Support building on for Debian and Ubuntu

freedomofpress / ansible-role-grsecurity

The documentation and build system for the grsecurity kernel maintained by the Freedom of the Press Foundation for SecureDrop

GNU General Public License v2.0

49 stars 13 forks source link

Support building on for Debian and Ubuntu #12

Closed conorsch closed 9 years ago

conorsch commented 9 years ago

When applying the grsecurity kernel patches to the vanilla Linux kernel for use on Ubuntu, it's necessary to pull in some config files from the Ubuntu overlay. When applying the patches for use on Debian, the overlay isn't necessary. The develop branch currently has some conditional logic to target different distros, which should be expanded. We should also provide separate Vagrant machines for Debian and Ubuntu to separate the build environments.

conorsch commented 9 years ago

Ideally this would be a trivial change, but it's complicated by the fact that most prebuilt Debian 8 Vagrant boxes have drive sizes around the 10GB mark. During kernel compilation, that'll fill up and cause the machine to hang or error out. For comparison, the Ubuntu 14.04 boxes have drive sizes around 40GB.

conorsch commented 9 years ago

Not going to spend time on this. All Debian 8 Vagrant boxes I've found are too small to build a kernel on, and I'm not going to build a custom box for this use case. It makes more sense to generalize the role to the point where folks can run it on their localhost—using fakeroot—and if the host if Debian, it'll do the right thing.