无法为SELinux编译Debian RefPolicy
[英]Can't compile Debian RefPolicy for SELinux
问题描述
I am using Debian 6 with SELinux enabled. 
我正在使用启用了SELinux的Debian 6。
Now, I just want to change default policy and make my-policy as a active policy. 现在,我只想更改默认策略并使my-policy成为活动策略。 For that I have downloaded debian's refpolicy and tried to compile it. 为此,我下载了debian的refpolicy并尝试对其进行编译。
It seems rolemap file is not found. 似乎rolemap文件。 But rolemap is defined in Makefile.src . 但是rolemap是在Makefile.src定义的。
Also, parsing /tmp/example.tmp file failed at 'introduce()' line:28 . 另外,解析/tmp/example.tmp文件在'introduce()' line:28失败。
Find output of make at below: 在下面找到make的输出:
debian:/opt/policy-src/debian# make -f Makefile.src all Compiling default example module echo "ifdef(\`""example""_per_role_template',\`" > tmp/example.mod.role m4
-D distro_debian -D direct_sysadm_daemon -D hide_broken_symptoms -D mls_num_sens=16 -D mls_num_cats=1024 -D mcs_num_cats=1024 -D mandatory_mcs rolemap | gawk '/^[[:blank:]]*[A-Za-z]/{ print "gen_require(type " $3 "; role " $1 ";)\nexample_per_role_template(" $2 "," $3 "," $1 ")" }' >> tmp/example.mod.role echo "')" >> tmp/example.mod.role echo "ifdef(\`""example""_per_userdomain_template',\`" >> tmp/example.mod.role echo "errprint(\`Warning: per_userdomain_templates have been renamed to per_role_templates (""example""_per_userdomain_template)'__endline__)" >> tmp/example.mod.role m4 -D distro_debian -D direct_sysadm_daemon -D hide_broken_symptoms -D mls_num_sens=16 -D mls_num_cats=1024 -D mcs_num_cats=1024 -D mandatory_mcs rolemap | gawk '/^[[:blank:]]*[A-Za-z]/{ print "gen_require(type " $3 "; role " $1 ";)\nexample_per_userdomain_template(" $2 "," $3 "," $1 ")" }' >> tmp/example.mod.role echo "')" >> tmp/example.mod.role m4 -D distro_debian -D direct_sysadm_daemon -D hide_broken_symptoms -D mls_num_sens=16 -D mls_num_cats=1024 -D mcs_num_cats=1024 -D mandatory_mcs -s tmp/all_interfaces.conf example.te tmp/example.mod.role > tmp/example.tmp /usr/bin/checkmodule -m tmp/example.tmp -o tmp/example.mod /usr/bin/checkmodule: loading policy configuration from tmp/example.tmp tmp/all_interfaces.conf":28:ERROR 'Building a policy module, but no module specification found. ' at token 'interface' on line 28: interface(myapp_domtrans,
# /usr/bin/checkmodule: error(s) encountered while parsing configuration make: *** [tmp/example.mod] Error 1
How could I compile this policy? 我该如何制定这项政策?
1 个解决方案
解决方案1
0 2015-06-11 09:19:00
To add your my-policy into the debian's refpolicy you have to work with the refpolicy (original sources) and the debian package (contains the example files). 要将您的my-policy添加到debian的refpolicy中,您必须使用refpolicy(原始资源)和debian软件包(包含示例文件)。
See how to work with debian sources . 了解如何使用debian源码 。 Instead of make you should use the Debian build tools. 而不是make您使用Debian构建工具。
Step by step: 一步步:
- Source Package files for Debian 6 selinux-policy-default Debian 6 selinux-policy-default的源软件包文件
- run
dpkg-source -x refpolicy_0.2.20100524-7+squeeze1.dsc运行dpkg-source -x refpolicy_0.2.20100524-7+squeeze1.dsc - goto "refpolicy-0.2.20100524" directory and make your changes 转到“ refpolicy-0.2.20100524”目录并进行更改
- build new debian package
dpkg-buildpackage构建新的Debian软件包dpkg-buildpackage - install new package
dpkg -i ../selinux-policy-default_0.2.20100524-7+squeeze1_all.deb安装新软件包dpkg -i ../selinux-policy-default_0.2.20100524-7+squeeze1_all.deb
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.