From: yoyocubeyo@gmail.com (Jingkang Zhou) Date: Sun, 6 Mar 2011 21:42:09 +0800 Subject: [refpolicy] Rules.modular:154: *** No enabled modules! modules.conf may need to be generated by using "make conf". Stop. In-Reply-To: <1299178886.16714.37.camel@moss-pluto> References: <1299178886.16714.37.camel@moss-pluto> Message-ID: To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com 2011/3/4 Stephen Smalley > On Thu, 2011-03-03 at 21:45 +0800, Jingkang Zhou wrote: > > I have tried to compile the policy using commands below: > > make bare > > make conf > > make policy > > > > > > "make policy" gives the error in the title. > > > > > > policy:refpolicy-2.20101213 > > > > > > the error also appeared when i followed this page and got to "make > > install": > > http://oss.tresys.com/projects/refpolicy/wiki/UseRefpolicy > > > > > > My operating system is a user mode linux running Debian squeeze. > > And > > dependencies( > http://oss.tresys.com/projects/refpolicy/wiki/DownloadRelease) of > refpolicy has all been installed or updated. > > refpolicy questions should go to refpolicy at oss.tresys.com; see: > http://oss.tresys.com/mailman/listinfo/refpolicy > > I've cc'd them on my reply, but you'll need to subscribe. > > I'd guess however that you got an error during the make conf portion or > else you would have some enabled modules. The actual output from make > conf would be useful, as would the final modules.conf file. > > -- > Stephen Smalley > National Security Agency > > thanks very much for reply~ I checked the output of make conf and it got to the end successfully. The result of lsmod is empty. The full txt version of make conf results and modules.conf file is attached in the end. modules.conf: corecommands = base corenetwork = base devices = base domain = base files = base filesystem = base kernel = base mcs = base mls = base selinux = base terminal = base ubac = base acct = module alsa = module amanda = module amtu = module anaconda = module apt = module backup = module bootloader = module brctl = module certwatch = module consoletype = module ddcprobe = module dmesg = module dmidecode = module dpkg = module firstboot = module kismet = module kudzu = module logrotate = module logwatch = module mcelog = module mrtg = module netutils = module portage = module prelink = module quota = module readahead = module rpm = module sectoolm = module shorewall = module smoltclient = module su = module sudo = module sxid = module tmpreaper = module tripwire = module tzdata = module updfstab = module usbmodules = module usermanage = module vbetool = module vpn = module ada = module authbind = module awstats = module calamaris = module cdrecord = module cpufreqselector = module ethereal = module evolution = module games = module gift = module gitosis = module gnome = module gpg = module irc = module java = module loadkeys = module lockdev = module mono = module mozilla = module mplayer = module podsleuth = module ptchown = module pulseaudio = module qemu = module rssh = module screen = module seunshare = module slocate = module thunderbird = module tvtime = module uml = module userhelper = module usernetctl = module vmware = module webalizer = module wine = module wireshark = module wm = module xscreensaver = module yam = module storage = module auditadm = module dbadm = module guest = module logadm = module secadm = module staff = module sysadm = module unprivuser = module webadm = module xguest = module abrt = module afs = module aide = module aisexec = module amavis = module apache = module apcupsd = module apm = module arpwatch = module asterisk = module audioentropy = module automount = module avahi = module bind = module bitlbee = module bluetooth = module canna = module ccs = module certmaster = module certmonger = module chronyd = module cipe = module clamav = module clockspeed = module clogd = module cobbler = module comsat = module consolekit = module corosync = module courier = module cpucontrol = module cron = module cups = module cvs = module cyphesis = module cyrus = module dante = module dbskk = module dbus = module dcc = module ddclient = module denyhosts = module devicekit = module dhcp = module dictd = module distcc = module djbdns = module dkim = module dnsmasq = module dovecot = module exim = module fail2ban = module fetchmail = module finger = module fprintd = module ftp = module gatekeeper = module git = module gnomeclock = module gpm = module gpsd = module hal = module hddtemp = module howl = module i18n_input = module icecast = module ifplugd = module imaze = module inetd = module inn = module ircd = module irqbalance = module jabber = module kerberos = module kerneloops = module ksmtuned = module ktalk = module ldap = module likewise = module lircd = module lpd = module mailman = module memcached = module milter = module modemmanager = module monop = module mta = module munin = module mysql = module nagios = module nessus = module networkmanager = module