Building an RPM package for the latest Linux kernel and grsecurity

What are we building?

We are going to add one set of patches to the Linux kernel:

How to create the custom-configured kernel RPM?

  1. Download spec file to /usr/src/redhat/SPEC/
    cd /usr/src/redhat/SPEC/ ; wget
  2. Download all the patches and sources to /usr/src/redhat/SOURCE/
  3. Create an empty kernel config file (you can also copy an existing one to speed up the kernel configuration)
    touch /usr/src/redhat/SOURCE/kernel-2.4.21-i686-1grsec.config
  4. Prepare the kernel (unpacking the sources and applying the patches)
    cd /usr/src/redhat/SPEC ; rpm -bp kernel-grsec-2.4.spec
  5. Tweak the kernel config
    cd /usr/src/redhat/BUILD/linux-2.4.21 ; make oldconfig/menuconfig/xconfig
  6. Copy the resulting config to the source of the RPM
    cp /usr/src/redhat/BUILD/linux-2.4.21/.config /usr/src/redhat/SOURCE/kernel-2.4.21-i686-1grsec.config
  7. Compile the kernel and have a cup of tea/coffee/...
    cd /usr/src/redhat/SPEC ; rpm -ba kernel-grsec-2.4.spec
  8. Done! Easy, wasn't it ?

Why is there no binary RPM to download?

I think that it would be bad to give a binary RPM for that kernel for the following reasons:

Why isn't there the O(1)/low latency/... patch included?

What I am looking forward is to get a stable kernel, so I prefer to limit the amount of patching as I don't have an unlimited number of QAs to test it.

Nicolas Lidzborski (cpc at on August 14 2003

Previous version: kernel-grsec.2.4.20.html