-
Notifications
You must be signed in to change notification settings - Fork 0
Home
TD;DR Greezly is only the stable Linux kernel sources patched with the grsecurity patch. With history.
So, why using this repository instead of downloading the source archive and applying the grsecurity patch?
- History between the grsecurity patches
- Full history between the stable Linux releases
- One default configuration for server usage
- Some scripts to facilitate the kernel installation (PaX flags, group creation)
- Verification that Greezly matches the grsecurity patch
Greezly embed a default configuration for x86_64 machines.
- Download the source code:
git clone [email protected]:moulecorp/greezly.git
- Setup the default Greezly configuration:
make x86_64_greezly_defconfig
- Build an image:
make greezly-deb
- Copy the generated
.deb
packages located in the parent directory on the target server - Install the generated packages:
dpkg -i *.deb
The grsecurity patches always apply against a stable version of the Linux kernel. No incremental patch is provided. In Greezly we made some scripts to only apply what's new in the grsecurity patches, allowing to have a clear history of what's going on.
make greezly-verify
There is no need to also verify we use the same stable tree because the above command verify the Greezly modifications and the Grsecurity modifications are the same (minus our few patches), and apply on the same tree (stable).
Greezly was created to maintain a kernel package in a custom Debian repository. Some scripts added to the Linux sources help with the workflow.
- Download the sources:
git clone [email protected]:moulecorp/greezly.git
- Add a remote to fetch Linux stable updates:
git remote add linux-stable git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git
make greezly-pull
- Tag the release:
git tag greezly-v<tag_number>
- Setup the default Greezly configuration:
make x86_64_greezly_defconfig
- Build an image:
make CHANGELOG=<prepended_changelog> MAINTAINER="name <mail>" URGENCY=<low|medium|high> greezly-deb