# Dazuko won't emerge

## andrewwalker27

I'm having trouble getting Auto-Scan working in KlamAV and believe I need to install dazuko to enable it. Unfortunately it fails to emerge with the following results

 * Converting Makefile to use M= instead of SUBDIRS= ...                                                                                                                               [ ok ]

 * Preparing dazuko module

make -C /usr/src/linux M="/var/tmp/portage/dazuko-2.1.0/work/dazuko-2.1.0" modules

make[1]: Entering directory `/usr/src/linux-2.6.14-gentoo-r4'

  CC [M]  /var/tmp/portage/dazuko-2.1.0/work/dazuko-2.1.0/dazuko_core.o

  CC [M]  /var/tmp/portage/dazuko-2.1.0/work/dazuko-2.1.0/dazuko_transport.o

  CC [M]  /var/tmp/portage/dazuko-2.1.0/work/dazuko-2.1.0/dazuko_linux26_lsm.o

In file included from /var/tmp/portage/dazuko-2.1.0/work/dazuko-2.1.0/dazuko_linux26_lsm.c:20:

/var/tmp/portage/dazuko-2.1.0/work/dazuko-2.1.0/dazuko_linux26_lsm.h:446: error: unknown field `inode_post_create' specified in initializer

/var/tmp/portage/dazuko-2.1.0/work/dazuko-2.1.0/dazuko_linux26_lsm.h:446: warning: initialization from incompatible pointer type

/var/tmp/portage/dazuko-2.1.0/work/dazuko-2.1.0/dazuko_linux26_lsm.h:448: error: unknown field `inode_post_link' specified in initializer

/var/tmp/portage/dazuko-2.1.0/work/dazuko-2.1.0/dazuko_linux26_lsm.h:448: warning: initialization from incompatible pointer type

/var/tmp/portage/dazuko-2.1.0/work/dazuko-2.1.0/dazuko_linux26_lsm.h:451: error: unknown field `inode_post_symlink' specified in initializer

/var/tmp/portage/dazuko-2.1.0/work/dazuko-2.1.0/dazuko_linux26_lsm.h:451: warning: initialization from incompatible pointer type

/var/tmp/portage/dazuko-2.1.0/work/dazuko-2.1.0/dazuko_linux26_lsm.h:453: error: unknown field `inode_post_mkdir' specified in initializer

/var/tmp/portage/dazuko-2.1.0/work/dazuko-2.1.0/dazuko_linux26_lsm.h:453: warning: initialization from incompatible pointer type

/var/tmp/portage/dazuko-2.1.0/work/dazuko-2.1.0/dazuko_linux26_lsm.h:456: error: unknown field `inode_post_mknod' specified in initializer

/var/tmp/portage/dazuko-2.1.0/work/dazuko-2.1.0/dazuko_linux26_lsm.h:456: warning: initialization from incompatible pointer type

/var/tmp/portage/dazuko-2.1.0/work/dazuko-2.1.0/dazuko_linux26_lsm.h:458: error: unknown field `inode_post_rename' specified in initializer

/var/tmp/portage/dazuko-2.1.0/work/dazuko-2.1.0/dazuko_linux26_lsm.h:458: warning: initialization from incompatible pointer type

/var/tmp/portage/dazuko-2.1.0/work/dazuko-2.1.0/dazuko_linux26_lsm.c: In function `dazuko_security_inode_post_create':

/var/tmp/portage/dazuko-2.1.0/work/dazuko-2.1.0/dazuko_linux26_lsm.c:354: error: structure has no member named `inode_post_create'

/var/tmp/portage/dazuko-2.1.0/work/dazuko-2.1.0/dazuko_linux26_lsm.c:354: error: structure has no member named `inode_post_create'

/var/tmp/portage/dazuko-2.1.0/work/dazuko-2.1.0/dazuko_linux26_lsm.c: In function `dazuko_security_inode_post_link':

