2016-12-14 23:33 GMT+08:00 Reg Tiangha <[email protected]>: > On 12/14/2016 06:03 AM, Foppe de Haan wrote: > > To clarify: this has to be done in every template in which you want to > use this? Or can I just copy the whole dir after compiling (seems necessary > for the make install-deb step?), install whatever packages I need to > perform the post-build steps, and perform those? > > (thinking of D8-template, D9-, Whonix-gw/ws) > > > For Debian systems, you only need to follow the coldhak instructions > once to create the kernel deb packages. If you want to take your work > and install it on other Debian templates without having to set up the > dev environment again, just install the qubes-kernel-vm-support and > grub2-common packages on them (and you'll probably want paxctl too to > help with managing the pax stuff until you've figured out what you want > your pax ruleset to look like), then copy over the linux-headers and > linux-image packages that you had just made and install them in that > order (headers first, then image). Install the firmware packages only if > you need them. That seemed to work for me. > > Make sure to clone the templates you want to try this on for testing > purposes if you don't want to lose your originals; for example, by > default, you won't be able to connect to a Whonix template running > coldkernel as qrexec won't start up properly (but if you switch back to > a normal kernel, it'll work fine again). And if you enable this on a > service vm like sys-net, no machine configured to use it as a net vm > will start up. I don't know how to troubleshoot this or fix this, so if > anyone out there figures that part out, please share. >
For those of you who are trying to get the kernel working on Whonix, just install busybox and update the initramfs. Seems to be a missing dependency of qubes-kernel-vm-support. > > Don't forget to follow the rest of the coldhak instructions to install > and configure paxctld, set up grub, and to add the relevant grsecurity > groups! > > sudo groupadd -g 9001 grsecproc > sudo groupadd -g 9002 tpeuntrusted > sudo groupadd -g 9003 denysockets > --WillyPillow -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CAKmAYVsMNkfDFY-n8PYtpf-Qia1Ayo8OmJ%2BKVk_vx5-Q3NdQXw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
