AppArmor zero-knowledge learning 12. Source code construction (9)

References for the content of this article:

AppArmor / apparmor · GitLab

Continued from the previous article: AppArmor zero-knowledge learning 11. Source code construction (8)

In the previous article, the sixth step of apparmor source code construction - the construction and installation of Apache mod_apparmor was completed, and this article continues. 

4. Source code construction

 7. PAM AppArmor build

(1) enterchangehat/pam_apparmor目录

Use the cd command to enter the mod_apparmor directory under the changehat directory under the root directory of the apparmor source code. The actual commands and results are as follows: 

penghao@Ding-Perlis-MP260S48:~/AppArmor/apparmor$ cd changehat/
penghao@Ding-Perlis-MP260S48:~/AppArmor/apparmor/changehat$ ls
mod_apparmor  pam_apparmor  tomcat_apparmor

penghao@Ding-Perlis-MP260S48:~/AppArmor/apparmor/changehat$ cd pam_apparmor/
penghao@Ding-Perlis-MP260S48:~/AppArmor/apparmor/changehat/pam_apparmor$ ls
COPYING  get_options.c  get_options.o  Makefile  pam_apparmor.c  pam_apparmor.changes  pam_apparmor.h  pam_apparmor.o  pam_apparmor.so  README

(2) compile

Run the make command to compile. The actual commands and results are as follows:

$ make
cc   -fPIC -shared -Wall -Wall -Wsign-compare -Wmissing-field-initializers -Wformat -Wformat-security -Wunused-parameter -Wimplicit-fallthrough -I../../libraries/libapparmor//include -c -o pam_apparmor.o pam_apparmor.c
cc   -fPIC -shared -Wall -Wall -Wsign-compare -Wmissing-field-initializers -Wformat -Wformat-security -Wunused-parameter -Wimplicit-fallthrough -I../../libraries/libapparmor//include -c -o get_options.o get_options.c
cc   -fPIC -shared -Wall -Wall -Wsign-compare -Wmissing-field-initializers -Wformat -Wformat-security -Wunused-parameter -Wimplicit-fallthrough -I../../libraries/libapparmor//include -Xlinker -x -L../../libraries/libapparmor//src/.libs/  -o pam_apparmor.so pam_apparmor.o get_options.o -lpam -lapparmor

(3) Installation 

Run the make install command to install. The actual commands and results are as follows:

$ sudo make install
[sudo] penghao 的密码：install -m 755 -d //lib/security
install -m 755 pam_apparmor.so //lib/security/

At this point, PAM AppArmor is built and installed.

8. Profiles construction

(1) enterprofiles目录

Use the cd command to enter the directory under the root directory of the apparmor source code profiles. The actual commands and results are as follows:

penghao@Ding-Perlis-MP260S48:~/AppArmor/apparmor$ cd profiles/
penghao@Ding-Perlis-MP260S48:~/AppArmor/apparmor/profiles$ ls
apparmor  apparmor.d  Makefile

(2) compile

Run the make command to compile. The actual commands and results are as follows:

$ make
for profile in ./apparmor.d/bin.ping ./apparmor.d/lsb_release ./apparmor.d/nvidia_modprobe ./apparmor.d/php-fpm ./apparmor.d/samba-bgqd ./apparmor.d/samba-dcerpcd ./apparmor.d/samba-rpcd ./apparmor.d/samba-rpcd-classic ./apparmor.d/samba-rpcd-spoolss ./apparmor.d/sbin.klogd ./apparmor.d/sbin.syslogd ./apparmor.d/sbin.syslog-ng ./apparmor.d/usr.lib.apache2.mpm-prefork.apache2 ./apparmor.d/usr.lib.dovecot.anvil ./apparmor.d/usr.lib.dovecot.auth ./apparmor.d/usr.lib.dovecot.config ./apparmor.d/usr.lib.dovecot.deliver ./apparmor.d/usr.lib.dovecot.dict ./apparmor.d/usr.lib.dovecot.director ./apparmor.d/usr.lib.dovecot.doveadm-server ./apparmor.d/usr.lib.dovecot.dovecot-auth ./apparmor.d/usr.lib.dovecot.dovecot-lda ./apparmor.d/usr.lib.dovecot.imap ./apparmor.d/usr.lib.dovecot.imap-login ./apparmor.d/usr.lib.dovecot.lmtp ./apparmor.d/usr.lib.dovecot.log ./apparmor.d/usr.lib.dovecot.managesieve ./apparmor.d/usr.lib.dovecot.managesieve-login ./apparmor.d/usr.lib.dovecot.pop3 ./apparmor.d/usr.lib.dovecot.pop3-login ./apparmor.d/usr.lib.dovecot.replicator ./apparmor.d/usr.lib.dovecot.script-login ./apparmor.d/usr.lib.dovecot.ssl-params ./apparmor.d/usr.lib.dovecot.stats ./apparmor.d/usr.sbin.apache2 ./apparmor.d/usr.sbin.avahi-daemon ./apparmor.d/usr.sbin.dnsmasq ./apparmor.d/usr.sbin.dovecot ./apparmor.d/usr.sbin.identd ./apparmor.d/usr.sbin.mdnsd ./apparmor.d/usr.sbin.nmbd ./apparmor.d/usr.sbin.nscd ./apparmor.d/usr.sbin.ntpd ./apparmor.d/usr.sbin.smbd ./apparmor.d/usr.sbin.smbldap-useradd ./apparmor.d/usr.sbin.traceroute ./apparmor.d/usr.sbin.winbindd ./apparmor.d/zgrep; do \
        fn=$(basename $profile); \
        echo "# Site-specific additions and overrides for '$fn'" > ./apparmor.d/local/$fn; \
        grep "include[[:space:]]\\+if[[:space:]]\\+exists[[:space:]]\\+<local/$fn>" "$profile" >/dev/null || { echo "$profile doesn't contain include if exists <local/$fn>" ; exit 1; } ; \
done

