This is a system for fetching the Linux kernel configuration files for a variety
of Linux distributions, and archiving them for later analysis. The resulting
configuration data is summarized into a compact JSON file which can be
browsed on our webpage. Or, you can simply download the configurations and
explore them with grep
.
On a regular basis, Github CI runs will fetch more recent package versions and keep the configurations up-to-date.
While the webpage is convenient, you can also directly clone the gh-pages
branch of this repository to explore locally:
git clone https://github.com/oracle/kconfigs -b gh-pages
cd kconfigs
grep -r IKCONFIG_PROC out/
This tool runs on Python 3.11 or later. It requires common compression tools (gzip, bzip2, xz, zstd, tar) as well as common command line tools for Linux packaging installed to the system (gpg, rpm, cpio, dpkg).
The following setup instructions apply to Oracle Linux 9. First, install runtime dependencies (most should already be installed, but they are listed for completeness).
dnf install -y python3.11{,-devel,-venv,-pip} \
gzip bzip2 xz zstd tar \
rpm cpio dpkg \
make
To setup the runtime Python environment:
git clone https://github.com/oracle/kconfigs
cd kconfigs
make venv
To run the extraction routine:
make run
Configurations will appear in the out
directory.
You should be able to find everything you need by browsing to our web page which displays the latest kernel configuration information.
See "How to Run".
If you have any questions or concerns, please open a Github issue and we will try to help you out.
This project welcomes contributions from the community. Before submitting a pull request, please review our contribution guide.
The kconfigs project tries to verify all GPG and checksum metadata for the sources it uses. Here's an overview of what we check:
- RPM-based distributions:
- A GPG key is required for all RPM-based distributions.
repomd.xml
: GPG signature required & checked. We do have an exception for some unsigned databases that are served via HTTPS from an allowlist of trusted hosts.- Sqlite database: checksum required & checked.
- RPM package: checksum required & checked, RPM's built-in GPG signature is also required and checked.
- Debian-based distributions:
- A GPG key is required for all Debian-based distributions.
Release
file: GPG signature required & checked.Packages
file: checksum required & checked.
- Pacman-based distributions:
- The database file is not signed and cannot be verified.
- The individual packages are GPG signed, which we verify.
- Upstream kernel configurations:
- We verify that stable kernel releases have a valid signature from Greg KH.
- The mainline source distribution is unsigned and cannot be verified.
- Android configurations:
- We rely on HTTPS connections to
source.android.com
to ensure the integrity of the data. There are no GPG signatures or checksums provided.
- We rely on HTTPS connections to
Please consult the security guide for our responsible security vulnerability disclosure process
Copyright (c) 2024, Oracle and/or its affiliates.
Licensed under the terms of the GNU General Public License.