Well, then I'm about to drive you nuts I guess. I wanted grsecurity, too, having discovered it with OpenNA (a nice distro that went *poof* one day, I never found out why it's dead now..). I like the process security - e.g run "ps xa" as a normal user, you will only ever see your own processes, and similar restrictions. I've used LIDS (on Engarde Linux) too, which has similar features, but you have to turn LIDS off to get anything done (though there may be advantages to that, too).
So, I went & got the kernel package from TinySofa Classic, and installed it on TSL. It works great. You may need to install a few other packages from TinySofa as well (such as mkinitrd). I've also installed the grsec kernel on TSL 2.2 without much trouble. Maybe TSL should have multiple "secure" kernels available - grsecurity, LIDS, selinux; then it can really be "secure" - as well as secure the way the individual admin wants it. Donald > infernus <infernus at gamebox.net> wrote: > > Thank you for a real answer. If I hear one more thing about a > sofa I might go nuts. > > On Sun, May 07, 2006 at 01:40:17AM +0530, Ajith Vargese Thampi wrote: > > On 5/7/06, Gerald Dachs <gda at tinysofa.org> wrote: > > > > On Sat, 6 May 2006 15:30:46 -0400 > > infernus <infernus at gamebox.net> wrote: > > > > > I was wondering if there was, by any chance, some trustix package for a > > grsecurity kernel. I would really like to have grsecurity running on my box > > again, and haven't had it since I moved to trustix a few months ago. Thanks > > in advance. > > > > I can't answer you question, but I would like to let the other readers of > > the list let to know that grsecurity > > is part of the base install of tinysofa classic server. > > > Guessing this is still the TSL mailing list :) and pointing to the above > query, GRSecurity patches for the kernel are being considered. Trustix > should surely support it soon, unsure if it should come with the next > release. Being looked into, and if possible it should be added. > > Aristo > _______________________________________________ > tsl-discuss mailing list > tsl-discuss at lists.trustix.org > http://lists.trustix.org/mailman/listinfo/tsl-discuss > -- infernus echo "jogfsovtA{jggfs/psh" | perl -pe 's/(.)/chr(ord($1)-1)/ge' _______________________________________________ tsl-discuss mailing list [email protected] http://lists.trustix.org/mailman/listinfo/tsl-discuss
