Hi All,
I am trying to build SRPM and RPM out of cureent clamav tarball.
I just download it to /ur/src/redhat/SOURCES as follows.
[root@mail SOURCES]# wget http://freshmeat.net/redir/clamav/29355/url_tgz/clamav-0.90.3.tar.gz
When I issue rpmbuild -ta, it gave below error.
[root@mail SOURCES]# rpmbuild -ta clamav-0.90.3.tar.gz error: Name field must be present in package: (main package) error: Version field must be present in package: (main package) error: Release field must be present in package: (main package) error: Summary field must be present in package: (main package) error: Group field must be present in package: (main package) error: License field must be present in package: (main package)
I think , may be it does not have a SPEC file.
Then, What I did was I got clamav Version 0.90.2 Spec file from below URL.
http://crash.fce.vutbr.cz/crash-hat/5/clamav/clamav.spec
and copied it to /usr/src/redhat/SPECS/ and changed it's Version: 0.90.2to Version: 0.90.3
and ran it again as folows. then, again, it gave below error.
[root@mail SPECS]# rpmbuild -ta clamav.spec error: Name field must be present in package: (main package) error: Version field must be present in package: (main package) error: Release field must be present in package: (main package) error: Summary field must be present in package: (main package) error: Group field must be present in package: (main package) error: License field must be present in package: (main package)
then, I tried as follows.
[root@mail SPECS]# rpmbuild -ba clamav.spec
then , It gave below error. error: File /usr/src/redhat/SOURCES/clamav-milter-dontsux.patch: No such file or directory
What's wrong with it?
Where have I gone worng?
How to build both clamav SRPM AND RPM for CentOS 5
On 6/24/07, Indunil Jayasooriya indunil75@gmail.com wrote:
How to build both clamav SRPM AND RPM for CentOS 5
You don't have to. clamav is available from RPMforge.
Akemi
How to build both clamav SRPM AND RPM for CentOS 5
You don't have to. clamav is available from RPMforge.
I installed it fro Dag. But it gace erros. Then I desabled selinux. Then , It worked. But i do not want to leave selinux disabled.
That's why. I am trying to build it.
Akemi
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
On Mon, 25 Jun 2007, Indunil Jayasooriya wrote:
How to build both clamav SRPM AND RPM for CentOS 5
You don't have to. clamav is available from RPMforge.
I installed it fro Dag. But it gace erros. Then I desabled selinux. Then , It worked. But i do not want to leave selinux disabled.
That's why. I am trying to build it.
Why would you expect that rebuilding it will make it work for SELinux ?
Kind regards, -- dag wieers, dag@wieers.com, http://dag.wieers.com/ -- [all I want is a warm bed and a kind word and unlimited power]
On 6/25/07, Indunil Jayasooriya indunil75@gmail.com wrote:
I installed it fro Dag. But it gace erros. Then I desabled selinux. Then , It worked. But i do not want to leave selinux disabled.
That's why. I am trying to build it.
Rebuilding the code won't solve the problem. You'll have to modify the selinux rules so that these actions are allowed. For Centos5 and rhel5 this is pretty easy.
1. Enable selinux in permissive mode, and capture the selinux error messages. They'll likely be in /var/log/audit/audit.log or /var/log/messages 2. Run audit2allow -i selinux.log -M localpolicy 3. Next you load the module you just created with 'semodule -i localpolicy.pp'
Lather, rinse, repeat.
On Mon, 2007-06-25 at 09:16 -0400, Jim Perrin wrote:
Rebuilding the code won't solve the problem. You'll have to modify the selinux rules so that these actions are allowed. For Centos5 and rhel5 this is pretty easy.
- Enable selinux in permissive mode, and capture the selinux error
messages. They'll likely be in /var/log/audit/audit.log or /var/log/messages 2. Run audit2allow -i selinux.log -M localpolicy 3. Next you load the module you just created with 'semodule -i localpolicy.pp'
Lather, rinse, repeat.
Actually, I don't think this is a very good idea (I know it is suggested in upstream documentation). For instance, suppose that clamav is tagged as, say 'bin_t', and executing clamav was rejected. The above will usually add a allow rule for executing bin_t binaries for the context of the caller. This obviously punches a big hole in a policy if it does not allow such thing.
Make your own policy modules for local policy (you could create a start with command (2)), but add and check rules and contexts manually. audit2allow is a nice tool to see what was denied, but its output should not be copied verbatim.
-- Daniel
On 6/25/07, Daniel de Kok danieldk@pobox.com wrote:
Make your own policy modules for local policy (you could create a start with command (2)), but add and check rules and contexts manually. audit2allow is a nice tool to see what was denied, but its output should not be copied verbatim.
Eh, call me lazy... I didn't want this to become a 'how to create selinux policy modules' discussion, so I paraphrased the upstream documentation. It may not be the most secure method (Obviously) but it is the same support upstreams users are paying to get, at least at the tier 1 support level.
On Mon, Jun 25, 2007 at 10:04:29AM -0400, Jim Perrin enlightened us:
Eh, call me lazy... I didn't want this to become a 'how to create selinux policy modules' discussion, so I paraphrased the upstream documentation. It may not be the most secure method (Obviously) but it is the same support upstreams users are paying to get, at least at the tier 1 support level.
Lazy. Can I get a Worthless in, too, while I'm at it?
On Mon, 25 Jun 2007, Matt Hyclak wrote:
On Mon, Jun 25, 2007 at 10:04:29AM -0400, Jim Perrin enlightened us:
Eh, call me lazy... I didn't want this to become a 'how to create selinux policy modules' discussion, so I paraphrased the upstream documentation. It may not be the most secure method (Obviously) but it is the same support upstreams users are paying to get, at least at the tier 1 support level.
Lazy. Can I get a Worthless in, too, while I'm at it?
You want lazy? OK:
semodule -r clamav
--- Matt Hyclak hyclak@math.ohiou.edu wrote:
On Mon, Jun 25, 2007 at 10:04:29AM -0400, Jim Perrin enlightened us:
Eh, call me lazy... I didn't want this to become a
'how to create
selinux policy modules' discussion, so I
paraphrased the upstream
documentation. It may not be the most secure
method (Obviously) but it
is the same support upstreams users are paying to
get, at least at the
tier 1 support level.
Lazy. Can I get a Worthless in, too, while I'm at it?
-- Matt Hyclak Department of Mathematics Department of Social Work Ohio University (740) 593-1263 _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Can I add Grouchy ole man to it too? :-)
Steven
"On the side of the software box, in the 'System Requirements' section, it said 'Requires Windows or better'. So I installed Linux."
Get your Art Supplies @ www.littleartstore.com
-
Akemi Yagi -
Dag Wieers -
Daniel de Kok -
Indunil Jayasooriya -
Jim Perrin -
Matt Hyclak -
Paul Heinlein -
Steven Vishoot