[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: How to apply grsec patch to debian kernel



On Mon, 2011-12-26 at 08:42 +0100, Ralf Madorf wrote:
> On Mon, 2011-12-26 at 08:39 +0100, Ralf Madorf wrote:
> > On Mon, 2011-12-26 at 06:23 +0330, a dehqan wrote:
> > > [snip] 
> > > Have told debian kernel , not upstream kernel , so my kernel source is
> > > in /usr/src  , do you mean they are the same in applying patch way ? 
> > > 
> > > On Mon, Dec 26, 2011 at 12:09 AM, Ralf Madorf 
> > >         [snip]
> > >         http://www.crucialp.com/resources/tutorials/server-administration/linux-kernel-2.6-compilation-compile-with-grsecurity-grsec-2.6.5-2.6.7-2.6.8-2.6.8.1-2.6.9-2.6.10-2.6.11.6-tutorial-how-to.php
> > 
> > The howto missed to cd into the kernel source directory.
> > 
> > cd /path/to/wherever/the/kernel/source/is
> > patch -p0 /path/to/the/patch/grsecurity-VERSION.patch
> > 
> > A side note [1]
> > Than you can run ...
> > 
> > make oldconfig
> > make-kpkg clean
> > make-kpkg --rootcmd fakeroot --initrd kernel-image kernel-headers
> > 
> > ... or anything else. The way you build the kernel is independent of
> > building the patch.
>  ^^^^^^^^ *chuckle* adding the patch
> > 
> > - Ralf
> > 
> > [1]
> > I'm not using this patch, hence I don't know it, but I'm using other
> > patches. Btw. I'm even not using Debian.
> > If needed try -p1 instead of -p0.
> > "-pnum or --strip=num
> > Strip the smallest prefix containing num leading slashes from each file
> > name found in the patch file. A sequence of one or more adjacent slashes
> > is counted as a single slash. This controls how file names found in the
> > patch file are treated, in case you keep your files in a different
> > directory than the person who sent out the patch. For example, supposing
> > the file name in the patch file was
> > 
> >     /u/howard/src/blurfl/blurfl.c
> > 
> >     setting -p0 gives the entire file name unmodified, -p1 gives
> > 
> >     u/howard/src/blurfl/blurfl.c
> > 
> >     without the leading slash, -p4 gives
> > 
> >     blurfl/blurfl.c
> > 
> >     and not specifying -p at all just gives you blurfl.c. Whatever you
> > end up with is looked for either in the current directory, or the
> > directory specified by the -d option."

Since my description is a little bit confusing, please post the output
of

cat grsecurity-VERSION.patch

and [snip] everything but the path to one of the headers that should be
patched.

I assume that you have got /usr/src/linux-VERSION, right?

Usually you should be inside the linux-VERSION directory and use the -p1
option.


Reply to: