Login or Register to Ask a Question and Join Our Community


Linux

SELinux policy compiler errors for 2.6.26.8.tex1

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems Linux SELinux policy compiler errors for 2.6.26.8.tex1
# 1  
Old 01-04-2009
SELinux policy compiler errors for 2.6.26.8.tex1
Hello all!

I am trying to enable SELinux on bootup for my supported kernel
2.6.26.8.tex1

I am running PCLinuxOS 2009 Beta 2 which is based on Mandriva/Mandrake

From my reading, I know that I am able to set SELinux to boot (preferably in passive mode) however this would still 'change' my files; therefore I would need to run the utility/command: "setfiles"

setfiles
_____________________________________________

The problem I am having relates to the supporting files needed to run the application effectively. For my linux distribution, the config/info file is located here:

/usr/src/linux-2.6.26.8.tex1/security/selinux/Kconfig

It states:

Quote:
You will .. need a policy configuration and a labeled filesystem.
...obtain the policy compiler (checkpolicy), the utility for
labeling filesystems (setfiles), and an example policy configuration
from Security-Enhanced Linux
downloading the needed packages from
Download stable SELinux release,
I then try to compile but receive numerous errors such as this example for the checkpolicy package (which contains the setfiles) command

Code:
[root@localhost checkpolicy-1.34.7]# make -f Makefile
cc -g -Wall -Werror -O2 -pipe -fno-strict-aliasing -I. -I/usr/include -o checkpolicy.o -c checkpolicy.c
checkpolicy.c:73:37: error: sepol/policydb/policydb.h: No such file or directory
checkpolicy.c:74:37: error: sepol/policydb/services.h: No such file or directory
checkpolicy.c:75:40: error: sepol/policydb/conditional.h: No such file or directory
checkpolicy.c:76:38: error: sepol/policydb/hierarchy.h: No such file or directory
checkpolicy.c:77:34: error: sepol/policydb/flask.h: No such file or directory
checkpolicy.c:78:35: error: sepol/policydb/expand.h: No such file or directory
checkpolicy.c:79:33: error: sepol/policydb/link.h: No such file or directory
In file included from checkpolicy.c:82:
checkpolicy.h:4:36: error: sepol/policydb/ebitmap.h: No such file or directory
In file included from checkpolicy.c:82:
checkpolicy.h:7: error: expected specifier-qualifier-list before ‘ebitmap_t'
In file included from checkpolicy.c:83:
parse_util.h:33: error: expected ‘)' before ‘*' token

...

checkpolicy.c:1011: warning: format ‘%s' expects type ‘char *', but argument 4 has type ‘int'
checkpolicy.c:1019: warning: implicit declaration of function ‘strcpy'
checkpolicy.c:1019: warning: incompatible implicit declaration of built-in function ‘strcpy'
checkpolicy.c:1022: warning: format ‘%s' expects type ‘char *', but argument 4 has type ‘int'
checkpolicy.c:392: warning: unused variable ‘pf'
checkpolicy.c:376: warning: unused variable ‘avd'
make: *** [checkpolicy.o] Error 1

I turns out I am unable to compile any of the packages. Am I missing something very obvious or is this because of all the changes the kernel versions go through in relation to drivers?

_________________________________________

At this point, I am seriously considering just building the kernel from scratch but my question is, if i am to do this, how difficult would it be to 'copy' the final working settings from this configuration into my boot sequence for my present distribution? Would this be unnecessarily messy? Any other suggestions? Smilie

mouse
# 2  
Old 01-05-2009
The problem is the first error message. GCC doesn't exit immediately because maybe the package will compile without it. But it doesn't:
Code:
checkpolicy.c:73:37: error: sepol/policydb/policydb.h: No such file or directory
checkpolicy.c:74:37: error: sepol/policydb/services.h: No such file or directory
checkpolicy.c:75:40: error: sepol/policydb/conditional.h: No such file or directory

These should have been included, but perhaps they weren't, perhaps they are generated through "configure", or perhaps they are in a separate package.
# 3  
Old 01-05-2009
Thanks for the heads up otheus.

i'm just going to go ahead and learn some C. I figure it can't hurt me to learn at least enough to fix syntatical errors and the like when compiling new programs. But I also read Neo's post from a previous thread and my interest was piqued...

https://www.unix.com/unix-dummies-que...hese-days.html


Quote:
...Want to be great at UNIX? Get a version of UNIX (Linux, BSD, whatever), build a server from scratch and start building and writing C code. Get Rich Stevens books on system level programming and learn to program at the system level. Write your own server and client code, debug the code, work on interprocess communications, debug memory leaks, build shared libs, build static libs, fix corrupt file systems, etc....


