Portal Home > Knowledgebase > Articles Database > grsec/grsecurity install to kernel 2.6.18 Centos cPanel
grsec/grsecurity install to kernel 2.6.18 Centos cPanel
| Posted by sharmaine1111, 03-25-2010, 10:20 AM |
| I have a cpanel centos 64-bit box. I want to install grsecurity. I have kernel 2.6.18
Can anyone help me grsec my kernel?
I saw this wiki but I dont know if it will work because it has a different version of kernel:
http://wiki.fiber-hosting.com/Cpanel-with-grsec-how-to
|
| Posted by madaboutlinux, 03-25-2010, 10:31 AM |
| The grsec patch provided their won't work on the current kernel version. However, the steps provided on the wiki will upgrade the kernel on your server to 2.6.27 along with grsec. I would say, no harm in following those steps.
|
| Posted by VIPoint, 03-25-2010, 10:37 AM |
| The latest stable version of grsec patch is 2.1.14-2.6.32.10 . You can check it
http://www.grsecurity.net/. Which kernel version do you want to be patched?
|
| Posted by sharmaine1111, 03-25-2010, 10:46 AM |
| Im using kernel 2.6.18
|
| Posted by ksv2nash, 03-25-2010, 11:22 AM |
| Hello,
It's very long process to install it....
|
| Posted by drspliff, 03-25-2010, 12:44 PM |
| And it's high time you upgraded...
|
| Posted by karem, 10-07-2010, 11:47 AM |
| any advice
|
| Posted by hosthop, 10-07-2010, 12:35 PM |
| The easiest way to build grsecurity into the kernel involves upgrading the kernel to the latest version of the kernel patched by the grsecurity team. You would build the kernel in just a few steps (but this will take some time):
1. Download standard kernel source matching patchable version listed on grsecurity.net, as well as the grsecurity patch for that version.
2. Untar the kernel (tar jxvf linux-2.x.x.tar.bz2) and patch it (patch -p0 < grsecurity-blah.patch).
3. make menuconfig or make gconfig or even make config (very long and drawn out) depending on preference.
4. make then make modules_install then make install
5. grub-update or similar command followed by grub-install or similar (lilo anyone?)
That should do it. Please don't attempt to do this on a production server if you've never built a kernel before. It's not for inexperienced users. You'd be better off finding some online repository that hosts pre-built grsecurity kernel RPMs if you don't know what you're doing. Or, find a tutorial on building kernels and try it on a machine that doesn't matter first. Hope that helps.
|
| Posted by Hoodz, 10-07-2010, 07:08 PM |
| dont forget that the more options you enable the more likely you will break things...
|
| Posted by karem, 10-09-2010, 03:29 AM |
| 2.6.18-194.17.1.el5
any help
|
| Posted by Pavix, 10-10-2010, 02:48 AM |
| root@cpanel [~]# uname -a
Linux cpanel. 2.6.27.10-grsec #1 SMP Thu May 20 20:26:12 PDT 2010 i686 i686 i386 GNU/Linux
root@cpanel [~]#
root@cpanel [~]# dmesg | grep grsec
Linux version 2.6.27.10-grsec (root@cpanel. |
| Posted by drspliff, 10-11-2010, 04:30 AM |
| That is a pre-built kernel with OpenVZ patches included. The GRsecurity patches won't apply at all and are generally incompatible with OpenVZ.
|
| Posted by karem, 01-10-2011, 03:15 PM |
| drspliff what about this 2.6.18-194.26.1.el5xen
|
Add to Favourites 
Print this Article
Also Read