(3) check

Run the make check command to check. The actual commands and results are as follows:

$ make check
for profile in ./apparmor.d/bin.ping ./apparmor.d/lsb_release ./apparmor.d/nvidia_modprobe ./apparmor.d/php-fpm ./apparmor.d/samba-bgqd ./apparmor.d/samba-dcerpcd ./apparmor.d/samba-rpcd ./apparmor.d/samba-rpcd-classic ./apparmor.d/samba-rpcd-spoolss ./apparmor.d/sbin.klogd ./apparmor.d/sbin.syslogd ./apparmor.d/sbin.syslog-ng ./apparmor.d/usr.lib.apache2.mpm-prefork.apache2 ./apparmor.d/usr.lib.dovecot.anvil ./apparmor.d/usr.lib.dovecot.auth ./apparmor.d/usr.lib.dovecot.config ./apparmor.d/usr.lib.dovecot.deliver ./apparmor.d/usr.lib.dovecot.dict ./apparmor.d/usr.lib.dovecot.director ./apparmor.d/usr.lib.dovecot.doveadm-server ./apparmor.d/usr.lib.dovecot.dovecot-auth ./apparmor.d/usr.lib.dovecot.dovecot-lda ./apparmor.d/usr.lib.dovecot.imap ./apparmor.d/usr.lib.dovecot.imap-login ./apparmor.d/usr.lib.dovecot.lmtp ./apparmor.d/usr.lib.dovecot.log ./apparmor.d/usr.lib.dovecot.managesieve ./apparmor.d/usr.lib.dovecot.managesieve-login ./apparmor.d/usr.lib.dovecot.pop3 ./apparmor.d/usr.lib.dovecot.pop3-login ./apparmor.d/usr.lib.dovecot.replicator ./apparmor.d/usr.lib.dovecot.script-login ./apparmor.d/usr.lib.dovecot.ssl-params ./apparmor.d/usr.lib.dovecot.stats ./apparmor.d/usr.sbin.apache2 ./apparmor.d/usr.sbin.avahi-daemon ./apparmor.d/usr.sbin.dnsmasq ./apparmor.d/usr.sbin.dovecot ./apparmor.d/usr.sbin.identd ./apparmor.d/usr.sbin.mdnsd ./apparmor.d/usr.sbin.nmbd ./apparmor.d/usr.sbin.nscd ./apparmor.d/usr.sbin.ntpd ./apparmor.d/usr.sbin.smbd ./apparmor.d/usr.sbin.smbldap-useradd ./apparmor.d/usr.sbin.traceroute ./apparmor.d/usr.sbin.winbindd ./apparmor.d/zgrep; do \
        fn=$(basename $profile); \
        echo "# Site-specific additions and overrides for '$fn'" > ./apparmor.d/local/$fn; \
        grep "include[[:space:]]\\+if[[:space:]]\\+exists[[:space:]]\\+<local/$fn>" "$profile" >/dev/null || { echo "$profile doesn't contain include if exists <local/$fn>" ; exit 1; } ; \
done
*** Checking profiles from ./apparmor.d and ./apparmor/profiles/extras/ against apparmor_parser
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
*** Checking abstractions from ./apparmor.d/abstractions against apparmor_parser
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
Cache read/write disabled: interface file missing. (Kernel needs AppArmor 2.4 compatibility patch.)
*** Checking profiles from ./apparmor.d against logprof
正在在 /home/penghao/AppArmor/apparmor/profiles/apparmor.d 中更新 AppArmor 配置文件。从 /dev/null 读取日志条目。投诉模式更改：强制模式更改：*** Checking if all abstractions (with a few exceptions) contain include if exists <abstractions/*.d>
*** Checking if all extra profiles contain include if exists <local/*>

