| 1 |
2009/12/10 basile <basile@××××××××××××××.edu> |
| 2 |
|
| 3 |
> You could do it by modifying the ebuild and having it doiwnload the |
| 4 |
> patch and apply it automatically, but an easier way if you have just one |
| 5 |
> patch is to do it manually. When the hardened kernel is emerged, its |
| 6 |
> source is unpacked to /usr/src/linux-2.6.28-r9 with a symbolic link |
| 7 |
> /usr/src/linux pointing to it. Before compiling, apply the patch |
| 8 |
> manually there. |
| 9 |
> |
| 10 |
|
| 11 |
Thanks for your answer... |
| 12 |
That's what I figured out when I tried. |
| 13 |
Now I think that it would remind you some experience if I told you that I |
| 14 |
was thinking about patching hardened-sources with vserver patch... isn't it |
| 15 |
? |
| 16 |
I tried by naively thinking I could just "mash up" vserver-sources & |
| 17 |
hardened-sources ebuilds but it failed. |
| 18 |
Looking at some mailing archives, I ended with thinking that's not a good |
| 19 |
idea, and that applying vserver+grsec official patch to a vanilla kernel |
| 20 |
would be less painful. |
| 21 |
|
| 22 |
Is there any recent story about this combination ? |
| 23 |
I clearly understand that hardened team won't put vserver patch in |
| 24 |
hardened-sources. |
| 25 |
|
| 26 |
|
| 27 |
-- |
| 28 |
Pierre. |
| 29 |
"Sometimes when I'm talking, my words can't keep up with my thoughts. I |
| 30 |
wonder why we think faster than we speak. Probably so we can think twice." - |
| 31 |
Bill Watterson |
Archives