grsecurity forums

Hello,

I am using RHEL 4.6 and need to implement GRSecurity for root auditing (and later on probably other features that GRSecurity offers). However, there are no RHEL4 packages, and I don't know how to patch kernel source.

I've spent most of the morning googling instructions on how to patch the RHEL4 kernel source with the grsecurity.patch file, but I haven't found anything yet that has been relevant. It looks like there's a lot more debian specific howto's on this.

Can anyone point me to a guide?

The patching is the simple part, unpack the (vanilla) kernel and use "patch":
http://en.wikibooks.org/wiki/Grsecurity ... grsecurity

The patch is only made for vanilla kernels.

For more RedHat like HOWTO's:
http://wiki.centos.org/HowTos/Custom_Kernel
http://fedoraproject.org/wiki/Docs/CustomKernel
But even if you make an RPM you should use vanilla kernels.

Does that mean it isn't possible to patch the backported RHEL source?

Comnenus wrote:Does that mean it isn't possible to patch the backported RHEL source?

not without backporting grsecurity itself as well which would be a very non-trivial exercise for such an old and much-patched kernel that you find in RHEL.

I think if we used a new vanilla kernel we'd lose support. I'll have to look into that.

Are the packages for RHEL5 a patched RHEL kernel or vanilla as well?

Comnenus wrote:I think if we used a new vanilla kernel we'd lose support. I'll have to look into that.

don't you already lose support if you use anything but their own kernels?

Are the packages for RHEL5 a patched RHEL kernel or vanilla as well?

all RHEL kernels are heavily patched, more so as the years pass by and they backport stuff.