Disable integrity, enable safesetid, only load yama by default
This commit is contained in:
Jan Alexander Steffens
parent
78a111327b
commit
10505f2f9b
2
PKGBUILD
2
PKGBUILD
@ -26,7 +26,7 @@ validpgpkeys=(
|
||||
'8218F88849AAC522E94CF470A5E9288C4FA415FA' # Jan Alexander Steffens (heftig)
|
||||
)
|
||||
sha256sums=('SKIP'
|
||||
'd1ad8403bfc9681bddf42300b1b51d8975506b91e791e341f839797513208eff'
|
||||
'02390efe7637927502bc834daf3f413ea5e2cb084bca125372e70dc9438e824c'
|
||||
'ae2e95db94ef7176207c690224169594d49445e04249d2499e9d2fbc117a0b21'
|
||||
'c043f3033bb781e2688794a59f6d1f7ed49ef9b13eb77ff9a425df33a244a636'
|
||||
'ad6344badc91ad0630caacde83f7f9b97276f80d26a20619a87952be65492c65')
|
||||
|
||||
10
config
10
config
@ -9330,18 +9330,14 @@ CONFIG_SECURITY_APPARMOR_HASH_DEFAULT=y
|
||||
# CONFIG_SECURITY_APPARMOR_DEBUG is not set
|
||||
# CONFIG_SECURITY_LOADPIN is not set
|
||||
CONFIG_SECURITY_YAMA=y
|
||||
# CONFIG_SECURITY_SAFESETID is not set
|
||||
CONFIG_INTEGRITY=y
|
||||
# CONFIG_INTEGRITY_SIGNATURE is not set
|
||||
CONFIG_INTEGRITY_AUDIT=y
|
||||
# CONFIG_IMA is not set
|
||||
# CONFIG_EVM is not set
|
||||
CONFIG_SECURITY_SAFESETID=y
|
||||
# CONFIG_INTEGRITY is not set
|
||||
# CONFIG_DEFAULT_SECURITY_SELINUX is not set
|
||||
# CONFIG_DEFAULT_SECURITY_SMACK is not set
|
||||
# CONFIG_DEFAULT_SECURITY_TOMOYO is not set
|
||||
# CONFIG_DEFAULT_SECURITY_APPARMOR is not set
|
||||
CONFIG_DEFAULT_SECURITY_DAC=y
|
||||
CONFIG_LSM="yama,loadpin,safesetid,integrity"
|
||||
CONFIG_LSM="yama"
|
||||
CONFIG_XOR_BLOCKS=m
|
||||
CONFIG_ASYNC_CORE=m
|
||||
CONFIG_ASYNC_MEMCPY=m
|
||||
|
||||
Loading…
Reference in New Issue
Block a user