Building an RPM package for the latest Linux kernel and grsecurity

What are we building?

We are going to add two groups of patches to the Linux kernel:

How to create the custom-configured kernel RPM?

  1. Download spec file to /usr/src/redhat/SPEC/ 
    cd /usr/src/redhat/SPEC/ ; wget http://cpc.freeshell.org/linux/kernel-grsec-2.4.20.spec
  2. Download all the patches and sources to /usr/src/redhat/SOURCE/ 
    wget/lftp/...
  3. Create an empty kernel config file (you can also copy an existing one to speed up the kernel configuration) 
    touch /usr/src/redhat/SOURCE/kernel-2.4.20-i686-8grsec.config
  4. Prepare the kernel (unpacking the sources and applying the patches) 
    cd /usr/src/redhat/SPEC ; rpm -bp kernel-grsec-2.4.spec
  5. Tweak the kernel config 
    cd /usr/src/redhat/BUILD/linux-2.4.20 ; make oldconfig/menuconfig/xconfig
  6. Copy the resulting config to the source of the RPM 
    cp /usr/src/redhat/BUILD/linux-2.4.20/.config /usr/src/redhat/SOURCE/kernel-2.4.20-i686-8grsec.config
  7. Compile the kernel and have a cup of tea/coffee/... 
    cd /usr/src/redhat/SPEC ; rpm -ba kernel-grsec-2.4.spec
  8. Done! Easy, wasn't it ?

Why is there no binary RPM to download?

I think that it would be bad to give a binary RPM for that kernel for the following reasons:

Why isn't there the O(1)/low latency/... patch included?

What I am looking forward is to get a stable kernel, so I prefer to limit the amount of patching as I don't have an ulimited of QA to test it.

Nicolas Lidzborski (cpc at freeshell.org) on Apr 24 2003