On Saturday, December 10, 2016 at 10:24:47 PM UTC-5, Reg Tiangha wrote: > On 12/10/2016 05:40 PM, Reg Tiangha wrote: > > > Well, I'm currently in the middle of compiling it; haven't had to > > compile a kernel since my Gentoo days and I've forgotten how long it > > used to take. One piece of advice at this point: If you're using a fresh > > template, you'll definitely want to allocate more space to /home; the > > default 2GB isn't enough. I've doubled it to 4G and am keeping an eye on > > how much it grows. I can't remember how much disk space it used to take > > to compile an old Gentoo kernel so I'll be babysitting this one until > > it's done. > > > > In the meantime: > > > > 1) I would assume it would work; their instructions imply Debian 7+, but > > I suppose the only way to find out if it would work on a Debian 9 > > template under Qubes would be to compile it and find out. > > > > 2) I've never used a Gresecurity kernel before (I almost did under > > Gentoo but at the time, the kernel they were using was an older one > > lacking a driver I needed so I ended up going with the vanilla sources > > instead), but here's how the gresecurity folks feel in terms of how they > > would stack up: > > > > https://grsecurity.net/compare.php > > > > If you want to try a regular 4.8 kernel either in dom0 or in a vm, > > there's already one (4.8.12) in the Qubes unstable repository that you > > can play with right now. > > > > > > Just to update: It took about 5 hours to compile on my quad core 2.2GHz > Intel i7-2720M, so your millage may vary. The coldkernel compile > directory was about 3.2GB large after compilation, so you'll want to > make sure your /home directory has at least 4.0GB free before attempting > this. I used a fresh stock but updated debian-8 template vm to compile > this on. > > The machine boots, which is the good news. The bad news is that qrexec > momentarily connects and then disconnects (i.e. the light turns green in > Qubes VM Manager for about a second once it finishes booting, and then > immediately turns yellow). > > However, I didn't follow the instructions exactly as git said there was > no tag marked coldkernel-0.9a-4.8.12 when I typed out the verify-tag and > checkout commands as written. So I switched to the 0.9a branch instead > using git checkout 0.9a. That said, I'm essentially a git newb. Did I do > that part right or should I have done something else? > > Anyway, I don't know much about gresecurity and paxctl either, so while > I wait for someone else to post some success on this, there is lots to > read up on in the meantime.
scroll down to installing kernel in debian vm https://www.qubes-os.org/doc/managing-vm-kernel/ -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/f7c18222-0778-4908-88d3-39a4a3f6b6e1%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
