did anybody manage to install dazuko on 11.0?
trying to build & install i got error that security capabilities are built-in the kernel - on 10.3 it was a module
on the other hand dazuko rpm installs but in no way i can load it
if somebody acopmlished the task, no matter which way, i’ll appreciate if shares how to
What RPM’s did you install… both dazuko and dazuko-kmp-default?
i installed dazuko-2.3.4.4-42.1-86_64 and dazuko-kmp-default-2.3.4.4_2.6.25.5_1.1-42.1-86_64
Dazuko and Apparmor conflict; It’s one or the other, sorry.
to get dazuko to run, uninstall everything apparmor & give it a go.
Snakedriver,
is that for sure? on 10.3 apparmor was allowing dazuko to load as secondary lsm module and they worked together- i confirm that personally
why was it changed in 11.0?!
It wasn’t; Didn’t work for me in 10.3:confused: I had to remove Apparmor.
They both build kernel modules and those modules conflict, AFAIK.
Exactly what dazuko did you have loaded?
Try to duplicate “load as secondary lsm module” is the best that I can do.
I think you will find that Developers, including SuSE want only one LSM; see: Linux Security Modules - Wikipedia, the free encyclopedia
That reasoning is what leads openSUSE to it’s own developed AppArmor.
AppArmor documentation can be had here: Novell Doc: OpenSUSE 11.0 - Table of Contents
Good luck:)
in 10.3 capabilities were build as module - not in the kernel - and capabilities.ko was located in /lib/modules/uname -r/security/
i was able to build dazuko from source and load it copying dazuko.ko in the same dir, depmod -a
now, /lib/modules/uname -r/security doesn’t exist… capabilities is built-in the kernel and:
checking host system type… Linux
checking for make utility… ok (make)
checking for C compiler… ok (cc)
kernel source in /lib/modules/2.6.25.5-1.1-default/source… yes
kernel build source in /lib/modules/2.6.25.5-1.1-default/build… yes
acquiring Linux kernel code configuration… ok
checking if Linux is RSBAC patched… no
checking if devfs is enabled… no
discovered host system… Linux (2.6.25)
checking if security module support is enabled… yes
verifying capabilities are not built-in… built-in 
error: capabilities are built-in to the kernel:
you will need to recompile a kernel with capabilities
as a kernel module
in the way above i configured dazuko on 10.3, you can see now the result :eek:
checking host system type… Linux
checking for make utility… ok (make)
checking for C compiler… ok (cc)
kernel source in /lib/modules/2.6.25.5-1.1-default/source… yes
kernel build source in /lib/modules/2.6.25.5-1.1-default/build… yes
acquiring Linux kernel code configuration… ok
checking if Linux is RSBAC patched… no
checking if devfs is enabled… no
discovered host system… Linux (2.6.25)
checking whether __d_path() is exported… yes
checking for System.map file… ok (/boot/System.map-2.6.25.5-1.1-default)
locating sys_call_table… ok (0xffffffff8045b390)
checking sys_call_table status… read-only
IMPORTANT NOTE:
If you get a kernel panic or segmentation fault while loading
the Dazuko module, you will need to reboot and try to
configure Dazuko again with the --sct-readonly option.
