An update on my kernel "secnext" builds and testing
Paul Moore
paul at paul-moore.com
Tue Apr 23 16:47:34 UTC 2019
Hello all,
A while back I started building Fedora Rawhide kernels with the
selinux/next and audit/next branches applied, making them available
via a Fedora COPR repository. My hope was that this would help make
it easier for people to test/try the patches we had queued up for the
next merge window and also enable some additional work to do fully
automated testing of the selinux/next and audit/next trees. While I'm
not sure how many people besides myself run the secnext kernel builds
on their test systems, I have finally gotten all the pieces in place
so that we have fully automated testing for the {selinux,audit}/next
trees. It may have taken almost four years, but better late than
never :)
For those of you who are interested, the test results are sent to the
mailing list below (yes, it's a Google group, and no you don't need to
have a Google account). The build notifications and test results are
sent to a separate list simply because I didn't want to spam the main
mailing lists.
* https://groups.google.com/forum/#!forum/kernel-secnext
In addition, I've run into enough problems with COPR over the years
that I've started to build my own kernel packages from the secnext
SRPMs. While I really like the idea of COPR, the current
implementation is poorly suited for building kernel packages; perhaps
it will improve in the future, but it isn't a good solution now. I
will still keep submitting kernel builds to COPR, so those who want to
use the secnext kernels from there will continue to have that as a
valid repository, but I'm unlikely to spend any significant time
working to resolve COPR specific build problems. For those who want
to try the kernel packages that I'm building, you can find more
information at the link below:
* https://repo.paul-moore.com
At some point in the future I would like to also build secnext kernels
for other distros, but I need to spend a little bit of time learning
the "proper" way to patch and build kernel packages for those other
distros first. I'm leaning towards Debian as the first non-Fedora
distro, but if anyone has a favorite distro, with good SELinux/audit
support, please let me know.
-Paul
--
paul moore
www.paul-moore.com
More information about the Linux-audit
mailing list