Build error

[giuseppe-sec-eng]

I get the following error messages when executing

~/setools$ export SEPOL_SRC=/home/user/src/selinux/libsepol
~/setools$ python setup.py build
running build

In file included from libqpol/avrule_query.c:26:0:
libqpol/iterator_internal.h:70:3: error: unknown type name ‘avtab_extended_perms_t’
   avtab_extended_perms_t *xperms;
   ^
libqpol/avrule_query.c: In function ‘qpol_avrule_get_xperm_iter’:
libqpol/avrule_query.c:199:2: error: unknown type name ‘avtab_extended_perms_t’
  avtab_extended_perms_t *xperms = NULL;
  ^
libqpol/avrule_query.c:218:24: error: ‘avtab_datum_t {aka struct avtab_datum}’ has no member named ‘xperms’
  xperms = avrule->datum.xperms;
                        ^
libqpol/avrule_query.c:232:15: error: request for member ‘perms’ in something not a structure or union
  if (!((xperms->perms[0] & 1) && ((xperms->specified & AVTAB_XPERMS_IOCTLDRIVER) || xperms->driver == 0))) /* defaults to bit 0, if off: advance */
               ^
libqpol/avrule_query.c:232:42: error: request for member ‘specified’ in something not a structure or union
  if (!((xperms->perms[0] & 1) && ((xperms->specified & AVTAB_XPERMS_IOCTLDRIVER) || xperms->driver == 0))) /* defaults to bit 0, if off: advance */
                                          ^
libqpol/avrule_query.c:232:56: error: ‘AVTAB_XPERMS_IOCTLDRIVER’ undeclared (first use in this function)
  if (!((xperms->perms[0] & 1) && ((xperms->specified & AVTAB_XPERMS_IOCTLDRIVER) || xperms->driver == 0))) /* defaults to bit 0, if off: advance */
                                                        ^
libqpol/avrule_query.c:232:56: note: each undeclared identifier is reported only once for each function it appears in
libqpol/avrule_query.c:232:91: error: request for member ‘driver’ in something not a structure or union
  if (!((xperms->perms[0] & 1) && ((xperms->specified & AVTAB_XPERMS_IOCTLDRIVER) || xperms->driver == 0))) /* defaults to bit 0, if off: advance */
                                                                                           ^
libqpol/avrule_query.c: In function ‘qpol_avrule_get_xperm_type’:
libqpol/avrule_query.c:241:2: error: unknown type name ‘avtab_extended_perms_t’
  avtab_extended_perms_t *xperms = NULL;
  ^
libqpol/avrule_query.c:260:24: error: ‘avtab_datum_t {aka struct avtab_datum}’ has no member named ‘xperms’
  xperms = avrule->datum.xperms;
                        ^
libqpol/avrule_query.c:261:12: error: request for member ‘specified’ in something not a structure or union
  if (xperms->specified & AVTAB_XPERMS_IOCTLFUNCTION ||
            ^
libqpol/avrule_query.c:261:26: error: ‘AVTAB_XPERMS_IOCTLFUNCTION’ undeclared (first use in this function)
  if (xperms->specified & AVTAB_XPERMS_IOCTLFUNCTION ||
                          ^
libqpol/avrule_query.c:262:9: error: request for member ‘specified’ in something not a structure or union
   xperms->specified & AVTAB_XPERMS_IOCTLDRIVER) {
         ^
libqpol/avrule_query.c:262:23: error: ‘AVTAB_XPERMS_IOCTLDRIVER’ undeclared (first use in this function)
   xperms->specified & AVTAB_XPERMS_IOCTLDRIVER) {
                       ^
error: command 'x86_64-linux-gnu-gcc' failed with exit status 1

[lololosys]

I got this error as well. Installing setools version 4.0.0-beta works for me. In the release notes it say that "This release requires libsepol-2.5, which is unfortunately not available yet on some distributions". Check out your libsepol's version.

[giuseppe-sec-eng]

@dvur12 Thanks for the response. Where would I get setools version 4.0.0-beta from?

[lololosys]

@gxp18 https://github.com/TresysTechnology/setools/releases/tag/4.0.0-beta

[giuseppe-sec-eng]

@dvur12

Great! Thanks for your support!

Have you encountered this following errors while executing

~/setools-4.0.0-beta$ python setup.py build

libqpol/policy_define.c: In function ‘define_compute_type_helper’:
libqpol/policy_define.c:1596:8: error: ‘class_perm_node_t {aka struct class_perm_node}’ has no member named ‘tclass’
    perm->tclass = i + 1;
        ^
libqpol/policy_define.c: In function ‘define_te_avtab_helper’:
libqpol/policy_define.c:1810:12: error: ‘class_perm_node_t {aka struct class_perm_node}’ has no member named ‘tclass’
   cur_perms->tclass = i + 1;
            ^
error: command 'x86_64-linux-gnu-gcc' failed with exit status 1

[lololosys]

@gxp18 No actually I'm sorry

[giuseppe-sec-eng]

@dvur12 Thank you for your answer.

[giuseppe-sec-eng]

Now I am having this error:

linux-x86_64-2.7/setools/policyrep/_qpol.so -Wl,--version-script=libqpol/libqpol.map
/usr/bin/ld: /usr/lib/x86_64-linux-gnu/libsepol.a(mls.o): unrecognized relocation (0x2a) in section `.text'
/usr/bin/ld: final link failed: Bad value
collect2: error: ld returned 1 exit status
error: command 'x86_64-linux-gnu-gcc' failed with exit status 1

[pebenito]

If you are using setools-4.0.0-beta you need at least libsepol-2.4. That old release does not respect SEPOL_SRC, so that version will need to be the one installed on your system.

[giuseppe-sec-eng]

@pebenito

I am trying to use sesearch to open Android sepolicy binary file and I am getting the following error

:~/setools-android/libs/armeabi$ . sesearch
__requires__: command not found
bash: /usr/local/bin/sesearch: line 4: syntax error near unexpected token `'pkg_resources''
bash: /usr/local/bin/sesearch: line 4: `__import__('pkg_resources').require('setools==4.0.0a3')'

That is why I was trying to rebuild the setools 4. Do you have any explanation for the above error?

If I try using the sesearch installed on mu ubuntu machine I get:

sesearch -A ~/sepolicy_repo/sepolicy
[Errno 0] Error: '/home/gxp18/sepolicy_repo/sepolicy'

I am assuming this is because the sesearch for ubuntu is not able to process sepolicy file written for android.

This is the fersion I am currently using.

~$ sesearch --version
4.0.0a3

[pebenito]

You should use the copy of setools included in AOSP: https://marc.info/?l=seandroid-list&m=145462393425100&w=2 I don't know if they've updated past 4.0.0-alpha3.

[eismog]

@dvur12 Thanks for you. I updated https://launchpad.net/ubuntu/+source/libsepol/2.6-2/+build/11516465 libsepol fixed the error.