Support grsec kernel previews for instances on non-HCL hardware.

freedomofpress / securedrop

GitHub repository for the SecureDrop whistleblower platform. Do not submit tips here!

https://securedrop.org/

Other

3.62k stars 686 forks source link

Support grsec kernel previews for instances on non-HCL hardware. #6508

Open eloquence opened 2 years ago

eloquence commented 2 years ago

In order to facilitate pre-release testing for new kernels, it would be helpful to have a preview component on apt.freedom.press, and an associated release/testing procedure which admins can follow to verify basic kernel functionality on their hardware before said kernel is included with a release.

eloquence commented 2 years ago

This preview component now exists. (https://github.com/freedomofpress/securedrop-debian-packages-lfs/pull/96) We are testing a manual verification procedure as part of the upcoming SecureDrop 2.4.2 release. The documentation is currently on the wiki; if we decide to canonicalize it for future releases, we may want to move it into the official documentation.

https://github.com/freedomofpress/securedrop/wiki/Previewing-new-SecureDrop-kernel

zenmonkeykstop commented 2 years ago

Said manual procedure could probably be made into an Ansible playbook (and then added as a securedrop-admin command).