Am 13.01.2010 14:31, schrieb James Rayner: >>> They provide ArchLinux 2009.08 in both 32 and 64 bit with >>> their own kernel with grsecurity (2.6.31.5-grs) >> How well does this integrate? Arch doesn't have any >> officially-endorsed grsecurity kernel. Does it require userspace >> modifications? Have they submitted their package to Arch so the devs >> can look at it and check for flaws? > > In general, kernel's don't need to integrate with anything, and no > changes whatsoever should be necessary in userspace. The exception is > when the kernel is too old to be compatible with our udev version. > > I build my own kernels, not via PKGBUILDs/pacman. They work fine and > it's tidy too. Kernels keep to their own directories with the kernel > itself a single file in /boot and modules in /lib/modules. That isn't entirely the point. IIRC SELinux requires lots of support in userspace, this might be the same for grsecurity. I don't know for sure what needs modification though.
Attachment:
signature.asc
Description: OpenPGP digital signature
