base Kernel compile - how to patch for apparmor/firewall
I got and reasonably successfully compiled/installed the 2.6.24.2 kernel working from kernel.org. I really wanted this kernel because it has "native" support (that is, no ndiswrapper needed) for my WiFi card (b43legacy). The wireless is working, which is nice (had to get the firmware properly placed).
I have these two problems though: 1) I have to shut off the firewall in Suse 10.2 to get networking to work. I get a bunch of iptables-batch errors at boot up. 2) I cannot figure out how to get patch the kernel to get apparmor support. I've been here: http://forge.novell.com/modules/xfmod/project/?apparmor and see a/the patch, but don't know how to apply it. Any help with either of these problems would be greatly appreciated. Kurt |
Quote:
Quote:
|
Thanks, the apparmor patch didn't seem to work - I think it's because I am using 2.6.24.2 and not just 2.6.24-only. Is it possible to apply the patch to a later version?
security/apparmor/lsm.c:908: error: unknown field ‘socket_create’ specified in initializer security/apparmor/lsm.c:908: warning: initialization from incompatible pointer type security/apparmor/lsm.c:909: error: unknown field ‘socket_post_create’ specified in initializer security/apparmor/lsm.c:909: warning: initialization from incompatible pointer type security/apparmor/lsm.c:910: error: unknown field ‘socket_bind’ specified in initializer security/apparmor/lsm.c:910: warning: initialization from incompatible pointer type security/apparmor/lsm.c:911: error: unknown field ‘socket_connect’ specified in initializer security/apparmor/lsm.c:911: warning: initialization from incompatible pointer type security/apparmor/lsm.c:912: error: unknown field ‘socket_listen’ specified in initializer security/apparmor/lsm.c:912: warning: initialization from incompatible pointer type security/apparmor/lsm.c:913: error: unknown field ‘socket_accept’ specified in initializer security/apparmor/lsm.c:913: warning: excess elements in struct initializer security/apparmor/lsm.c:913: warning: (near initialization for ‘apparmor_ops’) security/apparmor/lsm.c:914: error: unknown field ‘socket_sendmsg’ specified in initializer security/apparmor/lsm.c:914: warning: excess elements in struct initializer security/apparmor/lsm.c:914: warning: (near initialization for ‘apparmor_ops’) security/apparmor/lsm.c:915: error: unknown field ‘socket_recvmsg’ specified in initializer security/apparmor/lsm.c:915: warning: excess elements in struct initializer security/apparmor/lsm.c:915: warning: (near initialization for ‘apparmor_ops’) security/apparmor/lsm.c:916: error: unknown field ‘socket_getsockname’ specified in initializer security/apparmor/lsm.c:916: warning: excess elements in struct initializer security/apparmor/lsm.c:916: warning: (near initialization for ‘apparmor_ops’) security/apparmor/lsm.c:917: error: unknown field ‘socket_getpeername’ specified in initializer security/apparmor/lsm.c:917: warning: excess elements in struct initializer security/apparmor/lsm.c:917: warning: (near initialization for ‘apparmor_ops’) security/apparmor/lsm.c:918: error: unknown field ‘socket_getsockopt’ specified in initializer security/apparmor/lsm.c:918: warning: excess elements in struct initializer security/apparmor/lsm.c:918: warning: (near initialization for ‘apparmor_ops’) security/apparmor/lsm.c:919: error: unknown field ‘socket_setsockopt’ specified in initializer security/apparmor/lsm.c:919: warning: excess elements in struct initializer security/apparmor/lsm.c:919: warning: (near initialization for ‘apparmor_ops’) security/apparmor/lsm.c:920: error: unknown field ‘socket_shutdown’ specified in initializer security/apparmor/lsm.c:920: warning: excess elements in struct initializer security/apparmor/lsm.c:920: warning: (near initialization for ‘apparmor_ops’) make[2]: *** [security/apparmor/lsm.o] Error 1 make[1]: *** [security/apparmor] Error 2 make: *** [security] Error 2 Here are the iptable/susefirewall2 messages that I get: Feb 24 21:29:23 balder SuSEfirewall2: Error: iptables-batch failed, re-running using iptables Feb 24 21:30:25 balder SuSEfirewall2: Error: iptables-batch failed, re-running using iptables Feb 24 21:30:40 balder SuSEfirewall2: Error: iptables-batch failed, re-running using iptables Feb 24 21:30:48 balder SuSEfirewall2: Error: iptables-batch failed, re-running using iptables Feb 24 21:31:46 balder SuSEfirewall2: Error: iptables-batch failed, re-running using iptables Feb 24 22:22:12 balder SuSEfirewall2: Error: iptables-batch failed, re-running using iptables Feb 25 07:04:10 balder SuSEfirewall2: Error: iptables-batch failed, re-running using iptables Feb 25 07:07:35 balder SuSEfirewall2: Error: iptables-batch failed, re-running using iptables Feb 25 21:15:11 balder SuSEfirewall2: Error: iptables-batch failed, re-running using iptables Feb 25 21:15:17 balder SuSEfirewall2: Error: iptables-batch failed, re-running using iptables Feb 25 21:15:21 balder SuSEfirewall2: Error: iptables-batch failed, re-running using iptables Kurt |
Quote:
Quote:
|
I can't configure the kernel with AppArmor, because I can't get the patch to work on 2.6.24.3 (now).
Kurt |
OK, but those errors you've shown don't look like errors from patch output?
|
No, I didn't get errors from quilt, I got those errors at compile time.
|
Quote:
|
All times are GMT -5. The time now is 11:38 AM. |