AppArmor零知识学习十二、源码构建(9)
本文内容参考:
AppArmor / apparmor · GitLab
接前一篇文章:AppArmor零知识学习十一、源码构建(8)
在前一篇文章中完成了apparmor源码构建的第六步——Apache mod_apparmor的构建和安装,本文继续往下进行。
四、源码构建
7. PAM AppArmor构建
(1)进入changehat/pam_apparmor目录
通过cd命令进入apparmor源码根目录下changehat目录下的mod_apparmor目录。实际命令及结果如下:
penghao@Ding-Perlis-MP260S48:~/AppArmor/apparmor$ cd changehat/
penghao@Ding-Perlis-MP260S48:~/AppArmor/apparmor/changehat$ ls
mod_apparmor pam_apparmor tomcat_apparmorpenghao@Ding-Perlis-MP260S48:~/AppArmor/apparmor/changehat$ cd pam_apparmor/
penghao@Ding-Perlis-MP260S48:~/AppArmor/apparmor/changehat/pam_apparmor$ ls
COPYING get_options.c get_options.o Makefile pam_apparmor.c pam_apparmor.changes pam_apparmor.h pam_apparmor.o pam_apparmor.so README
(2)编译
运行make命令进行编译。实际命令及结果如下所示:
$ make
cc -fPIC -shared -Wall -Wall -Wsign-compare -Wmissing-field-initializers -Wformat -Wformat-security -Wunused-parameter -Wimplicit-fallthrough -I../../libraries/libapparmor//include -c -o pam_apparmor.o pam_apparmor.c
cc -fPIC -shared -Wall -Wall -Wsign-compare -Wmissing-field-initializers -Wformat -Wformat-security -Wunused-parameter -Wimplicit-fallthrough -I../../libraries/libapparmor//include -c -o get_options.o get_options.c
cc -fPIC -shared -Wall -Wall -Wsign-compare -Wmissing-field-initializers -Wformat -Wformat-security -Wunused-parameter -Wimplicit-fallthrough -I../../libraries/libapparmor//include -Xlinker -x -L../../libraries/libapparmor//src/.libs/ -o pam_apparmor.so pam_apparmor.o get_options.o -lpam -lapparmor
(3)安装
运行make install命令进行安装。实际命令及结果如下所示:
$ sudo make install
[sudo] penghao 的密码:install -m 755 -d //lib/security
install -m 755 pam_apparmor.so //lib/security/
至此,PAM AppArmor就构建并安装完成了。
8. Profiles构建
(1)进入profiles目录
通过cd命令进入apparmor源码根目录下的profiles目录。实际命令及结果如下:
penghao@Ding-Perlis-MP260S48:~/AppArmor/apparmor$ cd profiles/
penghao@Ding-Perlis-MP260S48:~/AppArmor/apparmor/profiles$ ls
apparmor apparmor.d Makefile
(2)编译
运行make命令进行编译。实际命令及结果如下所示:
$ make
for profile in ./apparmor.d/bin.ping ./apparmor.d/lsb_release ./apparmor.d/nvidia_modprobe ./apparmor.d/php-fpm ./apparmor.d/samba-bgqd ./apparmor.d/samba-dcerpcd ./apparmor.d/samba-rpcd ./apparmor.d/samba-rpcd-classic ./apparmor.d/samba-rpcd-spoolss ./apparmor.d/sbin.klogd ./apparmor.d/sbin.syslogd ./apparmor.d/sbin.syslog-ng ./apparmor.d/usr.lib.apache2.mpm-prefork.apache2 ./apparmor.d/usr.lib.dovecot.anvil ./apparmor.d/usr.lib.dovecot.auth ./apparmor.d/usr.lib.dovecot.config ./apparmor.d/usr.lib.dovecot.deliver ./apparmor.d/usr.lib.dovecot.dict ./apparmor.d/usr.lib.dovecot.director ./apparmor.d/usr.lib.dovecot.doveadm-server ./apparmor.d/usr.lib.dovecot.dovecot-auth ./apparmor.d/usr.lib.dovecot.dovecot-lda ./apparmor.d/usr.lib.dovecot.imap ./apparmor.d/usr.lib.dovecot.imap-login ./apparmor.d/usr.lib.dovecot.lmtp ./apparmor.d/usr.lib.dovecot.log ./apparmor.d/usr.lib.dovecot.managesieve ./apparmor.d/usr.lib.dovecot.managesieve-login ./apparmor.d/usr.lib.dovecot.pop3 ./apparmor.d/usr.lib.dovecot.pop3-login ./apparmor.d/usr.lib.dovecot.replicator ./apparmor.d/usr.lib.dovecot.script-login ./apparmor.d/usr.lib.dovecot.ssl-params ./apparmor.d/usr.lib.dovecot.stats ./apparmor.d/usr.sbin.apache2 ./apparmor.d/usr.sbin.avahi-daemon ./apparmor.d/usr.sbin.dnsmasq ./apparmor.d/usr.sbin.dovecot ./apparmor.d/usr.sbin.identd ./apparmor.d/usr.sbin.mdnsd ./apparmor.d/usr.sbin.nmbd ./apparmor.d/usr.sbin.nscd ./apparmor.d/usr.sbin.ntpd ./apparmor.d/usr.sbin.smbd ./apparmor.d/usr.sbin.smbldap-useradd ./apparmor.d/usr.sbin.traceroute ./apparmor.d/usr.sbin.winbindd ./apparmor.d/zgrep; do \\fn=$(basename $profile); \\echo "# Site-specific additions and overrides for '$fn'" > ./apparmor.d/local/$fn; \\grep "include[[:space:]]\\\\+if[[:space:]]\\\\+exists[[:space:]]\\\\+<local/$fn>" "$profile" >/dev/null || { echo "$profile doesn't contain include if exists <local/$fn>" ; exit 1; } ; \\
done
(3)检查
运行make check命令进行检查。实际命令及结果如下所示:
$ make check
for profile in ./apparmor.d/bin.ping ./apparmor.d/lsb_release ./apparmor.d/nvidia_modprobe ./apparmor.d/php-fpm ./apparmor.d/samba-bgqd ./apparmor.d/samba-dcerpcd ./apparmor.d/samba-rpcd ./apparmor.d/samba-rpcd-classic ./apparmor.d/samba-rpcd-spoolss ./apparmor.d/sbin.klogd ./apparmor.d/sbin.syslogd ./apparmor.d/sbin.syslog-ng ./apparmor.d/usr.lib.apache2.mpm-prefork.apache2 ./apparmor.d/usr.lib.dovecot.anvil ./apparmor.d/usr.lib.dovecot.auth ./apparmor.d/usr.lib.dovecot.config ./apparmor.d/usr.lib.dovecot.deliver ./apparmor.d/usr.lib.dovecot.dict ./apparmor.d/usr.lib.dovecot.director ./apparmor.d/usr.lib.dovecot.doveadm-server ./apparmor.d/usr.lib.dovecot.dovecot-auth ./apparmor.d/usr.lib.dovecot.dovecot-lda ./apparmor.d/usr.lib.dovecot.imap ./apparmor.d/usr.lib.dovecot.imap-login ./apparmor.d/usr.lib.dovecot.lmtp ./apparmor.d/usr.lib.dovecot.log ./apparmor.d/usr.lib.dovecot.managesieve ./apparmor.d/usr.lib.dovecot.managesieve-login ./apparmor.d/usr.lib.dovecot.pop3 ./apparmor.d/usr.lib.dovecot.pop3-login ./apparmor.d/usr.lib.dovecot.replicator ./apparmor.d/usr.lib.dovecot.script-login ./apparmor.d/usr.lib.dovecot.ssl-params ./apparmor.d/usr.lib.dovecot.stats ./apparmor.d/usr.sbin.apache2 ./apparmor.d/usr.sbin.avahi-daemon ./apparmor.d/usr.sbin.dnsmasq ./apparmor.d/usr.sbin.dovecot ./apparmor.d/usr.sbin.identd ./apparmor.d/usr.sbin.mdnsd ./apparmor.d/usr.sbin.nmbd ./apparmor.d/usr.sbin.nscd ./apparmor.d/usr.sbin.ntpd ./apparmor.d/usr.sbin.smbd ./apparmor.d/usr.sbin.smbldap-useradd ./apparmor.d/usr.sbin.traceroute ./apparmor.d/usr.sbin.winbindd ./apparmor.d/zgrep; do \\fn=$(basename $profile); \\echo "# Site-specific additions and overrides for '$fn'" > ./apparmor.d/local/$fn; \\grep "include[[:space:]]\\\\+if[[:space:]]\\\\+exists[[:space:]]\\\\+<local/$fn>" "$profile" >/dev/null || { echo "$profile doesn't contain include if exists <local/$fn>" ; exit 1; } ; \\
done
*** Checking profiles from ./apparmor.d and ./apparmor/profiles/extras/ against apparmor_parser
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
*** Checking abstractions from ./apparmor.d/abstractions against apparmor_parser
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
