折腾:
【未解决】Mac中找不到audit2allow:zsh command not found audit2allow
期间,希望在Mac中能安装包含了audit2allow的policycoreutils-python的rpm的包
如何从Mac中安装rpm包?
先去解决:
【已解决】Mac中如何安装rpm包管理工具rpm
然后再去下载rpm包:
【未解决】下载适合Mac的包含audit2allow的policycoreutils-python的rpm包
然后去安装试试
先要去搞清楚 rpm如何安装本地local的rpm包
rpm install local package
rpm --help Usage: rpm [OPTION...] Query/Verify package selection options: -a, --all query/verify all packages -f, --file query/verify package(s) owning file -g, --group query/verify package(s) in group -p, --package query/verify a package file --pkgid query/verify package(s) with package identifier --hdrid query/verify package(s) with header identifier --triggeredby query the package(s) triggered by the package --whatconflicts query/verify the package(s) which require a dependency --whatrequires query/verify the package(s) which require a dependency --whatobsoletes query/verify the package(s) which obsolete a dependency --whatprovides query/verify the package(s) which provide a dependency --whatrecommends query/verify the package(s) which recommends a dependency --whatsuggests query/verify the package(s) which suggests a dependency --whatsupplements query/verify the package(s) which supplements a dependency --whatenhances query/verify the package(s) which enhances a dependency --nomanifest do not process non-package files as manifests Query/Verify file selection options: -c, --configfiles only include configuration files -d, --docfiles only include documentation files -L, --licensefiles only include license files -A, --artifactfiles only include artifact files --noghost exclude %%ghost files --noconfig exclude %%config files --noartifact exclude %%artifact files Query options (with -q or --query): --dump dump basic file information -l, --list list files in package --queryformat=QUERYFORMAT use the following query format -s, --state display the states of the listed files Verify options (with -V or --verify): --nofiledigest don't verify digest of files --nofiles don't verify files in package --nodeps don't verify package dependencies --noscript don't execute verify script(s) Install/Upgrade/Erase options: --allfiles install all files, even configurations which might otherwise be skipped --allmatches remove all packages which match <package> (normally an error is generated if <package> specified multiple packages) --badreloc relocate files in non-relocatable package -e, --erase=<package>+ erase (uninstall) package --excludedocs do not install documentation --excludepath=<path> skip files with leading component <path> --force short hand for --replacepkgs --replacefiles -F, --freshen=<packagefile>+ upgrade package(s) if already installed -h, --hash print hash marks as package installs (good with -v) --ignorearch don't verify package architecture --ignoreos don't verify package operating system --ignoresize don't check disk space before installing --noverify short hand for --ignorepayload --ignoresignature -i, --install install package(s) --justdb update the database, but do not modify the filesystem --nodeps do not verify package dependencies --nofiledigest don't verify digest of files --nocontexts don't install file security contexts --nocaps don't install file capabilities --noorder do not reorder package installation to satisfy dependencies --noscripts do not execute package scriptlet(s) --notriggers do not execute any scriptlet(s) triggered by this package --oldpackage upgrade to an old version of the package (--force on upgrades does this automatically) --percent print percentages as package installs --prefix=<dir> relocate the package to <dir>, if relocatable --relocate=<old>=<new> relocate files from path <old> to <new> --replacefiles ignore file conflicts between packages --replacepkgs reinstall if the package is already present --test don't install, but tell if it would work or not -U, --upgrade=<packagefile>+ upgrade package(s) --reinstall=<packagefile>+ reinstall package(s) Common options for all rpm modes and executables: -D, --define='MACRO EXPR' define MACRO with value EXPR --undefine=MACRO undefine MACRO -E, --eval='EXPR' print macro expansion of EXPR --target=CPU-VENDOR-OS Specify target platform --macros=<FILE:...