can we get sandstorm to work on a grsec patched kernel?

[jacksingleton]

https://grsecurity.net/

we can try out these ansible scripts to build the kernel: https://github.com/freedomofpress/grsec

We will at the very least have to pull out a few lines of the grsec patch that disable unprivileged user namespaces: https://forums.grsecurity.net/viewtopic.php?f=3&t=3929#p13904

let's yank those lines out and see what breaks!

[ageis]

There's a section in the FAQ. https://docs.sandstorm.io/en/latest/administering/faq/