nis = module nscd = module nsd = module nslcd = module ntop = module ntp = module nut = module nx = module oav = module oddjob = module oident = module openca = module openct = module openvpn = module pads = module pcscd = module pegasus = module perdition = module pingd = module plymouthd = module policykit = module portmap = module portreserve = module portslave = module postfix = module postfixpolicyd = module postgresql = module postgrey = module ppp = module prelude = module privoxy = module procmail = module psad = module publicfile = module puppet = module pxe = module pyicqt = module pyzor = module qmail = module radius = module radvd = module razor = module rdisc = module remotelogin = module resmgr = module rgmanager = module rhcs = module rhgb = module ricci = module rlogin = module roundup = module rpc = module rpcbind = module rshd = module rsync = module rtkit = module rwho = module samba = module sasl = module sendmail = module setroubleshoot = module slrnpull = module smartmon = module smokeping = module snmp = module snort = module soundserver = module spamassassin = module speedtouch = module squid = module ssh = module sssd = module stunnel = module sysstat = module tcpd = module telnet = module tftp = module tgtd = module timidity = module tor = module transproxy = module tuned = module ucspitcp = module ulogd = module uptime = module usbmuxd = module uucp = module uwimap = module varnishd = module vhostmd = module virt = module w3c = module watchdog = module xfs = module xprint = module xserver = module zabbix = module zebra = module zosremote = module application = module authlogin = module clock = module daemontools = module fstools = module getty = module hostname = module hotplug = module init = module ipsec = module iptables = module iscsi = module kdump = module libraries = module locallogin = module logging = module lvm = module miscfiles = module modutils = module mount = module netlabel = module pcmcia = module raid = module selinuxutil = module setrans = module sysnetwork = module udev = module unconfined = module userdomain = module xen = module -------------- next part -------------- An HTML attachment was scrubbed... URL: http://oss.tresys.com/pipermail/refpolicy/attachments/20110306/8f36f26d/attachment-0001.html -------------- next part -------------- m4 -D self_contained_policy -D enable_ubac -D mls_num_sens=16 -D mls_num_cats=1024 -D mcs_num_cats=1024 -D hide_broken_symptoms -D self_contained_policy policy/modules/kernel/corenetwork.te.m4 policy/modules/kernel/corenetwork.te.in \ | sed -e 's/dollarsone/\$1/g' -e 's/dollarszero/\$0/g' >> policy/modules/kernel/corenetwork.te cat policy/modules/kernel/corenetwork.if.in >> policy/modules/kernel/corenetwork.if egrep "^[[:blank:]]*network_(interface|node|port|packet)(_controlled)?\(.*\)" policy/modules/kernel/corenetwork.te.in \ | m4 -D self_contained_policy -D enable_ubac -D mls_num_sens=16 -D mls_num_cats=1024 -D mcs_num_cats=1024 -D hide_broken_symptoms -D self_contained_policy policy/modules/kernel/corenetwork.if.m4 - \ | sed -e 's/dollarsone/\$1/g' -e 's/dollarszero/\$0/g' >> policy/modules/kernel/corenetwork.if cat policy/modules/admin/metadata.xml > tmp/admin.xml for i in policy/modules/admin/acct policy/modules/admin/alsa policy/modules/admin/amanda policy/modules/admin/amtu policy/modules/admin/anaconda policy/modules/admin/apt policy/modules/admin/backup policy/modules/admin/bootloader policy/modules/admin/brctl policy/modules/admin/certwatch policy/modules/admin/consoletype policy/modules/admin/ddcprobe policy/modules/admin/dmesg policy/modules/admin/dmidecode policy/modules/admin/dpkg policy/modules/admin/firstboot policy/modules/admin/kismet policy/modules/admin/kudzu policy/modules/admin/logrotate policy/modules/admin/logwatch policy/modules/admin/mcelog policy/modules/admin/mrtg policy/modules/admin/netutils policy/modules/admin/portage policy/modules/admin/prelink policy/modules/admin/quota policy/modules/admin/readahead policy/modules/admin/rpm policy/modules/admin/sectoolm policy/modules/admin/shorewall policy/modules/admin/smoltclient policy/modules/admin/su policy/modules/admin/sudo policy/modules/admin/sxid policy/modules/admin/tmpreaper policy/modules/admin/tripwire policy/modules/admin/tzdata policy/modules/admin/updfstab policy/modules/admin/usbmodules policy/modules/admin/usermanage policy/modules/admin/vbetool policy/modules/admin/vpn; do python -E support/segenxml.py -w -m $i >> tmp/admin.xml; done cat policy/modules/apps/metadata.xml > tmp/apps.xml for i in policy/modules/apps/ada policy/modules/apps/authbind policy/modules/apps/awstats policy/modules/apps/calamaris policy/modules/apps/cdrecord policy/modules/apps/cpufreqselector policy/modules/apps/ethereal policy/modules/apps/evolution policy/modules/apps/games policy/modules/apps/gift policy/modules/apps/gitosis policy/modules/apps/gnome policy/modules/apps/gpg policy/modules/apps/irc policy/modules/apps/java