/var/tmp/portage/dazuko-2.1.0/work/dazuko-2.1.0/dazuko_linux26_lsm.c:366: error: structure has no member named `inode_post_link'

/var/tmp/portage/dazuko-2.1.0/work/dazuko-2.1.0/dazuko_linux26_lsm.c:366: error: structure has no member named `inode_post_link'

/var/tmp/portage/dazuko-2.1.0/work/dazuko-2.1.0/dazuko_linux26_lsm.c: In function `dazuko_security_inode_post_symlink':

/var/tmp/portage/dazuko-2.1.0/work/dazuko-2.1.0/dazuko_linux26_lsm.c:385: error: structure has no member named `inode_post_symlink'

/var/tmp/portage/dazuko-2.1.0/work/dazuko-2.1.0/dazuko_linux26_lsm.c:385: error: structure has no member named `inode_post_symlink'

/var/tmp/portage/dazuko-2.1.0/work/dazuko-2.1.0/dazuko_linux26_lsm.c: In function `dazuko_security_inode_post_mkdir':

/var/tmp/portage/dazuko-2.1.0/work/dazuko-2.1.0/dazuko_linux26_lsm.c:397: error: structure has no member named `inode_post_mkdir'

/var/tmp/portage/dazuko-2.1.0/work/dazuko-2.1.0/dazuko_linux26_lsm.c:397: error: structure has no member named `inode_post_mkdir'

/var/tmp/portage/dazuko-2.1.0/work/dazuko-2.1.0/dazuko_linux26_lsm.c: In function `dazuko_security_inode_post_mknod':

/var/tmp/portage/dazuko-2.1.0/work/dazuko-2.1.0/dazuko_linux26_lsm.c:416: error: structure has no member named `inode_post_mknod'

/var/tmp/portage/dazuko-2.1.0/work/dazuko-2.1.0/dazuko_linux26_lsm.c:416: error: structure has no member named `inode_post_mknod'

/var/tmp/portage/dazuko-2.1.0/work/dazuko-2.1.0/dazuko_linux26_lsm.c: In function `dazuko_security_inode_post_rename':

/var/tmp/portage/dazuko-2.1.0/work/dazuko-2.1.0/dazuko_linux26_lsm.c:428: error: structure has no member named `inode_post_rename'

/var/tmp/portage/dazuko-2.1.0/work/dazuko-2.1.0/dazuko_linux26_lsm.c:428: error: structure has no member named `inode_post_rename'

make[2]: *** [/var/tmp/portage/dazuko-2.1.0/work/dazuko-2.1.0/dazuko_linux26_lsm.o] Error 1

make[2]: *** Waiting for unfinished jobs....

make[1]: *** [_module_/var/tmp/portage/dazuko-2.1.0/work/dazuko-2.1.0] Error 2

make[1]: Leaving directory `/usr/src/linux-2.6.14-gentoo-r4'

make: *** [dummy_rule] Error 2

!!! ERROR: sys-fs/dazuko-2.1.0 failed.

!!! Function linux-mod_src_compile, Line 505, Exitcode 2

!!! Unable to make                                   dummy_rule.

!!! If you need support, post the topmost build error, NOT this status message.

athlonxp fred #

It seems to configure ok so I think my kernel settings are correct, it just screws up almost immediately during building.

I'm using ~x86 on 2.6.14-gentoo-r4.

Whilst I'm on the subject, where do I tell Gentoo to load the module on start-up? I've seen loads of posts with problems with dazuko but very little in the form of conclusive fixes, anyone know of a definitive howto guide?

----------

## roderick

I have the same problem, however it was working just prior to me switching from kernel 2.6.12 to 2.6.14.

I have found some things that have changed in the headers between versions, so it's likely that something changed and what dazuko 2.1.0 was looking for in the headers under 2.6.12 is no longer in the same place under 2.6.14.

Someone will have to write a patch for the Gentoo ebuild of dazuko to check for kernel version and if > 2.6.13 (I'm guessing) then apply patch, otherwise build as normal.

