TracNav menu

CDS Framework Download and Installation Instructions

1. Introduction

1.2. Purpose

The purpose of this document is to provide the essential instructions to download and install CDS Framework for use or development. Additionally, this document addresses preparation of the CDS Framework build environment and downloading the CDS Framework source code for experienced users to build the CDS Framework plug-ins locally.

1.3. Scope

This document provides instructions for installation of the components that encompasses the CDS Framework functionality. These software components are:

  • CDS Framework
  • Eclipse
  • CLIP
  • SLIDE

1.4. Acronyms and Abbreviations

CDS	Cross Domain Solution
GCJ	GNU Compiler for Java
GEF	Graphical Editing Framework
OSS	Open Source Software
RHEL	Red Hat Enterprise Linux
SDK	Software Development Kit
SVN	Subversion
SWIG 	Simplified Wrapper and Interface Generator

2. Dependencies

The following dependencies must be satisfied to install and use CDS Framework and are explained in greater detail as described below:

2.1. Eclipse SDK 3.4.1 or later

Eclipse provides the core frameworks and services upon which plug-in extensions are created. It also provides the runtime in which plug-ins are loaded, integrated, and executed. The CDS Framework toolkit is an Eclipse plug-in and requires Eclipse version 3.4.1 or later. CDS Framework is implemented as a plug-in to the Eclipse SDK and is set up like other Eclipse plug-ins. Once Eclipse has been launched, the user will switch to the CDS Framework Toolkit perspective.

2.2. SLIDE version 1.3.14 or later

The CDS Framework toolkit translates a graphical security architecture diagram into SELinux Security Policy. The toolkit creates a SELinux policy module that SLIDE compiles into the binary policy.

2.3. SETools - Policy Analysis Tools for SELinux

SETools is an open source project designed to facilitate SELinux policy analysis. SETools includes a number of tools packaged along with a number of associated libraries, in a single distribution. The primary tools are:

  • apol - analyze a SELinux policy.
  • seaudit - analyze audit messages from SELinux.
  • seaudit-report - generate highly-customized audit log reports.
  • sechecker - command line tool for performing modular checks on an SELinux policy.
  • sediff - semantic policy difference tool for SELinux.
  • secmds - command-line tools to analyze and search SELinux policy.

2.4. Reference Policy

The SELinux Reference Policy is a complete SELinux policy that can be used as the system policy for a variety of systems and used as the basis for creating other policies. For CDS Framework to fully function, a reference policy is required. The reference policy is installed in Section 4, Install SELinux Reference Policy (CLIP Installation).

3. Installing CDS Framework Eclipse Plug-in

Depending on what type of operating system you have installed, there are different methods of CDS Framework installation as described below.

3.1. Installation for Fedora 10/11

3.1.1. Tresys OSS YUM Repository

For Fedora installations there is a hosted yum repository that has CDS Framework and other Tresys developed tools. This has all of the Tresys RPMs for:

  • Eclipse
  • SETools
  • Slide
  • CDS Framework

Install the Tresys OSS yum repository file Version 3.4.2.

  1. From a Terminal/command line session, while logged in as a Super User (i.e. root), execute the following command: 
    rpm –Uvh http://oss.tresys.com/repo/tresys-oss-1-0.noarch.rpm
  2. Once complete (the Tresys OSS yum repository), you are ready to install the CDS Framework plug-in into Eclipse. Simply type: 
    yum install eclipse-cdsframework
  3. Once plug-in is complete, you are now ready to use Eclipse. Go to section “Updating Eclipse with CDS Framework Plug-ins”

Go to Section 4, Install SELinux Reference Policy (CLIP Installation) to install the SELinux Reference Policy.

3.2. Installation for RHEL and CentOS

3.2.1 Install Sun Java for RHEL Platforms

Eclipse requires Java JRE 1.4.2 or later to operate correctly. The JRE provided with the RHEL installation is not compatible with Eclipse. A compatible Java JRE must be downloaded and installed to facilitate installation and correct operation of Eclipse. The Sun Java JRE is compatible and can be downloaded and installed from the Sun Java site. To download and install the Sun Java JRE perform the following steps:

  1. Download the Sun JRE version 1.4.2 or later, appropriate for your platform, to a folder of your choice.
  2. From a terminal/command line session use the cd command to go to the download folder.
  3. Execute the following commands to install the JRE and configure RHEL to use it. 
    chmod +x jrefilename-rpm.bin

./jrefilename-rpm.bin

alternatives --install /usr/bin/java java /usr/java/default/bin/java 16017

alternatives –config java
  4. Keep or enter the number for the /usr/java/default/bin/java and press enter.

