The following are community contributed build notes for various platforms that are not officially supported by MITRE. Thanks to everyone who has contributed build notes.
If you would like to contribute build notes for a particular platform, please send an email to email@example.com and we can work with you to get them posted here.
Solaris 11 Build Instructions
Author: Juan Castro (http://sourceforge.net/users/juanccyc/)
Tested on Solaris 11 Express, gcc/g++ compiler. This may work for other versions of Solaris 11 (e.g. OpenIndiana), but you may have to install pcre and/or libgcrypt by hand. In my system, pcre came without the include files, so I had to grab "headers-pcre" from the package manager.
- Download Xalan 1.10.0 sources from http://www.apache.org/dyn/closer.cgi/xml/xalan-c - Download Xerces 2.8.0 (NOT the 3.x version!) from http://xerces.apache.org/xerces-c/download.cgi - Download OVALdi 5.8.2 from http://sourceforge.net/projects/ovaldi/files/ovaldi/5.8%20Build%202/
- Installing Xerces:
su - cd /usr/src gzcat <download-path>/xerces-c-src_2_8_0.tar.gz | tar xvf - export XERCESCROOT=/usr/src/xerces-c-src_2_8_0 cd $XERCESCROOT cd src/xercesc sh runConfigure -p solaris -c gcc -x g++ -P /usr/local make && make install
- Installing Xalan
su - cd /usr/src gzcat <download-path>/Xalan-C_1_10_0-src.tar.gz | tar xvf - export XERCESCROOT=/usr/local export XALANCROOT=/usr/src/xml-xalan/c cd $XALANCROOT sh runConfigure -p solaris -c gcc -x g++ -P /usr/local make && make install
- Building OVALdi
su - cd /usr/src bzcat <download-path>/ovaldi-5.8.2-src.tar.bz2 | tar xvf - cd ovaldi-5.8.2-src Edit src/Digest.cpp, replace all instances of "#if defined SUNOS" with "#if defined WAYOLDSUNOS" cd project/solaris Edit Makefile and include -I/usr/include/pcre in the INCDIRS list make
- You now have a working ovaldi executable in /usr/src/ovaldi-5.8.2-src/project/solaris/Release. To run it, the LD_LIBRARY_PATH variable must contain the path /usr/local/lib. The safest way to run it is with
Or, better yet, add /usr/local/lib permanently to the system library search path with the following command:
crle -l /usr/local/lib -u
WARNING: If you forget the -u switch above your system will become UNUSABLE!
Red Hat Enterprise Linux 6 Build Instructions
Author: Nate Przybyszewski (https://sourceforge.net/users/natprz/)
Please note that these instructions assume that the required libraries are already installed.
1. wget download.fedora.redhat.com/pub/fedora/linux/updates/15/SRPMS/ovaldi-5.9.1-1.fc15.src.rpm 2. rpm2cpio ovaldi-5.9.1-1.fc15.src.rpm | cpio -idmv 3. tar xvfj ovaldi-5.9.1-src.tar.bz2 4. mv ovaldi-5.9.1*.* ovaldi-5.9.1-src/ 5. cd ovaldi-5.9.1-src 6. patch -p1 < ovaldi-5.9.1-rpm46.patch 7. cd project/Linux 8. vim Makefile 9. add -D_RPM_4_4_COMPAT to CPPFLAGS 10. make
Ubuntu 8.04 and 10.04 Build Instructions
Author: Anne (https://sourceforge.net/users/tempemmail)
Since building ovaldi on Ubuntu is really complex and there is no detailed instruction for it, I hope the following experience could help others save time for fixing some problems you may face. Some errors did not come up when I built them for a second time. So the errors are just for reference.
This build process has been tested on Ubunt 8.04 and Ubuntu 10.04 successfully.
Note: If you want to build ovaldi-5.9.1 by yourself, you should first remove other versions by "sudo apt-get remove ovaldi"
Note: Both Xerces and Xalanc should be built from scratch. Sometimes the binary package does not work with the source file builds. So we should not install one of them automatically and build the other one from scratch.
A. PCRE (Perl-compatible regular-expression) Library
http://www.pcre.org • Go to download pcre-8.12.zip and build according to the Readme and installation instruction. • ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/
Simple steps: ./configure Make Make install Make installcheck Make clean
B. Xerces Library
The OVAL Interpreter uses the open source Xerces library. The binary was compiled with version 2.7.0 of the xerces-c library.
