Re: Grsecurity/Pax installation on Debian GNU/Linux
http://forums.debian.net/viewtopic.php? … 41#p675341

(or would it be better that I simply paste it here, I don't know... The link, this time, should suffice).

I don't believe the possible issue here, and it does seem to me to be something very fishy in there... is related in particular way to Devuan, other than Devuan being a Linux, the vulnerable distro, because the good ways have been rejected because the geniuses that kept patching Mr Linux's kernel were attempted to be ripped off of their code, by Google, and likely in (but that I don't claim) with at least the approval of, if not in cahoots with, the aforesaid mister in charge...

Ah, but grsecurity has been taken the baton of by, I hope to God, competent people, one of them being our own, Devuan's own developer parazyd! I hope miniply, parazyd and friends make it... (Read about it in the link to grsec installation on Devuan below, in post(s) three days ago or so, of mine there.)

Aah...

Use grsecurity:

Grsecurity/Pax installation on Devuan GNU/Linux
https://dev1galaxy.org/viewtopic.php?id=596

It's the only hope left for Linux kernel's security...

mr@gdOv:~$ cd src/linux-4.9.50
mr@gdOv:~/src/linux-4.9.50$

And now I type, without hitting Tab up to this point "make menucon":

mr@gdOv:~/src/linux-4.9.50$ make menucon

And, sure, I need the complete command, which is "make menuconfig". And I will next hit Tab.

But I'll run my uncenz script, but without going online, to get to the reader very clear understanding (along with the paste of the lines that will appear before viewer's eyes in the /var/log/kern.log, which is being tail'ed to the fore in the terminal on my screen in bottom left with "tail -f".

There. It's 46 seconds of mistery, for me, now... The Screen_170918_0646_gdO.mkv which I get with my uncenz (primitive) program I need to convert to be web-friendly. I'll do it with:

i=Screen_170918_0646_gdO ; ffmpeg -i ${i}.mkv -map 0:v -b:v 200k -c:v libvpx -qmin 0 -qmax 20 -crf 5 ${i}.webm

At second 28 from the start, after I moved the mouse for you to turn your attention where the logs will start to flow, in bottom left, I just, you of course don't see it, but I just hit Tab, while the cursor being positioned right after "make menucon".

Previously you saw me copy the time count of the rsyslog's line, and paste it into the prepared command line that only waited for that input, and it, upon my later hitting Enter on that command, went like this:

root@gdOv:/home/mr# echo 0 > /proc/sys/kernel/grsecurity/tpe ; echo 0 >  /proc/sys/kernel/grsecurity/tpe_restrict_all ; 
root@gdOv:/home/mr# cat /var/log/kern.log | grep -aE -A300000  12983.777942 > kern.log_$(date +%y%m%d_%H%M%S)_$(hostname)0
root@gdOv:/home/mr# ls -l kern.log_170918_064755_gdOv0 
-rw-r--r-- 1 root root 97748 2017-09-18 06:47 kern.log_170918_064755_gdOv0
root@gdOv:/home/mr# 

That's a lot of log line isn't it?

And here I'll post it for your perusal, in the next post.

Just, I believe in hashing and timestamping when credibility is necessary with strange events in computing. So, first, before I make the screencast available on https://www.CroatiaFidelis.hr, as well as the kern.log_170918_064755_gdOv0 created above, here's their hashes:

f687eb6412b9880eb5bffe076671e942f2eaa061344dac25e1c88d762138ec8b  Screen_170918_0646_gdO.webm
1d3b3ba803567142c01b9014d9d509802781b31397509950d98a7fa79ce76cfc  kern.log_170918_064755_gdOv0

Till the next post.