conorsch
commented
7 years ago This has been bothering me lately, since fetching back the built deb packages is now a second manual step after a long compilation. A find-based approach that gathers up a list of likely deb packages and fetches them all back seems the most reasonable approach. Perhaps using the grsecurity_build_revision var (#92) as part of the glob to restrict to only wanted packages.
The fetch task for retrieving the build deb packages is inappropriately using
with_fileglob, which references paths on the Ansible controller, so fetching will never work when building on a remote host: https://github.com/freedomofpress/ansible-role-grsecurity/blob/0afd36ee7c53b1da3d520e2970f3182f239053b9/roles/build-grsec-kernel/tasks/compile.yml#L18-L29 This is a recent regression related to building multiple deb packages, and should be reverted. Looks like it came in as part of #71.