> read <FILE:...> instead of default file(s) --load=<FILE> load a single macro file --noplugins don't enable any plugins --nodigest don't verify package digest(s) --nosignature don't verify package signature(s) --rcfile=<FILE:...> read <FILE:...> instead of default file(s) -r, --root=ROOT use ROOT as top level directory (default: "/") --dbpath=DIRECTORY use database in DIRECTORY --querytags display known query tags --showrc display final rpmrc and macro configuration --quiet provide less detailed output -v, --verbose provide more detailed output --version print the version of rpm being used Options implemented via popt alias/exec: --scripts list install/erase scriptlets from package(s) --setperms set permissions of files in a package --setugids set user/group ownership of files in a package --setcaps set capabilities of files in a package --restore restore file/directory permissions --conflicts list capabilities this package conflicts with --obsoletes list other packages removed by installing this package --provides list capabilities that this package provides --requires list capabilities required by package(s) --recommends list capabilities recommended by package(s) --suggests list capabilities suggested by package(s) --supplements list capabilities supplemented by package(s) --enhances list capabilities enhanced by package(s) --info list descriptive information from package(s) --changelog list change logs for this package --changes list changes for this package with full time stamps --xml list metadata in xml --triggers list trigger scriptlets from package(s) --filetriggers list filetrigger scriptlets from package(s) --last list package(s) by install time, most recent first --dupes list duplicated packages --filesbypkg list all files from each package --fileclass list file names with their classes --filecolor list file names with their colors --fileprovide list file names with their provides --filerequire list file names with requires --filecaps list file names with their POSIX1.e capabilities Help options: -?, --help Show this help message --usage Display brief usage message
从help中好像没看到有local
yum localinstall /path/to/file.rpm
How To Install an RPM File on Linux (CentOS/RHEL & Fedora)
sudo rpm –i sample_file.rpm
直接去试试:
rpm -i policycoreutils-python-2.6-lp150.4.3.1.x86_64.rpm
可以触发安装,但是此处由于缺少依赖而失败:
rpm -i policycoreutils-python-2.6-lp150.4.3.1.x86_64.rpm 警告:policycoreutils-python-2.6-lp150.4.3.1.x86_64.rpm: 头V3 RSA/SHA256 Signature, 密钥 ID 3dbdc284: NOKEY 错误:依赖检测失败: /bin/sh 被 policycoreutils-python-2.6-lp150.4.3.1.x86_64 需要 /usr/bin/python 被 policycoreutils-python-2.6-lp150.4.3.1.x86_64 需要 audit-libs-python >= 2.2 被 policycoreutils-python-2.6-lp150.4.3.1.x86_64 需要 libc.so.6()(64bit) 被 policycoreutils-python-2.6-lp150.4.3.1.x86_64 需要 libc.so.6(GLIBC_2.14)(64bit) 被 policycoreutils-python-2.6-lp150.4.3.1.x86_64 需要 libc.so.6(GLIBC_2.2.5)(64bit) 被 policycoreutils-python-2.6-lp150.4.3.1.x86_64 需要 libc.so.6(GLIBC_2.3)(64bit) 被 policycoreutils-python-2.6-lp150.4.3.1.x86_64 需要 libc.so.6(GLIBC_2.3.4)(64bit) 被 policycoreutils-python-2.6-lp150.4.3.1.x86_64 需要 libc.so.6(GLIBC_2.4)(64bit) 被 policycoreutils-python-2.6-lp150.4.3.1.x86_64 需要 policycoreutils = 2.6 被 policycoreutils-python-2.6-lp150.4.3.1.x86_64 需要 python(abi) = 2.7 被 policycoreutils-python-2.6-lp150.4.3.1.x86_64 需要 python-enum34 被 policycoreutils-python-2.6-lp150.4.3.1.x86_64 需要 python-ipy 被 policycoreutils-python-2.6-lp150.4.3.1.x86_64 需要 python-selinux >= 2.6 被 policycoreutils-python-2.6-lp150.4.3.1.x86_64 需要 python-semanage >= 2.6 被 policycoreutils-python-2.6-lp150.4.3.1.x86_64 需要 python-xml 被 policycoreutils-python-2.6-lp150.4.3.1.x86_64 需要 python-yum 被 policycoreutils-python-2.6-lp150.4.3.1.x86_64 需要 python2-networkx 被 policycoreutils-python-2.6-lp150.4.3.1.x86_64 需要 python2-selinux 被 policycoreutils-python-2.6-lp150.4.3.1.x86_64 需要 python2-setools 被 policycoreutils-python-2.6-lp150.4.3.1.x86_64 需要 python2-setuptools 被 policycoreutils-python-2.6-lp150.4.3.1.x86_64 需要 yum-metadata-parser 被 policycoreutils-python-2.6-lp150.4.3.1.x86_64 需要