3.2.2 Installing Eclipse for RHEL/CentOS

This section is for installation of Eclipse SDK on RHEL and CentOS platforms that do not have the Eclipse SDK installed. Because CDS Framework is an Eclipse plug-in, Eclipse must be installed on RHEL and CentOS platforms prior to installation of the CDS Framework.

Check for Eclipse on your platform and if Eclipse is not installed go to the Eclipse site to download and install the Eclipse SDK version 3.4.1 or later, appropriate for your Linux platform.

RHEL and CentOS do not have the RPMs available for the Eclipse Graphical Editing Framework (GEF) which is required for CDS Framework. If GEF is not installed on your platform go to the Eclipse GEF download site to download and install.

3.2.3. Updating Eclipse with CDS Framework Plug-ins

The following directions installs the CDS Framework plug-ins once you have Eclipse installed on a RHEL/CentOS platform or was installed in Section 3.2.2.

With Eclipse running perform the following steps:

  1. Click Help > Software Updates from the main menu. The “Software Updates and Add-ons” pop-up window is displayed.
  2. In the pop-up window, un-check the “Group items by category” checkbox.
  3. In the pop-up window, check the “Hide items that are already installed” checkbox.
  4. In the pop-up window, click the “Add” button.
  5. On the Add Site dialog enter “Tresys Open Source Software” in the Name field and “http://oss.tresys.com/eclipse-update/” in the “location” field then click OK. The available RPM packages are listed on the “Install” pop-up window. The following packages (if not already installed) may be listed:
  • CDS Framework
  • LIBSELinuxJava
  • SETools
  • SLIDE
  1. Select/check all listed checkboxes and click “Next” to continue with the update.
  2. The checked packages are listed under Install Details. Review the Install Details and click Next.
  3. On the following page, review the GNU License terms and conditions and select “I accept the terms and conditions” to continue and click “Finish”.
  4. When operation finishes, restart Eclipse by clicking “Yes”.

You are now ready to install SELinux Reference Policy.

4. Install SELinux Reference Policy

For CDS Framework to fully function a reference policy is required. You can choose the standard SELinux policy install or you may choose the Tresys CLIP policy. Both are available on the Tresys OSS. See below links for additional details. The SELinux reference policy can be found at:

http://oss.tresys.com/projects/refpolicy/wiki/DownloadRelease

The CLIP SELinux policy can be found at:

http://oss.tresys.com/projects/clip/wiki/DownloadRelease#CLIP3.1.3RHEL5.4

At this point the CDS Framework and its dependencies have been successfully installed and ready to be used. You may start Eclipse from the menu or terminal command line. Refer to the user documentation for information on how to use CDS Framework Toolkit.

5. RPM Installation Information

The information below lists the various versions of Eclipse CDS Framework RPM packages and source files.

Release 4.0 (latest)

eclipse-cdsframework-4.0.0-1.i386.rpm
eclipse-cdsframework-4.0.0-1.x86_64.rpm

Source RPM
Source tar file

Release 3.6.0

eclipse-cdsframework-3.6.0-1.i386.rpm
eclipse-cdsframework-3.6.0-1.x86_64.rpm

Source RPM
Source tar file

Release 2.2.0

eclipse-cdsframework-2.2.0-1.i386.rpm
eclipse-cdsframework-2.2.0-1.x86_64.rpm

Release 1.0

A tarball of CDS Framework IDE Release 1.0 is available for download:

CDS-Framework-IDE.tar.bz2 (latest stable)

View the installation instructions.

6. Building CDS Framework from Source

This section is for experienced developers. The following sections describe what is necessary for the development environment and how to check out and download the source necessary for developing and building CDS Framework locally. This method is really only for those experienced users who want to develop CDS Framework. Not recommended for most users.

6.1. Prepare the Development Environment

To build the CDS Framework plugin in Eclipse you need the following installed:

6.2. Setting-Up Eclipse for CDS Framework

Once all of the above are installed launch Eclipse and do the following:

  1. Menu 'File -> Import' select 'Checkout Projects from SVN' and press 'Next'
  2. Select 'Create a new repository location' and press 'Next'
  3. Enter URL: http://oss.tresys.com/repos/cdsframework/trunk and press 'Next'
  4. Select the following projects and press 'Finish':
    • framework-plugin
    • libselinx.linux.x86 (or x86_64 based on your platform)
    • libselinuxjava-plugin
    • helpfiles (the help files)
  5. Once everything has been checked out, right click on the project and select 'Properties':
    1. Select 'JavaCC options' tab
    2. Set 'OUTPUT_DIRECTORY' to '.' (no quotes)

6.3. SVN CDS Framework Source Checkout

Use the following command to checkout the current development repository: 

svn co http://oss.tresys.com/repos/cdsframework/trunk

The development environment and CDS Framework source projects are now ready to begin development activity.