Search Criteria
Package Details: caitsith-lkm 0.2_20200808-1
| Git Clone URL: | https://aur.archlinux.org/caitsith-lkm.git (read-only, click to copy) |
|---|---|
| Package Base: | caitsith-lkm |
| Description: | CaitSith LKM-based LSM version |
| Upstream URL: | http://caitsith.osdn.jp/ |
| Keywords: | caitsith module |
| Licenses: | |
| Submitter: | Torsten |
| Maintainer: | Torsten |
| Last Packager: | Torsten |
| Votes: | 3 |
| Popularity: | 0.000000 |
| First Submitted: | 2014-04-15 10:27 |
| Last Updated: | 2020-08-15 22:03 |
Dependencies (4)
- linux (linux-ryzen-git, linux-surfacepro3-git, linux-aarch64-rock64-bin, linux-ec2, linux-galliumos, linux-linode, linux-zest-git, linux-lts49-kallsyms, linux-bootsplash, graceful-linux58, linux-aarch64-raspberrypi-bin, linux-oled, linux-xanmod-git, linux-manjaro-xanmod, linux-lts414, linux-lts49, linux-lts44, linux-rockchip, linux-manjaro-xanmod-lts, linux-sunxi, linux-sunxi64, linux-slim, linux-amd, linux-amd-raven, linux-amd-znver2, linux-xanmod-lts, linux-nitrous, linux-nitrous-fire, linux-nitrous-git, linux-nitrous-fire-git, linux-rockchip64, linux-xanmod, linux-xanmod-anbox)
- ncurses (ncurses-nohex, ncurses-git)
- linux-headers (linux-lts-ck-headers, linux-ryzen-git-headers, linux-surfacepro3-git-headers, linux-aarch64-rock64-bin-headers, linux-ec2-headers, kernel-uek-devel, linux-galliumos-headers, linux-zest-git-headers, linux-lts49-kallsyms-headers, linux-bootsplash-headers, linux-fbcondecor-headers, linux-ck-fbcondecor-headers, graceful-linux58-headers, linux-xanmod-git-headers, linux-manjaro-xanmod-headers, linux-lts414-headers, linux-lts49-headers, linux-lts44-headers, linux-rockchip-headers, linux-bcachefs-ck-headers, linux-mainline-bcachefs-headers, linux-manjaro-xanmod-lts-headers, linux-sunxi-headers, linux-sunxi64-headers, linux-slim-headers, linux-amd-headers, linux-amd-raven-headers, linux-amd-znver2-headers, linux-ck-headers, linux-xanmod-lts-headers, linux-nitrous-headers, linux-nitrous-fire-headers, linux-nitrous-git-headers, linux-nitrous-fire-git-headers, linux-rockchip64-headers, linux-xanmod-headers, linux-xanmod-anbox-headers, linux-gc-headers) (make)
- caitsith-tools (optional)
Latest Comments
Torsten commented on 2017-05-05 11:10
@egrupled: thanks for your help!
egrupled commented on 2017-05-05 09:39
Ok, It was my specific issue. I had "kernel.kptr_restrict=2" set in sysctl, after changing it to "1" module successfully loaded. Maybe "0" would be even better. Anyway problem solved. Now as it's tested I think you can adjust PKGBUILD as I suggested in previous comment:
prepare() {
cp -a "/usr/lib/modules/${_kernver}/build" "${srcdir}"
cd "${srcdir}/build/"
tar -zxf "${srcdir}/caitsith-patch-${_basever}-${_timestamp}.tar.gz"
sed -i -e 's_/sbin/init_/usr/lib/systemd/systemd_' caitsith/config.h
}
build() {
cd "${srcdir}/build/"
make SUBDIRS=caitsith modules
}
package() {
cd "${srcdir}/build"
make SUBDIRS=caitsith MODLIB="${pkgdir}/usr/lib/modules/${_kernver}/kernel/" modules_install
sed -i -e "s/KERNEL_VERSION='.*'/KERNEL_VERSION='${_kernver}'/" "${startdir}/caitsith-lkm.install"
}
egrupled commented on 2017-05-04 14:19
Ok. I found svn repo here https://osdn.net/projects/caitsith/ and here some comments https://www.mail-archive.com/tomoyo-users-en@lists.osdn.me/msg00052.html
I'll try to contact developer
Torsten commented on 2017-05-04 13:53
I have currently no time to look into this issue. Hopefully I have time by end of next week for this. If you find a patch in the meantime, please let me know
egrupled commented on 2017-05-04 13:49
No I don't want dealing with AUR infrastructure :)
I found this when I was looking for replacement for grsec as it's no more available for new kernels.
Anyway it looks broken for now. After "modprobe caitsith" I get:
Can't resolve security_bprm_committed_creds().
Sorry, I couldn't guess dependent symbols.
I need some changes for supporting your environment.
Please contact the author.
Torsten commented on 2017-05-04 13:25
@egrupled thanks for your comments! Do you want to be a 'Co-Maintainer' for this package?
I didn't test it as I currently not use caitsith (there was/is some incompatibility with grsec).
egrupled commented on 2017-05-04 13:18
Thanks for updating this.
I was partially wrong. /usr/lib/modules/${_kernver}/extramodules/ is a symlink so there's conflict while installing files. In order to change install dir as I suggested you would need to specify exact kernel version because uname -r shows this:
4.11.0-1-ARCH
and we need this:
4.11-ARCH
and install it to /usr/lib/modules/extramodules-4.11-ARCH. See https://git.archlinux.org/svntogit/community.git/tree/trunk/PKGBUILD?h=packages/acpi_call how it look like.
In this case I recommend go back as it was before so we install it to current kernel without specified version (user have to manually rebuild it after every kernel update), sorry.
Additionally I looked at PKGBUILD and found it could be enhanced a little:
1. We should change init to systemd as it's default in Arch, see http://caitsith.osdn.jp/#2.1.3
2. We can use make install insted of manually copying files.
Here's enhanced part of PKGBUILD:
prepare() {
cp -a "/usr/lib/modules/${_kernver}/build" "${srcdir}"
cd "${srcdir}/build/"
tar -zxf "${srcdir}/caitsith-patch-${_basever}-${_timestamp}.tar.gz"
sed -i -e 's_/sbin/init_/usr/lib/systemd/systemd_' caitsith/config.h
}
build() {
cd "${srcdir}/build/"
make SUBDIRS=caitsith modules
}
package() {
cd "${srcdir}/build"
make SUBDIRS=caitsith MODLIB="${pkgdir}/usr/lib/modules/${_kernver}/kernel/" modules_install
sed -i -e "s/KERNEL_VERSION='.*'/KERNEL_VERSION='${_kernver}'/" "${startdir}/caitsith-lkm.install"
}
egrupled commented on 2017-05-04 08:51
Install directory should be:
"${pkgdir}/usr/lib/modules/${_kernver}/extramodules/caitsith.ko"
instead of:
"${pkgdir}/usr/lib/modules/${_kernver}/kernel/extra/caitsith.ko"