The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Trouble with GRSecurity

Discussion in 'Security' started by LeadDogGraphics, Oct 11, 2012.

  1. LeadDogGraphics

    LeadDogGraphics Well-Known Member

    Joined:
    Feb 25, 2012
    Messages:
    97
    Likes Received:
    1
    Trophy Points:
    8
    Location:
    West Palm Beach, FL
    cPanel Access Level:
    Root Administrator
    Does anyone have GRSecurity kernel installed correctly on Centos 6.3? If so please advise what kernel version you used and what settings / config file did you use while compiling it?

    I recently tried to install the latest kernel from grsecurity using this guide:
    SecurityTargets Blog: Hardening CentOS kernel with grsecurity

    Using this kernel:
    grsecurity-2.9.1-3.2.31-201210111928.patch and it compiled and installed ok but won't boot from it, it just falls back to the previous kernel installed and listed in the boot configuration.


    Is that kernel compatible with Centos 6.3 or do I need to use the grsecurity-2.9.1-2.6.32.60-201210111928.patch version?

    Also once that is figured out, then the question is what settings to use during the compilation, i copied this file, config-2.6.32-279.9.1.el6.x86_64, from my /boot/ to start from.

    Anyone with experience with installing and configuring GRSecurity on a cPanel / Centos 6.3 system, please help.
     
  2. LeadDogGraphics

    LeadDogGraphics Well-Known Member

    Joined:
    Feb 25, 2012
    Messages:
    97
    Likes Received:
    1
    Trophy Points:
    8
    Location:
    West Palm Beach, FL
    cPanel Access Level:
    Root Administrator
    Thanks for that, I read it over, and then followed the directions again from the original article I linked, and this time I made two changes. Instead of using the newer kernel 3.2.31, I used the older 2.6.32.

    I also learned I had to change the default boot item. This time it worked fine. So few lessons learned.

    - - - Updated - - -

    Thanks for that, I read it over, and then followed the directions again from the original article I linked, and this time I made two changes. Instead of using the newer kernel 3.2.31, I used the older 2.6.32.

    I also learned I had to change the default boot item. This time it worked fine. So few lessons learned.
     
  3. LeadDogGraphics

    LeadDogGraphics Well-Known Member

    Joined:
    Feb 25, 2012
    Messages:
    97
    Likes Received:
    1
    Trophy Points:
    8
    Location:
    West Palm Beach, FL
    cPanel Access Level:
    Root Administrator
    If anyone has any tips on how to configure the GRSEC kernel for use on a cPanel 11.36 system running on CentOS 6.3x64 with running into a bunch of errors due to the locked down permissions, please advise. I have searched all over, and I have found a few guides on the internet that advise how to install it, but that is the easier part, it's the configuring it to not bring the system to a halt yet provide the security it has to offer that is the trick. I posted over on the WHT forums as well with some more details of what happened last time I tried. Grsecurity Errors - Web Hosting Talk
     
  4. LeadDogGraphics

    LeadDogGraphics Well-Known Member

    Joined:
    Feb 25, 2012
    Messages:
    97
    Likes Received:
    1
    Trophy Points:
    8
    Location:
    West Palm Beach, FL
    cPanel Access Level:
    Root Administrator
    I wanted to post a follow up for anyone else who wants to actually install GRSecurity by themselves.

    Here is my steps that I followed with the help of one of the members on the WHT forums.
    Grsecurity Errors - Web Hosting Talk
     
    MaraBlue likes this.
Loading...
Similar Threads - Trouble GRSecurity
  1. durangod
    Replies:
    3
    Views:
    116
  2. LeadDogGraphics
    Replies:
    3
    Views:
    528

Share This Page