Git-Mirrors/plague-kernel
1
0
Fork 0
mirror of https://0xacab.org/optout/plague-kernel.git synced 2024-10-01 03:35:36 -04:00
Code Issues Packages Projects Releases Wiki Activity

Fixed package issue with Fedora, revamped script to account for the v added before each linux-hardened release

Browse Source
This commit is contained in:
optout 2024-07-17 00:26:34 +00:00
parent 10a726ba94
commit 7874f5b261
No known key found for this signature in database
GPG Key ID: 13BA4BD4C14170C0
1 changed files with 24 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

53
self_compilation.sh
View File

@ -9,7 +9,7 @@ mount -o remount,rw /boot
# Set Kernel Version (KVER) # Set Kernel Version (KVER)
function set_kver() { function set_kver() {
echo "Enter the kernel version to use (e.g., '6.6.25-hardened1'):" echo "Enter the kernel version to use (e.g., '6.6.18-hardened1'):"
while true; do while true; do
read -e -i "${KVER:-}" -p "" KVER read -e -i "${KVER:-}" -p "" KVER
if [[ $(echo $KVER | grep -E '^[0-9]+\.[0-9]+\.[0-9]+(-hardened1)$') == '' ]]; then if [[ $(echo $KVER | grep -E '^[0-9]+\.[0-9]+\.[0-9]+(-hardened1)$') == '' ]]; then
@ -28,7 +28,7 @@ function check_distro(){
case "${distroId,,}" in case "${distroId,,}" in
*void*) *void*)
printf '%s\n' "Detected Void Linux..." printf '%s\n' "Detected Void Linux..."
xbps-install -Sy make gcc xz elfutils elfutils-devel flex ncurses-devel openssl openssl-devel argp-standalone gcc-ada mpc libmpc-devel gmp-devel perl zstd bc pahole linux-lts-headers xbps-install -Sy make gcc xz elfutils elfutils-devel flex ncurses-devel openssl openssl-devel argp-standalone gcc-ada mpc libmpc-devel gmp-devel perl zstd
return 0 return 0
;; ;;
*debian*|*ubuntu*) *debian*|*ubuntu*)
@ -38,8 +38,7 @@ function check_distro(){
;; ;;
*fedora*|*redhat*) *fedora*|*redhat*)
printf '%s\n' "Detected RHEL-based Distribution..." printf '%s\n' "Detected RHEL-based Distribution..."
sudo dnf install binutils /usr/include/{libelf.h,openssl/pkcs7.h} \ sudo dnf install binutils elfutils-libelf-devel openssl-devel bc bison flex gcc git openssl make perl dwarves zstd
/usr/bin/{bc,bison,flex,gcc,git,openssl,make,perl,pahole,zstd}
return 0 return 0
;; ;;
*) *)
@ -54,11 +53,11 @@ check_distro
# Staging w/ error handling # Staging w/ error handling
# Pull down Anthraxx linux-hardened upstream # Pull down Anthraxx linux-hardened upstream
if [[ ! -f /usr/src/"$KVER".tar.gz ]]; then if [[ ! -f /usr/src/"$KVER".tar.gz ]]; then
/usr/bin/curl --verbose --tlsv1.3 --proto =https -L -O --url "https://github.com/anthraxx/linux-hardened/archive/refs/tags/$KVER.tar.gz" /usr/bin/curl --verbose --tlsv1.3 --proto =https -L -O --url "https://github.com/anthraxx/linux-hardened/archive/refs/tags/v$KVER.tar.gz"
fi fi
if [[ ! -d /usr/src/linux-hardened-"$KVER" ]]; then if [[ ! -d /usr/src/linux-hardened-"$KVER" ]]; then
tar -xf "$KVER".tar.gz -C /usr/src/ tar -xf v"$KVER".tar.gz -C /usr/src/
fi fi
# Move to staging directory # Move to staging directory
@ -82,7 +81,7 @@ fi
# Prompt if baseline Plague kernel is desired # Prompt if baseline Plague kernel is desired
## If not, proceed to fingerprint device ## If not, proceed to fingerprint device
read -p "Do you want create a custom kernel tailored to your hardware? (y/n): " response read -p "Do you want create a custom kernel tailored to your hardware? (y/n)" response
response=$(echo $response | tr '[:upper:]' '[:lower:]') response=$(echo $response | tr '[:upper:]' '[:lower:]')
if [[ $response == "y" ]]; then if [[ $response == "y" ]]; then
echo "Tailoring kernel configuration to your hardware" echo "Tailoring kernel configuration to your hardware"
@ -91,7 +90,7 @@ else
echo "Using baseline Plague kernel configuration" echo "Using baseline Plague kernel configuration"
fi fi
read -p "Do you want to open the kernel configuration editor? (y/n): " response read -p "Do you want to open the kernel configuration editor? (y/n)" response
response=$(echo $response | tr '[:upper:]' '[:lower:]') response=$(echo $response | tr '[:upper:]' '[:lower:]')
if [[ $response == "y" ]]; then if [[ $response == "y" ]]; then
make menuconfig make menuconfig
@ -103,20 +102,18 @@ fi
make -j $(nproc --all) make -j $(nproc --all)
make modules_install INSTALL_MOD_STRIP=1 install make modules_install INSTALL_MOD_STRIP=1 install
function install_kernel() {
declare -r distroId="$(awk -F= '$1=="ID"{print $NF}' /etc/os-release)"
case "${distroId,,}" in case "${distroId,,}" in
*void*) *void*)
cp ./arch/x86_64/boot/bzImage /boot/vmlinuz-"$KVER" cp ./arch/x86_64/boot/bzImage /boot/vmlinuz-"$KVER"
dracut --kver "$KVER" --force dracut --kver "$KVER" --force
grub-mkconfig -o /boot/grub/grub.cfg grub-mkconfig -o /boot/grub/grub.cfg
xbps-reconfigure -fa xbps-reconfigure -fa
/usr/bin/update-grub /usr/bin/update-grub
return 0 return 0
;; ;;
*debian*|*ubuntu*) *debian*|*ubuntu*)
cp ./arch/x86_64/boot/bzImage /boot/vmlinuz-"$KVER" cp ./arch/x86_64/boot/bzImage /boot/vmlinuz-"$KVER"
dracut --kver "$KVER" --force dracut --kver "$KVER" --force
update-grub2 update-grub2
return 0 return 0
;; ;;
@ -128,23 +125,21 @@ case "${distroId,,}" in
printf '%s\n' "Unable to detect Operating System!" >&2 printf '%s\n' "Unable to detect Operating System!" >&2
return 1 return 1
;; ;;
esac esac
}
install_kernel
# Remove sysmap/signing keys # Remove sysmap/signing keys
rm /usr/src/linux-hardened-"$KVER"/certs/signing_key* rm /lib/modules/"$KVER"/source/certs/signing_key*
rm /usr/src/linux-hardened-"$KVER"/System.map rm /lib/modules/"$KVER"/source/System.map
rm /lib/modules/"$KVER"/source
rm /lib/modules/"$KVER"/build
echo "Congrats! Your custom kernel based on the PlagueOS kernel configuration has been installed." echo "Congrats! Your custom kernel based on the PlagueOS kernel configuration has been installed."
read -p "Reboot now? (y/N): " response echo "Reboot now? (y/N): "
response=$(echo $response | tr '[:upper:]' '[:lower:]') read reboot_opt
if [[ $response == "y" ]]; then
reboot if [[ "$reboot_opt" == "Y" ]]; then
reboot
else else
echo "Exiting..." exit
fi fi