I'm looking into it to see if I can find the exact changes required, but don't hold your breath. I'm not too fluent in the kernel and a bit hesitant to hack blindly. Still, if it is a simple fix... who knows.

Perhaps someone else has come across this already and found the fix, and would be willing to share.

Cheers,

Rod.

----------

## roderick

Ok...

So a short while later, I download dazuko 2.1.1 Pre3 from www.dazuko.org to see if it compiles direct from source under Gentoo and kernel 2.6.14. It does.

This makes life a little easier.

All you need to do is setup your portage overlay (howto's can be found elsewhere in the forums) and build a new dazuko portage entry for 2.1.1 Pre3.

Basically, copy -a /usr/portage/sys-fs/dazuko to /usr/local/portage/sys-fs/ (assuming your overlay is /usr/local/portage).

Rename the dazuko ebuild from dazuko-2.1.0.ebuild to dazuko-2.1.1_pre3.ebuild. Since the ebuild is pretty vanilla, this will work (tested fine here at least).

Next, you need to update the digest: ebuild dazuko-2.1.1_pre3.ebuild digest

now you can emerge -av dazuko

Hope this helps and works for you.

----------

## XenoTerraCide

just an opinion and I don't mean to waist anyones time but on-access scanning in linux is a complete waist of system resources. I tried dazuko once... I couldn't believe how much it slowed down my system. there are only about 100 known viruses for linux give or take. and 70,000+ known for windows. probably none of the ones known for linux still work and they definitely aren't in circulation. unless your using dazuko to provide on access for a windows machine on a network it's a waste of your time. but it's your choice.

----------

## roderick

 *XenoTerraCide wrote:*   

> just an opinion and I don't mean to waist anyones time but on-access scanning in linux is a complete waist of system resources. I tried dazuko once... I couldn't believe how much it slowed down my system. there are only about 100 known viruses for linux give or take. and 70,000+ known for windows. probably none of the ones known for linux still work and they definitely aren't in circulation. unless your using dazuko to provide on access for a windows machine on a network it's a waste of your time. but it's your choice.

 

For anyone with a dual boot system, and mounting windows volumes under linux or vice versa, it's probably worth it. 

For the really paranoid, it helps them sleep at night. 

If you are careful about what you do, where you browse, and what you download, then your chances are slim that you'd be affected by anything. However, I always like to err on the side of caution. On my system, I never noticed any slowdown, so I opted to use it.

For reference, I have a Acer Aspire 1410 WLCi, 1.3GHz, 512 Meg RAM. It's mid range now-a-days, but Gentoo runs speedy here with all the bells and whistles turned on in KDE 3.5.

Everyone should judge for themselves. If you have a slower machine, then you cannot run all the bells and whistles all the time. You can still use ClamAv without Dazuko, you just do not get real time protection. 

Food for thought.

----------

## XenoTerraCide

my slowdown was extremely mininimal I run fluxbox. so I'm used to a much faster system than gnome or kde provide. and the smallest thing is noticeable for me. my system is a 1.8Gz processor with 768MB of ram. and it is a dual boot.

I actually had a trojan on my linux system once. it was picked up by clamscan... but it was a win32 trojan and had absolutely no effect. no windwows virus would be able to propagate while your system is in linx. 

I actually had a hand in at least one change to it. I found a problem with it's installer. It wouldn't install if it was in a directory with spaces. like firefox's "my downloads" they then implemented a fix in the next version. about the only use dazuko would have for a dual boot is if you don't want to run a full recursive clamscan and you want it to check any files on you windows part when you get into them.

another thing about the minimal slow up I experienced... I could describe it as being like running my windows system... I think on access is one of window's problems for being slower. and my windows system doesn't have bugs. 

like I said it's everyone's choice, I'm just advising against it and giving reasons why. on the other hand I used dazuko back arround 1.0 it wasn't even in portage then. It may be faster and more mature now. but no linux system admin would use it. that's one of the advantage's of linux no virus's and no spyware.

----------