Older releases: http://archive.apache.org/dist/xml/xerces-c/ Download: xerces-c-src_2_7_0.tar.gz (Revise20110711):What I used in ubuntu 8.04 is xerces-c-current.tar.gz Follow the instructions to build: http://xerces.apache.org/xerces-c/build-winunix-2.html#UNIX
Simple steps: export XERCESCROOT=<full-path-to-xerces-c-src_2_7_0> :note, you should pay attention to the typo!!!
cd src/xercesc ./runConfigure -plinux -cgcc -xg++ -minmem -nsocket -tnative -rpthread make clean make Make install (this cannot be ignored!!!)
Important: check whether Xerces Library is really installed after the installation is completed. We can use the command "locate xerces", or go to the directory /usr/local/lib and /usr/local/include to see whether there are files related to xerces. If yes, then OK.
C. Xalan Library
Download Xalan: Xalan-C_1_10_0-src.tar.gz http://archive.apache.org/dist/xml/xalan-c/
Simple steps: export XALANCROOT=/home/mydir/xml-xalan/c cd xml-xalan/c ./runConfigure -plinux -cgcc -xg++ make clean make Or make all Make install
Important: check whether Xalanc Library is really installed after the installation is completed. We can go to the directory /usr/local/lib and /usr/local/include to see whether there are files related to xalanc. If yes, then OK.
Before build Xalan, you should first build Xerces.
The OVAL Interpreter uses the open source Xalan library. The binary was compiled with version 1.10.0 of the xalan-c library.
When try to ./runConfigure, run into Permission denied This maybe caused by the Xerces. So you should first build Xerces 2.7 from scratch, rather than sudo apt-get install on Ubuntu by : Sudo apt-get install libcrypto++-dev libxerces-c-dev libxml-security-c-dev
When make Xalan-c, run into a Error: Make: ***[../../obj/XalanDOMString.o] Error 1
Fix method: Go to /xml-xalan/c/src/xalanc/XalanDOM/XalanDOMString.cpp And add
- include <cstring>
into the file. From: http://lists.osgeo.org/pipermail/fdo-users/2009-October/001827.html
Then comes another error: /home/…/xml-xalanc/XMLSupport/FormatterToHTML.cpp:175:error:'memset' was not declared in this scope Make: ***[../../obj/FormatterToHTML.o] Error 1
So the solution is to go to the FormatterToHTML.cpp file located in the given directory, and include <cstring>. It is very simple. But how to find the way to fix this kind of problems is important!!!
Similarly, you will run into another error: /xml-xalan/c/src/xalanc/XSLT/EleNumber.cpp:1472:error:'memset' was not declared in this scope Make: ***[../../obj/EleNumber.o] Error 1
/xml-xalan/c/src/xalanc/PlatformSupport/DirectoryEnumerator.hpp:346:error:'strlen' was not declared in this scope Make: ***[../../obj/TestXPath.o] Error 1
D. RPM yum install rpm
Apt-get install rpm We'd better also install librpm-dev to avoid further errors
So it is apt-get install rpm librpm-dev
For more information about RPM please visit: http://www.rpm.org
Already have apt in Ubuntu
The OVAL Interpreter can be compiled to utilize libraries provided by the Advanced Packaging Tool (APT) in order to complete certain APT-specific tasks. Utilizing APT libraries will allow the OVAL Interpreter to execute DPKG Probes. For more information about APT please visit: http://en.wikipedia.org/wiki/Advanced_Packaging_Tool
F. Libgcrypt Library
Before install Libgcrypt, you should first download and install libgpg-error: http://www.gnupg.org/download Refer to Readme file for installation method.
Here is a quick summary: 1) Check that you have unmodified sources. You can find instructions
how to verify the sources below. Don't skip this - it is an important step!
2) Unpack the archive. With GNU tar you can do it this way:
"tar xjvf libgpg-error-x.y.tar.bz2"
3) "cd libgpg-error-x.y" 4) "./configure" 5) "make" 6) "make install"
G. OpenLDAP Library
Before you install OPENLDAP , you should first install Berkeley DB library. Following the file in docs/installation/build_unix.html. Download Berkeley DB: http://www.oracle.com/technetwork/database/berkeleydb/downloads/index-082944.html Here I chose 4.7.25 because 5.1.25 has some problem, it cannot be detected by OpenLAD. Always has the error: OpenLDAP- configure error: BDB/HDB:Berkeley DB not available.
Go to build_unix ../dist/configure make make install
After installed Berkeley DB, if we began to ./configure OpenLDAP directory, we will run into an error: OpenLDAP- configure error: BDB/HDB:Berkeley DB not available. Even if we have installed Berkeley DB!!! We should first export variables.
