If I patch my linux kernel with grsecurity, will I still be able to update my system with yum (or apt-get)?
Won't the updates available via yum be incompatible with my patched "non standard" version of the kernel?
Also, won't the patches be overwritten each time I update the kernel with yum?
How do you maintain a patched kernel?
The simplest option is put kernel into exclude list of yum/apt to avoid updates:
# cat /etc/yum.d/yum.site.excludes
exclude=kernel*
#
More complicated way is in addition to exclude maintain own spin of kernel from your distribution and add your special fixes on top of it. It this case you have to release your our spin every time when distro update is available. This will allow to have all fixes from distributions puls your extras.