policy/modules/apps/loadkeys policy/modules/apps/lockdev policy/modules/apps/mono policy/modules/apps/mozilla policy/modules/apps/mplayer policy/modules/apps/podsleuth policy/modules/apps/ptchown policy/modules/apps/pulseaudio policy/modules/apps/qemu policy/modules/apps/rssh policy/modules/apps/screen policy/modules/apps/seunshare policy/modules/apps/slocate policy/modules/apps/thunderbird policy/modules/apps/tvtime policy/modules/apps/uml policy/modules/apps/userhelper policy/modules/apps/usernetctl policy/modules/apps/vmware policy/modules/apps/webalizer policy/modules/apps/wine policy/modules/apps/wireshark policy/modules/apps/wm policy/modules/apps/xscreensaver policy/modules/apps/yam; do python -E support/segenxml.py -w -m $i >> tmp/apps.xml; done cat policy/modules/kernel/metadata.xml > tmp/kernel.xml for i in policy/modules/kernel/corecommands policy/modules/kernel/corenetwork policy/modules/kernel/devices policy/modules/kernel/domain policy/modules/kernel/files policy/modules/kernel/filesystem policy/modules/kernel/kernel policy/modules/kernel/mcs policy/modules/kernel/mls policy/modules/kernel/selinux policy/modules/kernel/storage policy/modules/kernel/terminal policy/modules/kernel/ubac; do python -E support/segenxml.py -w -m $i >> tmp/kernel.xml; done cat policy/modules/roles/metadata.xml > tmp/roles.xml for i in policy/modules/roles/auditadm policy/modules/roles/dbadm policy/modules/roles/guest policy/modules/roles/logadm policy/modules/roles/secadm policy/modules/roles/staff policy/modules/roles/sysadm policy/modules/roles/unprivuser policy/modules/roles/webadm policy/modules/roles/xguest; do python -E support/segenxml.py -w -m $i >> tmp/roles.xml; done cat policy/modules/services/metadata.xml > tmp/services.xml for i in policy/modules/services/abrt policy/modules/services/afs policy/modules/services/aide policy/modules/services/aisexec policy/modules/services/amavis policy/modules/services/apache policy/modules/services/apcupsd policy/modules/services/apm policy/modules/services/arpwatch policy/modules/services/asterisk policy/modules/services/audioentropy policy/modules/services/automount policy/modules/services/avahi policy/modules/services/bind policy/modules/services/bitlbee policy/modules/services/bluetooth policy/modules/services/canna policy/modules/services/ccs policy/modules/services/certmaster policy/modules/services/certmonger policy/modules/services/chronyd policy/modules/services/cipe policy/modules/services/clamav policy/modules/services/clockspeed policy/modules/services/clogd policy/modules/services/cobbler policy/modules/services/comsat policy/modules/services/consolekit policy/modules/services/corosync policy/modules/services/courier policy/modules/services/cpucontrol policy/modules/services/cron policy/modules/services/cups policy/modules/services/cvs policy/modules/services/cyphesis policy/modules/services/cyrus policy/modules/services/dante policy/modules/services/dbskk policy/modules/services/dbus policy/modules/services/dcc policy/modules/services/ddclient policy/modules/services/denyhosts policy/modules/services/devicekit policy/modules/services/dhcp policy/modules/services/dictd policy/modules/services/distcc policy/modules/services/djbdns policy/modules/services/dkim policy/modules/services/dnsmasq policy/modules/services/dovecot policy/modules/services/exim policy/modules/services/fail2ban policy/modules/services/fetchmail policy/modules/services/finger policy/modules/services/fprintd policy/modules/services/ftp policy/modules/services/gatekeeper policy/modules/services/git policy/modules/services/gnomeclock policy/modules/services/gpm policy/modules/services/gpsd policy/modules/services/hal policy/modules/services/hddtemp policy/modules/services/howl policy/modules/services/i18n_input policy/modules/services/icecast policy/modules/services/ifplugd policy/modules/services/imaze policy/modules/services/inetd policy/modules/services/inn policy/modules/services/ircd policy/modules/services/irqbalance policy/modules/services/jabber policy/modules/services/kerberos policy/modules/services/kerneloops policy/modules/services/ksmtuned policy/modules/services/ktalk policy/modules/services/ldap policy/modules/services/likewise policy/modules/services/lircd policy/modules/services/lpd policy/modules/services/mailman policy/modules/services/memcached policy/modules/services/milter policy/modules/services/modemmanager policy/modules/services/monop policy/modules/services/mta policy/modules/services/munin policy/modules/services/mysql policy/modules/services/nagios policy/modules/services/nessus policy/modules/services/networkmanager policy/modules/services/nis policy/modules/services/nscd policy/modules/services/nsd policy/modules/services/nslcd policy/modules/services/ntop policy/modules/services/ntp policy/modules/services/nut policy/modules/services/nx policy/modules/services/oav policy/modules/services/oddjob policy/modules/services/oident