[arch-dev-public] providing grsecurity in [community]

Daniel Micay danielmicay at gmail.com
Fri Apr 18 08:16:11 EDT 2014

On 18/04/14 08:02 AM, Sébastien Luttringer wrote:
> On 18/04/2014 13:07, Daniel Micay wrote:
>> On 18/04/14 05:34 AM, Sébastien Luttringer wrote:
>>> On 18/04/2014 10:44, Daniel Micay wrote:
>>>> On 18/04/14 04:09 AM, Sébastien Luttringer wrote:
>>>>> On 16/04/2014 06:09, Daniel Micay wrote:
>> There's no problem with simply not building a VirtualBox module for the
>> linux-grsec kernel. 
> Being not consistent is a problem to me. But nothing which I can overcome.
>> You're not building one now, so there would be
>> nothing gained or lost. 
> I build 2 modules for each release[1]. Could be 3 tomorrow. I miss your
> point.

I mean that users are currently compiling these modules on their own for
grsec, so if there were no packaged out-of-tree modules for it at all
then it wouldn't be a step backwards.

The most painful part for users is compiling the kernel, especially when
most of the AUR kernel packages are based on older versions of the
[core] package rather than following the current configuration.

>> Supporting out-of-tree modules wasn't something
>> I planned on considering at all right away.
> Suggestion of Massimiliano is fine to me. If we all agree to get ride of
> compiled modules, there is no burden to me to grsec kernel addition.
> This even open the door to talk about versioned kernel :)

I agree that DKMS is the best way of dealing with this.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-dev-public/attachments/20140418/1e5841d4/attachment.asc>

More information about the arch-dev-public mailing list