- Ubuntu 14.04 (trusty)
- Grsecurity 3.1-3.14.54-201510130857
- Linux kernel sources and build dependencies
wget https://www.kernel.org/pub/linux/kernel/v3.x/linux-3.14.54.tar.xz
sudo apt-get build-dep --no-install-recommends linux-image-$(uname -r)
git clone git://kernel.ubuntu.com/ubuntu/ubuntu-trusty.git
cp -a /usr/share/kernel-package ubuntu-package
cp ubuntu-trusty/debian/control-scripts/{postinst,postrm,preinst,prerm} ubuntu-package/pkg/image/
cp ubuntu-trusty/debian/control-scripts/headers-postinst ubuntu-package/pkg/headers/
- Grsecurity patch (requires to be a Grsec customer/sponsor as the stable releases are no longer publicly available)
https://grsecurity.net/download-restrict/download-redirect.php?file=grsecurity-3.1-3.14.56-201510282003.patch
- Extract kernel sources and apply Grsecurity patch
tar xf linux-3.14.56.tar.xz
cd linux-3.14.56
patch -p1 < ../grsecurity-3.1-3.14.54-201510130857.patch
- Configure Grsecurity and custom kernel options
make menuconfig
export CONCURRENCY_LEVEL="$(grep -c '^processor' /proc/cpuinfo)"
make-kpkg clean
sudo make-kpkg --initrd --append-to-version=-grsec --overlay-dir=../ubuntu-package kernel_image kernel_headers
- Install freshly built
.deb
packages
cd ..
sudo dpkg -i linux-*.deb
Wow. Impressive. I will sure say a word of prayer after that