后记:
去试试另外一个:
rpm -i policycoreutils-python-2.5-34.el7.x86_64.rpm 警告:policycoreutils-python-2.5-34.el7.x86_64.rpm: 头V3 RSA/SHA256 Signature, 密钥 ID f4a80eb5: NOKEY 错误:依赖检测失败: /usr/bin/python 被 policycoreutils-python-2.5-34.el7.x86_64 需要 audit-libs-python >= 2.1.3-4 被 policycoreutils-python-2.5-34.el7.x86_64 需要 checkpolicy 被 policycoreutils-python-2.5-34.el7.x86_64 需要 libapol.so.4()(64bit) 被 policycoreutils-python-2.5-34.el7.x86_64 需要 libapol.so.4(VERS_4.0)(64bit) 被 policycoreutils-python-2.5-34.el7.x86_64 需要 libc.so.6()(64bit) 被 policycoreutils-python-2.5-34.el7.x86_64 需要 libc.so.6(GLIBC_2.2.5)(64bit) 被 policycoreutils-python-2.5-34.el7.x86_64 需要 libc.so.6(GLIBC_2.3.4)(64bit) 被 policycoreutils-python-2.5-34.el7.x86_64 需要 libc.so.6(GLIBC_2.4)(64bit) 被 policycoreutils-python-2.5-34.el7.x86_64 需要 libcgroup 被 policycoreutils-python-2.5-34.el7.x86_64 需要 libpthread.so.0()(64bit) 被 policycoreutils-python-2.5-34.el7.x86_64 需要 libpthread.so.0(GLIBC_2.2.5)(64bit) 被 policycoreutils-python-2.5-34.el7.x86_64 需要 libpython2.7.so.1.0()(64bit) 被 policycoreutils-python-2.5-34.el7.x86_64 需要 libqpol.so.1()(64bit) 被 policycoreutils-python-2.5-34.el7.x86_64 需要 libqpol.so.1(VERS_1.2)(64bit) 被 policycoreutils-python-2.5-34.el7.x86_64 需要 libqpol.so.1(VERS_1.4)(64bit) 被 policycoreutils-python-2.5-34.el7.x86_64 需要 libselinux-python 被 policycoreutils-python-2.5-34.el7.x86_64 需要 libselinux.so.1()(64bit) 被 policycoreutils-python-2.5-34.el7.x86_64 需要 libsemanage-python >= 2.5-14 被 policycoreutils-python-2.5-34.el7.x86_64 需要 libsepol.so.1()(64bit) 被 policycoreutils-python-2.5-34.el7.x86_64 需要 libsepol.so.1(LIBSEPOL_1.0)(64bit) 被 policycoreutils-python-2.5-34.el7.x86_64 需要 policycoreutils = 2.5-34.el7 被 policycoreutils-python-2.5-34.el7.x86_64 需要 python(abi) = 2.7 被 policycoreutils-python-2.5-34.el7.x86_64 需要 python-IPy 被 policycoreutils-python-2.5-34.el7.x86_64 需要 rtld(GNU_HASH) 被 policycoreutils-python-2.5-34.el7.x86_64 需要 setools-libs >= 3.3.8-4 被 policycoreutils-python-2.5-34.el7.x86_64 需要
缺少的依赖更多。仍无法安装。
【总结】
所以目前此处感觉是:
mac中可以用:
brew install rpm
去安装rpm
也可以从本地rpm包文件去安装:
rpm -i /path/to/your/file.rpm
rpm的包。
只不过此处下载的
policycoreutils-python
的rpm包,本身缺少依赖无法安装。
后记:
看到:
列出了,其他各种系统中,都是可以安装:policycoreutils-python的
- All systems
- curl cmd.cat/audit2allow.sh
- Debian
- apt-get install policycoreutils-python-utils
- Ubuntu
- apt-get install policycoreutils-python-utils
- Kali Linux
- apt-get install policycoreutils-python-utils
- CentOS
- yum install policycoreutils-python
- Fedora
- dnf install policycoreutils-python-utils
- Raspbian
- apt-get install policycoreutils-python-utils
-》对于All systems的
curl cmd.cat/audit2allow.sh
去找找,如何下载到这个audit2allow.sh
但是重新全局翻墙后打开
却又看不到上面这个:
- All systems
- curl cmd.cat/audit2allow.sh
了,很是奇怪:
policycoreutils-python-utils SELinux core policy utilities (Python utilities) Security-enhanced Linux is a patch of the Linux® kernel and a number of utilities with enhanced security functionality designed to add mandatory access controls to Linux. The Security-enhanced Linux kernel contains new architectural components originally developed to improve the security of the Flask operating system. These architectural components provide general support for the enforcement of many kinds of mandatory access control policies, including those based on the concepts of Type Enforcement®, Role-based Access Control, and Multi-level Security. This package contains the policycoreutils written in Python like semanage, audit2why, audit2allow or chcat.
policycoreutils-python
The policycoreutils-python package contains the management tools
use to manage an SELinux environment.
yum install policycoreutils-devel