz
wget http://grsecurity.net/stable/grsecurity ... 1252.patch

tar -xf linux-3.2.57.tar
cd linux-3.2.57
patch -p1 < ../grsecurity-3.0-3.2.57-201404131252.patch

make menuconfig


Now for the questions:

1. Where do I download the 2 files, can they go anywhere?

2. Once I have patched it and configured it do I copy it into the /boot/ folder?

3. Is it just the one file I need to copy into the boot folder?

4. Then I presume I update the grub.conf with the new kernel, like the below:

Code: Select all
default=0
timeout=5

        title linux centos6-cpanel11_64
        kernel /boot/kernel_filename root=/dev/sda1  ro
        root (hd0,0)


5. Can I re-config it, if I forget to add something, by repeating the make menuconfig?

Any help would be great, I have never patch a kernel, but I think i have config one, once.

Thanks
CBG
 
Posts: 1
Joined: Thu Apr 17, 2014 9:00 am

Return to grsecurity support