felosi
09-07-2006, 03:58 PM
Ok here is the script I wrote for downloading the latest kernel and grsecurity patch, patching the kernel, and then building it. It grabs the config file I made up for single processor pentium 4 based servers. Security setting is set to low with proc restrcitions where users can only see their processes. Also all xtables, iptables and other common features are enabled.
I have tired this on a fedora server and it done great so if everyone else likes it I will make one for amd as well.
I also will be making and updated howto for those who wish to go over their config manually.
If anyone has any feedback or suggestions or to report a problem simply post in the forum or come look for us in IRC.
This is for single processor pentium 4 based machines only with 512mb-2gb ram
Here is how to get the script going
For RedHat Based Servers
cd /usr/src
For Redhat Based Servers (CentOS, Fedora, etc;)
wget www.evolution-security.com/files/grkern.sh
chmod 755 grkern.sh
./grkern.sh
Give it a while to compile and install then when it is done do this
grub
savedefault --default=0 --once
quit
Then reboot or better yet have your datacenter reboot in case the kernel panics.
I have tired this on a fedora server and it done great so if everyone else likes it I will make one for amd as well.
I also will be making and updated howto for those who wish to go over their config manually.
If anyone has any feedback or suggestions or to report a problem simply post in the forum or come look for us in IRC.
This is for single processor pentium 4 based machines only with 512mb-2gb ram
Here is how to get the script going
For RedHat Based Servers
cd /usr/src
For Redhat Based Servers (CentOS, Fedora, etc;)
wget www.evolution-security.com/files/grkern.sh
chmod 755 grkern.sh
./grkern.sh
Give it a while to compile and install then when it is done do this
grub
savedefault --default=0 --once
quit
Then reboot or better yet have your datacenter reboot in case the kernel panics.