Hi Hans, As far as I remember Mark Pryor managed to compile it and made a debian package with XSM enabled.
So I think you can indeed close this bug :) Fun fact, I just compiled compiled the new stable version (4.11.1) yesterday successfully. If anyone crossing these reports wants to know the process (build in a Docker container, default flask policy): /# In an updated Debian 9 docker / /echo "deb-src http://ftp.be.debian.org/debian/ testing main" >> /etc/apt/sources.list// //apt update && apt upgrade -y/ ///# install testing apt sources// //apt-get source xen// // //# or just use :// //apt-get build-dep xen// // //apt install checkpolicy texinfo fakeroot libpci-dev pandoc libsystemd-dev fig2dev markdown devscripts rdfind// // //cd $(find $(pwd) -maxdepth 1 -type d -name "xen-*")// // //cat <<EOF >> // // //# Enableling and configuring XSM and FLASK// //XSM_ENABLE=y// //FLASK_ENABLE=y// //CONFIG_XSM=y// //CONFIG_FLASK=y// //CONFIG_FLASK_AVC_STATS=y// //CONFIG_XSM_POLICY=y// // //EOF// // //cd ..// // //dpkg-buildpackage -rfakeroot -us -uc -b// // //mkdir ../deb_files// //mv ../*.deb /../deb_files// // //# Copy what is under ./deb_files to the server (docker cp ... && scp -r ...)// // // //## Installation notes// //# Install the deb files// //dpkg -i *.deb// // //# set GRUB_CMDLINE_XEN_DEFAULT="flask=permissive" and GRUB_CMDLINE_XEN=""// //# in /etc/default/grub.d/xen.cfg// // //update-grub// // //# if grub doesn't want to start XEN kernel because of xenpolicy multiboot header bla bla - Li'l Bug with Grub integration// //# change // //# for i in /boo/xen*; do ... to for i in /boo/xen-*; do ... (line 180)// //# in vim /etc/grub.d/20_linux_xen// // //update-grub/ Best Regards, Hervé *Hervé Moris* System Administrator / Backend developer *Loyaltek* Cantersteen 47 1000 - Brussels Tel : +32 2 808.07.58 Fax : +32 2 706.56.84 www.loyaltek.com <http://www.loyaltek.com> On 1/23/19 11:41 PM, Hans van Kranenburg wrote: > tags 863198 + moreinfo > thanks > > Hi Hervé, > > I'm hunting down old bug reports in the Xen packages, and also ran into > this one: > > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863198 > > Like John Keates already answered in there, when dealing with the source > of a debian package, you're also expected to use the debian packaging > way of building it. When just issuing make commands, you're dealing with > the upstream source in a way that we cannot support in Debian. > > Since there has been no more activity on the report, I might close it in > a while if there's no response, since it's not something we can act on. > > Have fun, > Hans