On 12/14/2016 06:03 AM, Foppe de Haan wrote: > To clarify: this has to be done in every template in which you want to use > this? Or can I just copy the whole dir after compiling (seems necessary for > the make install-deb step?), install whatever packages I need to perform the > post-build steps, and perform those? > (thinking of D8-template, D9-, Whonix-gw/ws) > For Debian systems, you only need to follow the coldhak instructions once to create the kernel deb packages. If you want to take your work and install it on other Debian templates without having to set up the dev environment again, just install the qubes-kernel-vm-support and grub2-common packages on them (and you'll probably want paxctl too to help with managing the pax stuff until you've figured out what you want your pax ruleset to look like), then copy over the linux-headers and linux-image packages that you had just made and install them in that order (headers first, then image). Install the firmware packages only if you need them. That seemed to work for me.
Make sure to clone the templates you want to try this on for testing purposes if you don't want to lose your originals; for example, by default, you won't be able to connect to a Whonix template running coldkernel as qrexec won't start up properly (but if you switch back to a normal kernel, it'll work fine again). And if you enable this on a service vm like sys-net, no machine configured to use it as a net vm will start up. I don't know how to troubleshoot this or fix this, so if anyone out there figures that part out, please share. Don't forget to follow the rest of the coldhak instructions to install and configure paxctld, set up grub, and to add the relevant grsecurity groups! sudo groupadd -g 9001 grsecproc sudo groupadd -g 9002 tpeuntrusted sudo groupadd -g 9003 denysockets -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/o2ronl%24t1s%241%40blaine.gmane.org. For more options, visit https://groups.google.com/d/optout.
