Hi If I try to run configure for openssh-5.1p1 with --wtih-selinux option it fails giving the error "selinux support requires selinux library" all of the below also dont work a) --wtih-selinux b) --wtih-selinux=path of cross complied library c) LDFLAGS=-Lpath of cross complied library if I remove --wtih-selinux option I am able to everything is fine. How to solve this error? Thanks for your time Regards Basavaraj
On Fri, 20 Feb 2009, Basavaraj Dengi wrote:> Hi > > If I try to run configure for openssh-5.1p1 with --wtih-selinux option > it fails giving the error "selinux support requires selinux library" > > all of the below also dont work > > a) --wtih-selinux > b) --wtih-selinux=path of cross complied library > c) LDFLAGS=-Lpath of cross complied library > > if I remove --wtih-selinux option I am able to everything is fine. > How to solve this error?You can look in config.log after a failure to see what is going wrong. -d
Looking at the config log, the problem is that, configure is not taking the selinux library path[even though I am providing it with -L option] attached is the config.log for your reference. thanks for your time regards basavaraj On Fri, Feb 20, 2009 at 1:13 PM, Damien Miller <djm at mindrot.org> wrote:> On Fri, 20 Feb 2009, Basavaraj Dengi wrote: > > > Hi > > > > If I try to run configure for openssh-5.1p1 with --wtih-selinux option > > it fails giving the error "selinux support requires selinux library" > > > > all of the below also dont work > > > > a) --wtih-selinux > > b) --wtih-selinux=path of cross complied library > > c) LDFLAGS=-Lpath of cross complied library > > > > if I remove --wtih-selinux option I am able to everything is fine. > > How to solve this error? > > You can look in config.log after a failure to see what is going wrong. > > -d >-------------- next part -------------- A non-text attachment was scrubbed... Name: config.tar.gz Type: application/x-gzip Size: 27918 bytes Desc: not available Url : http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20090225/2d73bf88/attachment-0001.bin
On Wed, 25 Feb 2009, Basavaraj Dengi wrote:> Looking at the config log, the problem is that, > configure is not taking the selinux library path[even though I am providing > it with -L option]The way configure is currently written, --wtih-selinux=path is not possible. Try the attached patch to configure.ac. You will need to regenerate configure by running autoconf.> attached is the config.log for your reference. > > thanks for your time > > regards > basavaraj >-- Tim Rice Multitalents (707) 887-1469 tim at multitalents.net -------------- next part -------------- --- configure.ac.old 2008-07-09 04:07:19.000000000 -0700 +++ configure.ac 2009-02-25 13:49:15.293233057 -0800 @@ -3299,14 +3299,39 @@ SELINUX_MSG="no" LIBSELINUX="" AC_ARG_WITH(selinux, - [ --with-selinux Enable SELinux support], + [ --with-selinux[[=PATH]] Enable SELinux support (optionally in PATH)], [ if test "x$withval" != "xno" ; then save_LIBS="$LIBS" + save_LDFLAGS="$LDFLAGS" + save_CPPFLAGS="$CPPFLAGS" + if test -n "${withval}" && \ + test "x${withval}" != "xyes"; then + if test -d "${withval}/lib"; then + if test -n "${need_dash_r}"; then + LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" + else + LDFLAGS="-L${withval}/lib ${LDFLAGS}" + fi + else + if test -n "${need_dash_r}"; then + LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" + else + LDFLAGS="-L${withval} ${LDFLAGS}" + fi + fi + if test -d "${withval}/include"; then + CPPFLAGS="-I${withval}/include ${CPPFLAGS}" + else + CPPFLAGS="-I${withval} ${CPPFLAGS}" + fi + fi AC_DEFINE(WITH_SELINUX,1,[Define if you want SELinux support.]) SELINUX_MSG="yes" AC_CHECK_HEADER([selinux/selinux.h], , + CPPFLAGS="$save_CPPFLAGS" AC_MSG_ERROR(SELinux support requires selinux.h header)) AC_CHECK_LIB(selinux, setexeccon, [ LIBSELINUX="-lselinux" ], + LDFLAGS="$save_LDFLAGS" AC_MSG_ERROR(SELinux support requires libselinux library)) SSHDLIBS="$SSHDLIBS $LIBSELINUX" AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level)
Thank you very much for the patch file. That indeed helped me; configure, make n make install do work I was actually trying to enable selinux feature in ssh as passwordless ssh to my embedded target is not working for recent kernels. So I tried to 1) disable selinux feature using CMDLINE in the bootloader prompt 2) enable selinux feature in ssh both dint help. with recent kernel binaries ssh is not accepting emptypasswords[I did change sshd_config to accept the emptypasswords] still there is a problem regards basavaraj On Thu, Feb 26, 2009 at 3:32 AM, Tim Rice <tim at multitalents.net> wrote:> On Wed, 25 Feb 2009, Basavaraj Dengi wrote: > > > Looking at the config log, the problem is that, > > configure is not taking the selinux library path[even though I am > providing > > it with -L option] > > The way configure is currently written, --wtih-selinux=path is not > possible. > Try the attached patch to configure.ac. You will need to regenerate > configure > by running autoconf. > > > attached is the config.log for your reference. > > > > thanks for your time > > > > regards > > basavaraj > > > > -- > Tim Rice Multitalents (707) 887-1469 > tim at multitalents.net >