On Wed, Apr 23, 2014 at 05:02:03PM +0100, Ben Hutchings wrote: > No, I meant that you might build a single binary package that would > contain the grsec-patched source. That would encourage building custom > kernels with build-time randomisation. I understand that's not the way > you want to go. Indeed. There's already a (quite outdated) linux-patch-grsecurity2 package which contains the patch for people wanting to patch the kernel themselves. But that's not really useful imho. > > Presumably your current package builds a linux-source-3.13 which > includes an upstream source tarball plus a grsec patch? In my case, it's actually the src:linux orig.tar.xz with the (adapted) grsec patch added to debian/patches (like other featuresets). Regards, -- Yves-Alexis Perez
Attachment:
signature.asc
Description: Digital signature