grsecurity forums

Skip to content

RHEL and grsecurity: should I wait for the 2.6.20 patch?

Discuss usability issues, general maintenance, and general support issues for a grsecurity-enabled system.
Topic locked

RHEL and grsecurity: should I wait for the 2.6.20 patch?

Postby DirtyHarry » Wed Feb 07, 2007 1:15 pm

Hello,

I have one more question before trying to install grsecurity on my RHEL 4 server (didn't ask for this OS, it was the only choice I had). Do you suggest me to install kernel 2.6.19.3 or wait for the grsecurity patch for 2.6.20 to be released?

I have also another problem - I need to specify a custom port for ip_conntrack_ftp - do I need to specify it in menuconfig?

Thanks!
DirtyHarry
 
Posts: 11
Joined: Thu Jan 18, 2007 2:31 pm
Top

Postby Thrawn » Wed Feb 07, 2007 6:02 pm

If you compiled conntrack_ftp in your kernel append ip_conntrack_ftp.ports=21,2121 in your lilo/grub config, if compiled as module modprobe it with modprobe ip_conntrack_ftp ports=21,2121
Thrawn
 
Posts: 35
Joined: Wed Nov 23, 2005 9:54 am
Top

Postby DirtyHarry » Wed Feb 07, 2007 6:25 pm

Sorry to bother again; correct me if I am wrong - so, if I have a monolithic kernel, I simply add the config line in the bootloader; if I have a kernel which accepts loadable modules, I can use modprobe to load the module at startup, for example in rc.local.

Is it right?
DirtyHarry
 
Posts: 11
Joined: Thu Jan 18, 2007 2:31 pm
Top
Topic locked

Return to grsecurity support

Powered by phpBB® Forum Software © phpBB Group