Compiling kernels the Debian way

I almost always look it up here. I patch my kernels with the exec-shield patch by Ingo Molnar; I tried GRSec/PaX, but I’m too stupid to get it to work without investing too much time. I have the sticky bit and world writable permissions on /usr/src set, so that I can unpack the archive and work in it unhindered by permission problems yet with others unable to damage the kernel source directories.

aptitude install linux-source-2.6.x
cd /usr/src
tar xvjf kernel-source-2.6.x.tar.bz2
cd kernel-source-2.6.x
make mrproper
patch -p1 < ~/downloads/exec-shield-nx-2.6.x.patch
make mrproper
cp ../kernel-source-2.6.(x-1)/.config .
make oldconfig
make gconfig
make-kpkg clean # necessary because of --revision
make-kpkg --rootcmd fakeroot kernel_image --revision 1 --append-to-version -execsh-1
sudo mount /boot -o rw,remount
sudo dpkg -i ../kernel-image-2.6.x-execsh-1_1_i386.deb
sudo mount /boot -o ro,remount

With modern versions of make-kpkg, this updates the grub file.