(4) Installation 

Run the make install command to install. The actual commands and results are as follows:

$ sudo make install
[sudo] penghao 的密码：for profile in ./apparmor.d/bin.ping ./apparmor.d/lsb_release ./apparmor.d/nvidia_modprobe ./apparmor.d/php-fpm ./apparmor.d/samba-bgqd ./apparmor.d/samba-dcerpcd ./apparmor.d/samba-rpcd ./apparmor.d/samba-rpcd-classic ./apparmor.d/samba-rpcd-spoolss ./apparmor.d/sbin.klogd ./apparmor.d/sbin.syslogd ./apparmor.d/sbin.syslog-ng ./apparmor.d/usr.lib.apache2.mpm-prefork.apache2 ./apparmor.d/usr.lib.dovecot.anvil ./apparmor.d/usr.lib.dovecot.auth ./apparmor.d/usr.lib.dovecot.config ./apparmor.d/usr.lib.dovecot.deliver ./apparmor.d/usr.lib.dovecot.dict ./apparmor.d/usr.lib.dovecot.director ./apparmor.d/usr.lib.dovecot.doveadm-server ./apparmor.d/usr.lib.dovecot.dovecot-auth ./apparmor.d/usr.lib.dovecot.dovecot-lda ./apparmor.d/usr.lib.dovecot.imap ./apparmor.d/usr.lib.dovecot.imap-login ./apparmor.d/usr.lib.dovecot.lmtp ./apparmor.d/usr.lib.dovecot.log ./apparmor.d/usr.lib.dovecot.managesieve ./apparmor.d/usr.lib.dovecot.managesieve-login ./apparmor.d/usr.lib.dovecot.pop3 ./apparmor.d/usr.lib.dovecot.pop3-login ./apparmor.d/usr.lib.dovecot.replicator ./apparmor.d/usr.lib.dovecot.script-login ./apparmor.d/usr.lib.dovecot.ssl-params ./apparmor.d/usr.lib.dovecot.stats ./apparmor.d/usr.sbin.apache2 ./apparmor.d/usr.sbin.avahi-daemon ./apparmor.d/usr.sbin.dnsmasq ./apparmor.d/usr.sbin.dovecot ./apparmor.d/usr.sbin.identd ./apparmor.d/usr.sbin.mdnsd ./apparmor.d/usr.sbin.nmbd ./apparmor.d/usr.sbin.nscd ./apparmor.d/usr.sbin.ntpd ./apparmor.d/usr.sbin.smbd ./apparmor.d/usr.sbin.smbldap-useradd ./apparmor.d/usr.sbin.traceroute ./apparmor.d/usr.sbin.winbindd ./apparmor.d/zgrep; do \
        fn=$(basename $profile); \
        echo "# Site-specific additions and overrides for '$fn'" > ./apparmor.d/local/$fn; \
        grep "include[[:space:]]\\+if[[:space:]]\\+exists[[:space:]]\\+<local/$fn>" "$profile" >/dev/null || { echo "$profile doesn't contain include if exists <local/$fn>" ; exit 1; } ; \
done
install -m 755 -d //etc/apparmor.d
install -m 755 -d //etc/apparmor.d/disable
for dir in ./apparmor.d ./apparmor.d/abstractions ./apparmor.d/abstractions/ubuntu-browsers.d ./apparmor.d/abstractions/apparmor_api ./apparmor.d/local ./apparmor.d/apache2.d ./apparmor.d/tunables ./apparmor.d/tunables/home.d ./apparmor.d/tunables/xdg-user-dirs.d ./apparmor.d/tunables/multiarch.d ./apparmor.d/abi ; do \
        install -m 755 -d "//etc/apparmor.d/${dir#./apparmor.d}" ; \
done
for file in $(find ./apparmor.d -type f -print) ; do \
        install -m 644 "${file}" "//etc/apparmor.d/$(dirname ${file#./apparmor.d})" ; \
done
install -m 755 -d //usr/share/apparmor/extra-profiles/
install -m 644 ./apparmor/profiles/extras//* //usr/share/apparmor/extra-profiles/

At this point, Profiles is built and installed.