CPPFLAGS="-I/usr/local/BerkeleyDB.4.7/include" export CPPFLAGS LDFLAGS="-L/usr/local/lib -L/usr/local/BerkeleyDB.4.7/lib -R/usr/local/BerkeleyDB.4.3/lib" export LDFLAGS LD_LIBRARY_PATH="/usr/local/BerkeleyDB.4.7/lib" export LD_LIBRARY_PATH
http://www.openldap.org/ The source code is also available at the above Web site.
Simple steps for OpenLDAP 2.4.23
./configure Make depend Make Make install
After installing the PCRE, Xerces, Xalan, and Libgcrypt libraries, change into the
<path to ovaldi directory>\project\linux
From that directory, simply run "make" to build the OVAL Interpreter.
1.Error: ../../XmlCommon.h:47: fatal error: xercesc/dom/DOM.hpp: No such file or directory I opened the XmlCommon.h file and found it has
- include <xercesc/dom/DOM.hpp>
So I guess the reason it cannot find the header files is because they are not in the same directory of this XmlCommon.h file. I searched a lot on the internet and tried to find out the correct way of adding header files from other directory. The solution said that we should add the directory of the header files into the header file search path of this project. But I didn't know where to find the search path of ovaldi. Then I read a lot of webpages and realized that maybe the search path is included in the MAKEfile of ovaldi. So I edited the MAKEfile, it indeed worked! Solution: just add -I/home/xiaoyan/ovalbuild/xerces-c-src_2_7_0/include/ Into the INCDIRS. Like INCDIRS = -I/home/xiaoyan/ovalbuild/xerces-c-src_2_7_0/include/ -I/usr/local/include…….
Note that <xercesc/dom/DOM.hpp> is right in the directory of /home/xiaoyan/ovalbuild/xerces-c-src_2_7_0/include/ The directory should be connected smoothly. So you should not add -I/home/xiaoyan/ovalbuild/xerces-c-src_2_7_0/ Or /home/xiaoyan/ovalbuild/xerces-c-src_2_7_0/include/xercesc But exactly /home/xiaoyan/ovalbuild/xerces-c-src_2_7_0/include/
2.Error: ../../src/probes/linux/RPMInfoProbe.h:36: fatal error: rpm/rpmlib.h: No such file or directory By using "locate rpm" I found that there is no "include" file. So I have to install the RPM headers package.
Sudo apt-get install librpm-dev (This should be done)
3.Error:../../src/probes/independent/XmlFileContentProbe.h:45:fatal error: xalanc/Include/PlatformDefinitions.hpp: No such file or directory Solution: add -I/home/xiaoyan/ovalbuild/xml-xalan/c/src/xalanc/Include/ Into the INCDIRS.
../../src/probes/linux/RPMInforProbe.h : int_32 is not declared in this scope or int_32 is not a type name? Like this. So I checked the file, and find that there is not type define for int_32. and then I searched on the internet, and find it is defined in rpmdb/header.h file. But since there is no rpmdb/header.h file in the rpm include directory, so I just edited the /usr/include/rpm/header.h file, and added one line: typedef int int_32;
Then it works.