locating do_execve… ok (0xffffffff802a57f5)
identifying device API… ok
inspecting class type… ok (class)
inspecting suspend function… ok (suspend2)
inspecting task_struct structure… ok (using parent)
disabling ON_EXEC events (only available on x86 platforms)
configure: creating Makefile
configure: creating library/Makefile
configure: creating example_c/Makefile
./configure successful
module events = ON_OPEN ON_CLOSE
devfs support = no
rsbac support = no
hooking via syscalls = yes
local __d_path() = no
path resolution = registered daemon context
module debug = no
library 1.x compatibility = yes
make -C /lib/modules/2.6.25.5-1.1-default/build SUBDIRS="/root/Install/dazuko-2.3.5" modules
make[1]: Entering directory /usr/src/linux-2.6.25.5-1.1-obj/x86_64/default' make -C /usr/src/linux-2.6.25.5-1.1 O=/usr/src/linux-2.6.25.5-1.1-obj/x86_64/default/. modules CC [M] /root/Install/dazuko-2.3.5/dazuko_core.o CC [M] /root/Install/dazuko-2.3.5/dazuko_transport.o CC [M] /root/Install/dazuko-2.3.5/dazuko_linux.o /root/Install/dazuko-2.3.5/dazuko_linux.c:90: error: conflicting types for ‘__d_path’ /usr/src/linux-2.6.25.5-1.1/include/linux/dcache.h:303: error: previous declaration of ‘__d_path’ was here /root/Install/dazuko-2.3.5/dazuko_linux.c: In function ‘dazuko_get_filename_dentry’: /root/Install/dazuko-2.3.5/dazuko_linux.c:659: error: ‘struct nameidata’ has no member named ‘dentry’ /root/Install/dazuko-2.3.5/dazuko_linux.c: In function ‘dazuko_get_full_filename’: /root/Install/dazuko-2.3.5/dazuko_linux.c:899: error: ‘struct nameidata’ has no member named ‘mnt’ /root/Install/dazuko-2.3.5/dazuko_linux.c: In function ‘dazuko_fill_file_struct_cleanup’: /root/Install/dazuko-2.3.5/dazuko_linux.c:1004: error: implicit declaration of function ‘path_release’ /root/Install/dazuko-2.3.5/dazuko_linux.c: In function ‘xp_sys_hook’: /root/Install/dazuko-2.3.5/dazuko_linux.c:2179: error: invalid operands to binary == (have ‘struct path’ and ‘void *’) /root/Install/dazuko-2.3.5/dazuko_linux.c:2187: error: ‘struct fs_struct’ has no member named ‘rootmnt’ /root/Install/dazuko-2.3.5/dazuko_linux.c:2257: error: ‘struct fs_struct’ has no member named ‘rootmnt’ /root/Install/dazuko-2.3.5/dazuko_linux.c:2261: error: incompatible types in assignment make[4]: *** [/root/Install/dazuko-2.3.5/dazuko_linux.o] Error 1 make[3]: *** [_module_/root/Install/dazuko-2.3.5] Error 2 make[2]: *** [sub-make] Error 2 make[1]: *** [all] Error 2 make[1]: Leaving directory /usr/src/linux-2.6.25.5-1.1-obj/x86_64/default’
make: *** [dummy_rule] Error 2
finally, if i install the dazuko & dazuko-kmp-default rpms and try to load dazuko module:
WARNING: Error inserting redirfs (/lib/modules/2.6.25.5-1.1-default/updates/redirfs.ko): Unknown symbol in module, or unknown parameter (see dmesg)
FATAL: Error inserting dazuko (/lib/modules/2.6.25.5-1.1-default/updates/dazuko.ko): Unknown symbol in module, or unknown parameter (see dmesg)
also, removing apparmor doesn’t change anything, i got the same errors
is there any way to use dazuko on 11.0?
18 Jun 2008 - Dazuko 2.3.5 and nullfs 0.0.3 have been merged together as DazukoFS.
Does it have to be in that file system???
I assume you did (from the readme):
# cd /linux/src/dir/linux-a.b.c.d
# zcat /proc/config.gz > .config
# zcat patch-dazuko-linux-a.b.c.diff.gz | patch -p1
# make menuconfig
(select Dazuko in the Security section and exit, saving changes)
# make
etc
no, my previous post was about errors trying to build dazuko from source without nullfs
attempt to build a new kernel patched with dazukoFS fails at patching and respectively at make bzImage… i am trying now to fix patch by hand, will see 
looks like no way to run dazuko on 11.0 and the question is what to do when you need an antivirus guard in lan with $M systems… great!
also would like to mention that if you want to build a new kernel with capabilities compiled like module (like 10.3), you cannot do that 
there is no option <module> in make xconfig. if .config is edited by hand make bzImage tells that module is invalid option and asks for yes/no…
Thread moved to Applications
hello Pls can you tell me the steps to compile dazuko successfully on SuSE 11…Thanks in Advance!!!
How??? pls reply
would you specify suse 11… 11.0, 11.1, 11.2???
would you specify the exact version of suse 11… 11.0, 11.1, 11.2???