Package Details: caitsith-lkm 0.2_20200808-1

Git Clone URL: https://aur.archlinux.org/caitsith-lkm.git (read-only, click to copy)
Package Base: caitsith-lkm
Description: CaitSith LKM-based LSM version
Upstream URL: http://caitsith.osdn.jp/
Keywords: caitsith module
Licenses: GPL
Submitter: Torsten
Maintainer: Torsten
Last Packager: Torsten
Votes: 3
Popularity: 0.000000
First Submitted: 2014-04-15 10:27 (UTC)
Last Updated: 2020-08-15 22:03 (UTC)

Latest Comments

Torsten commented on 2017-05-05 11:10 (UTC)

@egrupled: thanks for your help!

egrupled commented on 2017-05-05 09:39 (UTC)

Ok, It was my specific issue. I had "kernel.kptr_restrict=2" set in sysctl, after changing it to "1" module successfully loaded. Maybe "0" would be even better. Anyway problem solved. Now as it's tested I think you can adjust PKGBUILD as I suggested in previous comment: prepare() { cp -a "/usr/lib/modules/${_kernver}/build" "${srcdir}" cd "${srcdir}/build/" tar -zxf "${srcdir}/caitsith-patch-${_basever}-${_timestamp}.tar.gz" sed -i -e 's_/sbin/init_/usr/lib/systemd/systemd_' caitsith/config.h } build() { cd "${srcdir}/build/" make SUBDIRS=caitsith modules } package() { cd "${srcdir}/build" make SUBDIRS=caitsith MODLIB="${pkgdir}/usr/lib/modules/${_kernver}/kernel/" modules_install sed -i -e "s/KERNEL_VERSION='.*'/KERNEL_VERSION='${_kernver}'/" "${startdir}/caitsith-lkm.install" }

egrupled commented on 2017-05-04 14:19 (UTC)

Ok. I found svn repo here https://osdn.net/projects/caitsith/ and here some comments https://www.mail-archive.com/tomoyo-users-en@lists.osdn.me/msg00052.html I'll try to contact developer

Torsten commented on 2017-05-04 13:53 (UTC)

I have currently no time to look into this issue. Hopefully I have time by end of next week for this. If you find a patch in the meantime, please let me know

egrupled commented on 2017-05-04 13:49 (UTC)

No I don't want dealing with AUR infrastructure :) I found this when I was looking for replacement for grsec as it's no more available for new kernels. Anyway it looks broken for now. After "modprobe caitsith" I get: Can't resolve security_bprm_committed_creds(). Sorry, I couldn't guess dependent symbols. I need some changes for supporting your environment. Please contact the author.

Torsten commented on 2017-05-04 13:25 (UTC)

@egrupled thanks for your comments! Do you want to be a 'Co-Maintainer' for this package? I didn't test it as I currently not use caitsith (there was/is some incompatibility with grsec).

egrupled commented on 2017-05-04 13:18 (UTC)

Thanks for updating this. I was partially wrong. /usr/lib/modules/${_kernver}/extramodules/ is a symlink so there's conflict while installing files. In order to change install dir as I suggested you would need to specify exact kernel version because uname -r shows this: 4.11.0-1-ARCH and we need this: 4.11-ARCH and install it to /usr/lib/modules/extramodules-4.11-ARCH. See https://git.archlinux.org/svntogit/community.git/tree/trunk/PKGBUILD?h=packages/acpi_call how it look like. In this case I recommend go back as it was before so we install it to current kernel without specified version (user have to manually rebuild it after every kernel update), sorry. Additionally I looked at PKGBUILD and found it could be enhanced a little: 1. We should change init to systemd as it's default in Arch, see http://caitsith.osdn.jp/#2.1.3 2. We can use make install insted of manually copying files. Here's enhanced part of PKGBUILD: prepare() { cp -a "/usr/lib/modules/${_kernver}/build" "${srcdir}" cd "${srcdir}/build/" tar -zxf "${srcdir}/caitsith-patch-${_basever}-${_timestamp}.tar.gz" sed -i -e 's_/sbin/init_/usr/lib/systemd/systemd_' caitsith/config.h } build() { cd "${srcdir}/build/" make SUBDIRS=caitsith modules } package() { cd "${srcdir}/build" make SUBDIRS=caitsith MODLIB="${pkgdir}/usr/lib/modules/${_kernver}/kernel/" modules_install sed -i -e "s/KERNEL_VERSION='.*'/KERNEL_VERSION='${_kernver}'/" "${startdir}/caitsith-lkm.install" }

egrupled commented on 2017-05-04 08:51 (UTC)

Install directory should be: "${pkgdir}/usr/lib/modules/${_kernver}/extramodules/caitsith.ko" instead of: "${pkgdir}/usr/lib/modules/${_kernver}/kernel/extra/caitsith.ko"