Am Fr, den 01.07.2005 schrieb Robby Tanner um 1:49:
> > 1) When I did a mkinitrd against the existing
> > /lib/modules/2.6.9-1.667,
>
> That is the original FC3 kernel, old and vulnerable.
Should I upgrade to 2.6.something else then?
To the latest FC3 kernel. Please read the announcement mails to know
when security issues get fixed. The current FC3 kernel is
2.6.11-1.35_FC3.
> > 4) There was a load of .patch files in the SOURCES dir,
> some from pre
> > 2.6.9 kernels. Do I need to apply those in order before compiling?
> Yes, sure. Else they are just on your hard drive and do nothing.
Even though some of them are 2.6.7 or earlier?
Sure. The patches a prepared to match the target code.
> > 5) What, if anything do I do with patch-2.6.9-final.bz2
and
> > patch-2.6.9-final-bk2.bz2?
>
> Misses the other patches.
I'm not sure what you mean by that?
Ok, misunderstood your question. You need to apply _all_ patches
(therefor rpmbuild -bp) and not just the patch which brings the base
kernel source tarball to 2.6.9-final-bk2.
> rpmbuild -bp --target=<arch> kernel-2.6.spec
>
>
http://fedora.redhat.com/docs/release-notes/fc3/x86/
>
> The release notes contain the instructions. Didn't you read them?
No, I didn't, but I will, thanks for the pointer.
> These are SELinux messages, so called audit / avc messages.
> The CVS server is just not available for me. I guess you
> missed SELinux patches with your route described in 5)
Not sure what that means either.
Then you probably should read the SELinux documentation too ;) SELinux
is not only userspace but kernelspace too. And if the Fedora kernel has
some specific SELinux patches, they are normally required or are at
least recommended.
Rob
Alexander
--
Alexander Dalloz | Enger, Germany | GPG
http://pgp.mit.edu 0xB366A773
legal statement:
http://www.uni-x.org/legal.html
Fedora Core 2 GNU/Linux on Athlon with kernel 2.6.11-1.35_FC2smp
Serendipity 01:54:24 up 5 days, 8:46, load average: 0.20, 0.20, 0.12