Reevaluate building kernels under Ubuntu Trusty

[conorsch]

Last year there was a regression in the version of kernel-package served out of the trusty repos that prevented builds of the test kernel sources (#30). The upstream version in trusty has since been patched, so we should be able to use trusty for builds again—test and confirm, and update the Vagrantfile if so, so builds happen under Trusty by default.

In the context of building grsecurity-patched kernels for SecureDrop, we want to build on Trusty for Trusty, since make-kpkg pulls in the config for the currently running kernel by default.

[conorsch]

Successfully built 4.7.6 with test patches under Trusty. Will retry with stable patches. Mistakenly built under Vivid.

[conorsch]

Confirmed that Trusty still fails under the test patches. The mistaken assumption was:

The upstream version in trusty has since been patched

No, it hasn't; Trusty is still shipping the old problematic version:

$ apt-cache policy kernel-package
kernel-package:
  Installed: 12.036+nmu3
  Candidate: 12.036+nmu3
  Version table:
 *** 12.036+nmu3 0
        500 http://archive.ubuntu.com/ubuntu/ trusty/universe amd64 Packages
        100 /var/lib/dpkg/status

Building stable patches under Trusty does still succeed, though, so we'll keep doing that for building SecureDrop kernels. We can't switch the default box to Trusty for building test kernels, which was the original intent of this issue.

[conorsch]

Building stable patches under Trusty does still succeed, though

Needs to be reevaluated in the context of #80—can stable2 patches be built under Trusty?

[conorsch]

As explained in #79 (comment):

Latest results for building under bento/ubuntu-14.04:

• stable patch: PASS
• stable2 patch: FAIL
• test patch: FAIL

In #79 we decided to implement a separate vagrant machine specifically for maintaining the SD-related build process. That will allow us to target a specific playbook, as well.