Date: Sat, 25 Feb 2006 00:29:46 +0000 (GMT) From: Robert Watson <rwatson@FreeBSD.org> To: Martin Fong <martin.fong@sri.com> Cc: trustedbsd-audit@FreeBSD.org Subject: Re: FYI: OpenBSM 1.0 alpha 4 tarball up for download Message-ID: <20060225001858.R37939@fledge.watson.org> In-Reply-To: <43FF8789.80203@sri.com> References: <43FF8789.80203@sri.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 24 Feb 2006, Martin Fong wrote: > Robert Watson wrote, > >> This is an FYI that the OpenBSM 1.0a4 tarball is now available for >> download on the OpenBSM web page: >> >> http://www.OpenBSM.org/ > > I've downloaded a copy but have encountered the following compilation > problems while building on Mac OS X 10.4.5: It sounds like all of these problems, with the exception of LOG_SECURITY, have to do with differences in the BSD make framework in FreeBSD and Darwin. At least some of these problems did not always exist, so it could well be that the BSD make parts in Darwin are decaying over time (the -lSystem error, for example). More below. > - Various Makefiles have incorrectly defined CFLAGS+ options; > specifically, there are embedded spaces after '-L': I've merged changes to remove these spaces. I'm unclear whether this is a new problem or not. > building shared library libbsm.1.dylib > /usr/bin/libtool: for architecture: cputype (16777234) cpusubtype > (0) file: -lSystem is not an object file (not allowed in a > library) ... > Is this due to a development environment requirement other than > using bsdmake? I'm sure this error wasn't always present -- it could be a result of changes in Tiger. > - While building bin/auditd, I got the following: > > cc -O -pipe -I- -I../.. -I../../libbsm -L../../libbsm -I. -c auditd.c > auditd.c: In function `main': > auditd.c:798: error: `LOG_SECURITY' undeclared (first use in this > function) > auditd.c:798: error: (Each undeclared identifier is reported only once > auditd.c:798: error: for each function it appears in.) > *** Error code 1 > > Where is LOG_SECURITY defined? In FreeBSD. In Darwin, we should use LOG_AUTH. I've submitted a change to Perforce to check for the definition of LOG_SECURITY and use LOG_AUTH instead if it's not present. It might be desirable to use LOG_AUTHPRIV, which appears to be in 10.4.x, but I've not checked earlier versions. > - While building bin/audit, I got the following: > > make: don't know how to make audit.1. Stop > > (N.b., audit/Makefile only declares audit.8 and not audit.1.) > > I look forward to your suggestions, This sounds like a different in the BSD makefile infrastructure. Sadly, I think the lesson here is one we knew already: that for the portable distribution of OpenBSM, we need to use a more portable Makefile infrastructure. For the version integrated into FreeBSD, we can use the FreeBSD Makefile infrastructure. The direction taken in OpenPAM was to use GNU make and configure for the separate (non-FreeBSD-integrated) distribution. This sounds like it's probably the right way to go. However, I don't have much experience with these, so it may take a bit of reading, or someone else contributing those changes. However, getting the build working on Solaris and Linux would be great, and might well fall out more naturally once that change is made. Once I worked around the above problems, I also ran into an issue where the build of auditd was missing the symbol for gatauevent_r. This appears to be because the Apple libbsm in /usr/lib is taking precedence over the local one in the openbsm/libbsm tree. Thanks for the feedback! Robert N M Watson
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060225001858.R37939>