FS#42910: Enable TOMOYO and SMACK

This commit is contained in:
Jan Alexander Steffens 2019-04-09 21:53:11 +00:00
parent 24689582b5
commit b16b08b24a
2 changed files with 14 additions and 4 deletions

View File

@ -26,7 +26,7 @@ validpgpkeys=(
'8218F88849AAC522E94CF470A5E9288C4FA415FA' # Jan Alexander Steffens (heftig) '8218F88849AAC522E94CF470A5E9288C4FA415FA' # Jan Alexander Steffens (heftig)
) )
sha256sums=('SKIP' sha256sums=('SKIP'
'df2ce998b050c707950c555f7f6ec0efcb8498fca10b4bce45f681844c8aa0ab' 'fdb355884faa86a2f9725d09657c9c32573b0f1e8bb31416823d1198bcb2f80d'
'ae2e95db94ef7176207c690224169594d49445e04249d2499e9d2fbc117a0b21' 'ae2e95db94ef7176207c690224169594d49445e04249d2499e9d2fbc117a0b21'
'c043f3033bb781e2688794a59f6d1f7ed49ef9b13eb77ff9a425df33a244a636' 'c043f3033bb781e2688794a59f6d1f7ed49ef9b13eb77ff9a425df33a244a636'
'ad6344badc91ad0630caacde83f7f9b97276f80d26a20619a87952be65492c65') 'ad6344badc91ad0630caacde83f7f9b97276f80d26a20619a87952be65492c65')

16
config
View File

@ -1,6 +1,6 @@
# #
# Automatically generated file; DO NOT EDIT. # Automatically generated file; DO NOT EDIT.
# Linux/x86 5.0.0-arch1 Kernel Configuration # Linux/x86 5.0.7-arch1 Kernel Configuration
# #
# #
@ -9271,8 +9271,16 @@ CONFIG_SECURITY_SELINUX_BOOTPARAM_VALUE=0
CONFIG_SECURITY_SELINUX_DEVELOP=y CONFIG_SECURITY_SELINUX_DEVELOP=y
CONFIG_SECURITY_SELINUX_AVC_STATS=y CONFIG_SECURITY_SELINUX_AVC_STATS=y
CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE=0 CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE=0
# CONFIG_SECURITY_SMACK is not set CONFIG_SECURITY_SMACK=y
# CONFIG_SECURITY_TOMOYO is not set CONFIG_SECURITY_SMACK_BRINGUP=y
CONFIG_SECURITY_SMACK_NETFILTER=y
CONFIG_SECURITY_SMACK_APPEND_SIGNALS=y
CONFIG_SECURITY_TOMOYO=y
CONFIG_SECURITY_TOMOYO_MAX_ACCEPT_ENTRY=2048
CONFIG_SECURITY_TOMOYO_MAX_AUDIT_LOG=1024
# CONFIG_SECURITY_TOMOYO_OMIT_USERSPACE_LOADER is not set
CONFIG_SECURITY_TOMOYO_POLICY_LOADER="/sbin/tomoyo-init"
CONFIG_SECURITY_TOMOYO_ACTIVATION_TRIGGER="/sbin/init"
CONFIG_SECURITY_APPARMOR=y CONFIG_SECURITY_APPARMOR=y
CONFIG_SECURITY_APPARMOR_BOOTPARAM_VALUE=0 CONFIG_SECURITY_APPARMOR_BOOTPARAM_VALUE=0
CONFIG_SECURITY_APPARMOR_HASH=y CONFIG_SECURITY_APPARMOR_HASH=y
@ -9286,6 +9294,8 @@ CONFIG_INTEGRITY_AUDIT=y
# CONFIG_IMA is not set # CONFIG_IMA is not set
# CONFIG_EVM is not set # CONFIG_EVM is not set
# CONFIG_DEFAULT_SECURITY_SELINUX is not set # CONFIG_DEFAULT_SECURITY_SELINUX is not set
# CONFIG_DEFAULT_SECURITY_SMACK is not set
# CONFIG_DEFAULT_SECURITY_TOMOYO is not set
# CONFIG_DEFAULT_SECURITY_APPARMOR is not set # CONFIG_DEFAULT_SECURITY_APPARMOR is not set
CONFIG_DEFAULT_SECURITY_DAC=y CONFIG_DEFAULT_SECURITY_DAC=y
CONFIG_DEFAULT_SECURITY="" CONFIG_DEFAULT_SECURITY=""