Maybe this will be part of my new year's resolution : )
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Cybersecurity

Apply SeLinux policy to *nix device files

If its possible to apply SELinux policies to unix device files, would that be a problem? I would like to apply a policy to a process and enforce what it can communicate with device-wise (eg. physical network interface port) based on that policy. Would think that the "selinux-policy-mls" tool... (0 Replies)
Discussion started by: NYG71
0 Replies

2. Red Hat

SeLinux permission question

Hi, in /etc/httpd/conf/httpd.conf #DocumentRoot "/var/www/html" DocumentRoot "/home/phpmy/html" when I restarted httpd # /etc/init.d/httpd restart Stopping httpd: Starting httpd: Syntax error on line 293 of /etc/httpd/conf/httpd.conf:... (0 Replies)
Discussion started by: jediwannabe
0 Replies

3. UNIX and Linux Applications

A little help with seLinux

Situation: installed on Centos6.4 this samba4 package samba4-4.0.1-4.centos6.1.x86_64(wich had the path /usr/share/samba4 /var/lock/samba4,etc) I use selinux so i put in context /var/lock/samba4 -d system_u:object_r:samba_var_t:s0 /var/lock/samba4/.* -- ... (3 Replies)
Discussion started by: Linusolaradm1
3 Replies

4. Red Hat

selinux --disabled

Hi All, Will some one kindly explian below ? selinux What is the effect of installing a server using this kickstart option as follows: selinux --enforcing and selinux --disabled (1 Reply)
Discussion started by: sri243
1 Replies

5. UNIX for Dummies Questions & Answers

Changing colors for compiler errors/warnings

Hi, I am using GNU unix. And running a bash shell. Can anyone please tell me what is the command for changing the color of the compiler error/warning messages on the console. I think it is in .bashrc and do not know how. Thanks Pink (1 Reply)
Discussion started by: pink01
1 Replies

6. UNIX for Advanced & Expert Users

Changing colors for compiler errors/warnings

Hi, I am using GNU unix. And running a bash shell. Can anyone please tell me what is the command for changing the color of the compiler error/warning messages on the console. I think it is in .bashrc and do not know how. Thanks Pink (0 Replies)
Discussion started by: pink01
0 Replies

7. Programming

How Can a Machine Reads a Compiler Since A Compiler is Written in Text! Not Binaries?

To make a programming language you need a compiler, so what was the first programming language and how was is created if you need the compiler first? The compiler itself is considered as a high language comparing to the machine! since the compiler is not created in 1's and 0's... Eventhough i... (12 Replies)
Discussion started by: f.ben.isaac
12 Replies

8. AIX

C/C++ compiler ver 6 on AIX 5.3 - errors

Hi Guys, We are migrating AIX 5.1 to AIX 5.3. With this upgrade the C/C++ compiler is also upgraded to Visual Age C++ 6.0. After upgrading, when we tried to (re)compile our programs (since ibm open library classes are not going to work with new compiler), we are getting so many errors with no... (2 Replies)
Discussion started by: satguyz
2 Replies

9. UNIX for Advanced & Expert Users

SElinux

I am on a fedora core 2.6.9-1.677 i686 which is selinux enabled unlike the version I was on before .. which had to be manually enabled ..and if you knew nothing of the sort you were lost.. that was the case for me anyway! like i was saying ... now I am on a system that is enabled I have just... (1 Reply)
Discussion started by: moxxx68
1 Replies

10. Programming

gcc Compiler Switches: giving Illogical Errors

Hi, Has anyone used gcc compiler and know alot about it? I am compiling a file with: gcc -o xyz xyz.c abc.o -lsocket -lnsl it compiles pretty fine. But whe I use switches gcc -o -Wall -pedantic -ansi xyz xyz.c abc.o -lsocket -lnsl it starts giving illogical, rather I should say stupid... (1 Reply)
Discussion started by: Ahsan
1 Replies
Login or Register to Ask a Question