OK, I'm a very much newby. I compiled and patched a 2.4.27 kernel and gave it the grsecurity options otlined in the starters guide, but when it came time to use gradm it could not open /dev/grsec. So I thought maybe I'd go back to my tried and trued 2.4.26 with the addition of the grsecurity patch-just to get the same results. Gradm seems to compile just fine. /dev/grsec is physically there and at 0622. I looked at the Makefile and manually did a 'mknod -m 0622 /dev/grsec c 1 12' even though the gradm compilation didn't error and made it for me.
The reason for all of this is that I WAS hacked and they came in through mldonkey in a CHROOT jail. This kernel is going in a IPFROG/IPCOP firewall that has a web interface. Grsecurity "breaks" the listing of running processes and modules loaded on the 'information' page-although I can manually get them as root. I would like to try and "fix" this.... If I CAN'T get gradm to work I would at least like to keep some of the security stuff especially the CHROOT jail restrictions. If I were to do this what do I need to lighten up on in the grsecurity part of things in the kernel compilation-without completely giving up on grsecurity entirely. Any help/ideas would be appreciated.