policy/modules/services/openca policy/modules/services/openct policy/modules/services/openvpn policy/modules/services/pads policy/modules/services/pcscd policy/modules/services/pegasus policy/modules/services/perdition policy/modules/services/pingd policy/modules/services/plymouthd policy/modules/services/policykit policy/modules/services/portmap policy/modules/services/portreserve policy/modules/services/portslave policy/modules/services/postfix policy/modules/services/postfixpolicyd policy/modules/services/postgresql policy/modules/services/postgrey policy/modules/services/ppp policy/modules/services/prelude policy/modules/services/privoxy policy/modules/services/procmail policy/modules/services/psad policy/modules/services/publicfile policy/modules/services/puppet policy/modules/services/pxe policy/modules/services/pyicqt policy/modules/services/pyzor policy/modules/services/qmail policy/modules/services/radius policy/modules/services/radvd policy/modules/services/razor policy/modules/services/rdisc policy/modules/services/remotelogin policy/modules/services/resmgr policy/modules/services/rgmanager policy/modules/services/rhcs policy/modules/services/rhgb policy/modules/services/ricci policy/modules/services/rlogin policy/modules/services/roundup policy/modules/services/rpc policy/modules/services/rpcbind policy/modules/services/rshd policy/modules/services/rsync policy/modules/services/rtkit policy/modules/services/rwho policy/modules/services/samba policy/modules/services/sasl policy/modules/services/sendmail policy/modules/services/setroubleshoot policy/modules/services/slrnpull policy/modules/services/smartmon policy/modules/services/smokeping policy/modules/services/snmp policy/modules/services/snort policy/modules/services/soundserver policy/modules/services/spamassassin policy/modules/services/speedtouch policy/modules/services/squid policy/modules/services/ssh policy/modules/services/sssd policy/modules/services/stunnel policy/modules/services/sysstat policy/modules/services/tcpd policy/modules/services/telnet policy/modules/services/tftp policy/modules/services/tgtd policy/modules/services/timidity policy/modules/services/tor policy/modules/services/transproxy policy/modules/services/tuned policy/modules/services/ucspitcp policy/modules/services/ulogd policy/modules/services/uptime policy/modules/services/usbmuxd policy/modules/services/uucp policy/modules/services/uwimap policy/modules/services/varnishd policy/modules/services/vhostmd policy/modules/services/virt policy/modules/services/w3c policy/modules/services/watchdog policy/modules/services/xfs policy/modules/services/xprint policy/modules/services/xserver policy/modules/services/zabbix policy/modules/services/zebra policy/modules/services/zosremote; do python -E support/segenxml.py -w -m $i >> tmp/services.xml; done cat policy/modules/system/metadata.xml > tmp/system.xml for i in policy/modules/system/application policy/modules/system/authlogin policy/modules/system/clock policy/modules/system/daemontools policy/modules/system/fstools policy/modules/system/getty policy/modules/system/hostname policy/modules/system/hotplug policy/modules/system/init policy/modules/system/ipsec policy/modules/system/iptables policy/modules/system/iscsi policy/modules/system/kdump policy/modules/system/libraries policy/modules/system/locallogin policy/modules/system/logging policy/modules/system/lvm policy/modules/system/miscfiles policy/modules/system/modutils policy/modules/system/mount policy/modules/system/netlabel policy/modules/system/pcmcia policy/modules/system/raid policy/modules/system/selinuxutil policy/modules/system/setrans policy/modules/system/sysnetwork policy/modules/system/udev policy/modules/system/unconfined policy/modules/system/userdomain policy/modules/system/xen; do python -E support/segenxml.py -w -m $i >> tmp/system.xml; done python -E support/segenxml.py -w -t policy/global_tunables > doc/global_tunables.xml python -E support/segenxml.py -w -b policy/global_booleans > doc/global_booleans.xml Creating policy.xml echo '' > doc/policy.xml echo '' >> doc/policy.xml echo '' >> doc/policy.xml for i in admin apps kernel roles services system; do echo "" >> doc/policy.xml; cat tmp/$i.xml >> doc/policy.xml; echo "" >> doc/policy.xml; done cat doc/global_tunables.xml doc/global_booleans.xml >> doc/policy.xml echo '' >> doc/policy.xml if test -x /usr/bin/xmllint && test -f doc/policy.dtd; then \ /usr/bin/xmllint --noout --path doc/ --dtdvalid doc/policy.dtd doc/policy.xml ;\ fi Updating policy/modules.conf and policy/booleans.conf python -E support/sedoctool.py -b policy/booleans.conf -m policy/modules.conf -x doc/policy.xml -------------- next part -------------- A non-text attachment was scrubbed... Name: modules.conf Type: application/octet-stream Size: 32126 bytes Desc: not available Url : http://oss.tresys.com/pipermail/refpolicy/attachments/20110306/8f36f26d/attachment-0001.obj