[arch-general] Yet another step toward Arch evil plan
Thomas Bächler
thomas at archlinux.org
Wed Jan 13 08:38:45 EST 2010
Am 13.01.2010 14:31, schrieb James Rayner:
>>> They provide ArchLinux 2009.08 in both 32 and 64 bit with
>>> their own kernel with grsecurity (2.6.31.5-grs)
>> How well does this integrate? Arch doesn't have any
>> officially-endorsed grsecurity kernel. Does it require userspace
>> modifications? Have they submitted their package to Arch so the devs
>> can look at it and check for flaws?
>
> In general, kernel's don't need to integrate with anything, and no
> changes whatsoever should be necessary in userspace. The exception is
> when the kernel is too old to be compatible with our udev version.
>
> I build my own kernels, not via PKGBUILDs/pacman. They work fine and
> it's tidy too. Kernels keep to their own directories with the kernel
> itself a single file in /boot and modules in /lib/modules.
That isn't entirely the point. IIRC SELinux requires lots of support in
userspace, this might be the same for grsecurity. I don't know for sure
what needs modification though.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20100113/70b29749/attachment.bin>
More information about the arch-general
mailing list