*** Checking profiles from ./apparmor.d against logprof
正在在 /home/penghao/AppArmor/apparmor/profiles/apparmor.d 中更新 AppArmor 配置文件。从 /dev/null 读取日志条目。投诉模式更改:强制模式更改:*** Checking if all abstractions (with a few exceptions) contain include if exists <abstractions/*.d>
*** Checking if all extra profiles contain include if exists <local/*>
(4)安装
运行make install命令进行安装。实际命令及结果如下所示:
$ sudo make install
[sudo] penghao 的密码:for profile in ./apparmor.d/bin.ping ./apparmor.d/lsb_release ./apparmor.d/nvidia_modprobe ./apparmor.d/php-fpm ./apparmor.d/samba-bgqd ./apparmor.d/samba-dcerpcd ./apparmor.d/samba-rpcd ./apparmor.d/samba-rpcd-classic ./apparmor.d/samba-rpcd-spoolss ./apparmor.d/sbin.klogd ./apparmor.d/sbin.syslogd ./apparmor.d/sbin.syslog-ng ./apparmor.d/usr.lib.apache2.mpm-prefork.apache2 ./apparmor.d/usr.lib.dovecot.anvil ./apparmor.d/usr.lib.dovecot.auth ./apparmor.d/usr.lib.dovecot.config ./apparmor.d/usr.lib.dovecot.deliver ./apparmor.d/usr.lib.dovecot.dict ./apparmor.d/usr.lib.dovecot.director ./apparmor.d/usr.lib.dovecot.doveadm-server ./apparmor.d/usr.lib.dovecot.dovecot-auth ./apparmor.d/usr.lib.dovecot.dovecot-lda ./apparmor.d/usr.lib.dovecot.imap ./apparmor.d/usr.lib.dovecot.imap-login ./apparmor.d/usr.lib.dovecot.lmtp ./apparmor.d/usr.lib.dovecot.log ./apparmor.d/usr.lib.dovecot.managesieve ./apparmor.d/usr.lib.dovecot.managesieve-login ./apparmor.d/usr.lib.dovecot.pop3 ./apparmor.d/usr.lib.dovecot.pop3-login ./apparmor.d/usr.lib.dovecot.replicator ./apparmor.d/usr.lib.dovecot.script-login ./apparmor.d/usr.lib.dovecot.ssl-params ./apparmor.d/usr.lib.dovecot.stats ./apparmor.d/usr.sbin.apache2 ./apparmor.d/usr.sbin.avahi-daemon ./apparmor.d/usr.sbin.dnsmasq ./apparmor.d/usr.sbin.dovecot ./apparmor.d/usr.sbin.identd ./apparmor.d/usr.sbin.mdnsd ./apparmor.d/usr.sbin.nmbd ./apparmor.d/usr.sbin.nscd ./apparmor.d/usr.sbin.ntpd ./apparmor.d/usr.sbin.smbd ./apparmor.d/usr.sbin.smbldap-useradd ./apparmor.d/usr.sbin.traceroute ./apparmor.d/usr.sbin.winbindd ./apparmor.d/zgrep; do \\fn=$(basename $profile); \\echo "# Site-specific additions and overrides for '$fn'" > ./apparmor.d/local/$fn; \\grep "include[[:space:]]\\\\+if[[:space:]]\\\\+exists[[:space:]]\\\\+<local/$fn>" "$profile" >/dev/null || { echo "$profile doesn't contain include if exists <local/$fn>" ; exit 1; } ; \\
done
install -m 755 -d //etc/apparmor.d
install -m 755 -d //etc/apparmor.d/disable
for dir in ./apparmor.d ./apparmor.d/abstractions ./apparmor.d/abstractions/ubuntu-browsers.d ./apparmor.d/abstractions/apparmor_api ./apparmor.d/local ./apparmor.d/apache2.d ./apparmor.d/tunables ./apparmor.d/tunables/home.d ./apparmor.d/tunables/xdg-user-dirs.d ./apparmor.d/tunables/multiarch.d ./apparmor.d/abi ; do \\install -m 755 -d "//etc/apparmor.d/${dir#./apparmor.d}" ; \\
done
for file in $(find ./apparmor.d -type f -print) ; do \\install -m 644 "${file}" "//etc/apparmor.d/$(dirname ${file#./apparmor.d})" ; \\
done
install -m 755 -d //usr/share/apparmor/extra-profiles/
install -m 644 ./apparmor/profiles/extras//* //usr/share/apparmor/extra-profiles/
至此,Profiles就构建并安装完成了。