5.Error: I got the error as below: g++ -Wall -O -DLINUX -I/usr/local/include -I/usr/include -I../../src/linux -I../../src -I../../src/probes/unix -I../../src/probes/linux -I../../src/probes/independent -DPACKAGE_RPM -c -o ../../src/probes/linux/InetListeningServersProbe.o ../../src/probes/linux/InetListeningServersProbe.cpp ../../src/probes/linux/InetListeningServersProbe.cpp: In member function ‘StringVector* InetListeningServersProbe::GetProtocols(ObjectEntity*)’: ../../src/probes/linux/InetListeningServersProbe.cpp:310: warning: the address of ‘allProtocols’ will always evaluate as ‘true’ ../../src/probes/linux/InetListeningServersProbe.cpp: In member function ‘StringVector* InetListeningServersProbe::GetLocalAddresses(std::string, ObjectEntity*)’: ../../src/probes/linux/InetListeningServersProbe.cpp:422: warning: the address of ‘allLocalAddresses’ will always evaluate as ‘true’ ../../src/probes/linux/InetListeningServersProbe.cpp: In member function ‘StringVector* InetListeningServersProbe::GetLocalPorts(std::string, std::string, ObjectEntity*)’: ../../src/probes/linux/InetListeningServersProbe.cpp:538: warning: the address of ‘allLocalPorts’ will always evaluate as ‘true’ g++ -Wall -O -DLINUX -I/usr/local/include -I/usr/include -I../../src/linux -I../../src -I../../src/probes/unix -I../../src/probes/linux -I../../src/probes/independent -DPACKAGE_RPM -c -o ../../src/probes/linux/RPMInfoProbe.o ../../src/probes/linux/RPMInfoProbe.cpp ../../src/probes/linux/RPMInfoProbe.cpp: In member function ‘StringVector* RPMInfoProbe::GetRPMNames(ObjectEntity*)’: ../../src/probes/linux/RPMInfoProbe.cpp:181: warning: the address of ‘allNames’ will always evaluate as ‘true’ ../../src/probes/linux/RPMInfoProbe.cpp: In member function ‘char* RPMInfoProbe::readHeaderString(headerToken_s*, int_32)’: ../../src/probes/linux/RPMInfoProbe.cpp:391: error: ‘headerGetEntry’ was not declared in this scope ../../src/probes/linux/RPMInfoProbe.cpp: In member function ‘int_32 RPMInfoProbe::readHeaderInt32(headerToken_s*, int_32)’: ../../src/probes/linux/RPMInfoProbe.cpp:413: error: ‘headerGetEntry’ was not declared in this scope ../../src/probes/linux/RPMInfoProbe.cpp: In member function ‘void RPMInfoProbe::ChildGetSigKeyId(int, int, std::string)’: ../../src/probes/linux/RPMInfoProbe.cpp:456: warning: deprecated conversion from string constant to ‘char*’ ../../src/probes/linux/RPMInfoProbe.cpp:457: warning: deprecated conversion from string constant to ‘char*’ ../../src/probes/linux/RPMInfoProbe.cpp:458: warning: deprecated conversion from string constant to ‘char*’ ../../src/probes/linux/RPMInfoProbe.cpp:498: error: invalid conversion from ‘const char**’ to ‘char* const*’ ../../src/probes/linux/RPMInfoProbe.cpp:498: error: initializing argument 3 of ‘int rpmcliQuery(rpmts_s*, rpmQVKArguments_s*, char* const*)’
Reply from someone:
I think the show-stopper build errors come from your rpm library, which is newer than what ovaldi supports, and isn't likely fixable without significantly rewriting the RPM info probe. What you might try is removing support for the RPM-related tests altogether, so it never attempts to compile that code. That should be pretty simple: just modify the makefile, commenting out the value for the PACKAGE_RPM variable.
So I changed the Makefile in ovaldi-5.9.1-src/project/linux: vi Makefile Then Comment the line: // PACKAGE_RPM = $(shell /usr/bin/env rpm --version 2>/dev/null)
6.Error: ../../src/probes/linux/DPKGInfoProbe.h:36: fatal error: apt-pkg/progress.h: No such file or directory compilation terminated.
Solution: sudo apt-get install libapt-pkg-dev
7.Error: /usr/bin/ld: cannot find -lxerces-c
root@nfs-desktop:/home/xiaoyan/ovaldi-5.9.1-src/project/linux# cd /usr/lib root@nfs-desktop:/usr/lib# ln -s ./libxerces-c.so.28 ./libxerces-c.so root@nfs-desktop:/usr/lib# ln -s ./libxalan-c.so.110 ./libxalan-c.so
But actually the version of libxerces I built is 2.7, not 2.8. Something must go wrong when I tried different versions on the machine. When I go to /usr/lib, I can found libxerces-c.so.28, but no libxerces-c.so.27. So I tried to rebuild libxerces 2.7 and libxalan 1.10 from scratch again. And then I found all the files of version 2.7 is located in /usr/local/lib, not /usr/lib.
OVAL Builds simple process: Go to ovaldi-5.9.1-src/project/linux Make clean Make Then it will product a new executable file in /linux/Release/ovaldi To execute it, use ./ovaldi -m -o definitions.xml
When I use the oval.xml ( http://oval.mitre.org/rep-data/org.mitre.oval/index.html )as the definitions.xml file to scan the system, ovaldi produced an error: xerces memory not enough, things like that… The reason is because the definitions.html file contains all the systems and it is too big for my computer. So I changed to another small file which only contains information about unix, unix.xml ( http://oval.mitre.org/rep-data/org.mitre.oval/v/index.html ) Then finally the ovaldi 5.9.1 worked on ubuntu. Note: some monthly archive does not work well because the definition method is different. It always prompt: data type not defined, or things like this.