diff options
| author | Robin Appelman | 2018-08-30 22:43:17 +0200 |
|---|---|---|
| committer | Robin Appelman | 2018-08-30 22:43:32 +0200 |
| commit | 4dd4d3f69f30319eacda06ac8f18757ca7e8196f (patch) | |
| tree | a919357b7b627d5fd7916b1f0714f5093843684b | |
| parent | 249172929111076991340ee35b9758720f36ca23 (diff) | |
| download | aur-4dd4d3f69f30319eacda06ac8f18757ca7e8196f.tar.gz | |
Enable TXT, SELinux and AppArmor
| -rw-r--r-- | PKGBUILD | 2 | ||||
| -rw-r--r-- | config | 19 |
2 files changed, 17 insertions, 4 deletions
@@ -28,7 +28,7 @@ validpgpkeys=( '8218F88849AAC522E94CF470A5E9288C4FA415FA' # Jan Alexander Steffens (heftig) ) sha256sums=('SKIP' - '9a8b3a52cc1b9e4fb6c07d58a5bde4baa56d1957b726be8b46551d71c736571e' + 'e357d183c7987dba9c611ca61f69e20c1de39bcc60c78e4ebc3957021c5f2b67' 'ae2e95db94ef7176207c690224169594d49445e04249d2499e9d2fbc117a0b21' '75f99f5239e03238f88d1a834c50043ec32b1dc568f2cc291b07d04718483919' 'ad6344badc91ad0630caacde83f7f9b97276f80d26a20619a87952be65492c65') @@ -9255,20 +9255,33 @@ CONFIG_PAGE_TABLE_ISOLATION=y CONFIG_SECURITY_INFINIBAND=y CONFIG_SECURITY_NETWORK_XFRM=y CONFIG_SECURITY_PATH=y -# CONFIG_INTEL_TXT is not set +CONFIG_INTEL_TXT=y +CONFIG_LSM_MMAP_MIN_ADDR=65536 CONFIG_HAVE_HARDENED_USERCOPY_ALLOCATOR=y CONFIG_HARDENED_USERCOPY=y CONFIG_HARDENED_USERCOPY_FALLBACK=y # CONFIG_HARDENED_USERCOPY_PAGESPAN is not set CONFIG_FORTIFY_SOURCE=y # CONFIG_STATIC_USERMODEHELPER is not set -# CONFIG_SECURITY_SELINUX is not set +CONFIG_SECURITY_SELINUX=y +CONFIG_SECURITY_SELINUX_BOOTPARAM=y +CONFIG_SECURITY_SELINUX_BOOTPARAM_VALUE=0 +# CONFIG_SECURITY_SELINUX_DISABLE is not set +CONFIG_SECURITY_SELINUX_DEVELOP=y +CONFIG_SECURITY_SELINUX_AVC_STATS=y +CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE=0 # CONFIG_SECURITY_SMACK is not set # CONFIG_SECURITY_TOMOYO is not set -# CONFIG_SECURITY_APPARMOR is not set +CONFIG_SECURITY_APPARMOR=y +CONFIG_SECURITY_APPARMOR_BOOTPARAM_VALUE=0 +CONFIG_SECURITY_APPARMOR_HASH=y +CONFIG_SECURITY_APPARMOR_HASH_DEFAULT=y +# CONFIG_SECURITY_APPARMOR_DEBUG is not set # CONFIG_SECURITY_LOADPIN is not set CONFIG_SECURITY_YAMA=y # CONFIG_INTEGRITY is not set +# CONFIG_DEFAULT_SECURITY_SELINUX is not set +# CONFIG_DEFAULT_SECURITY_APPARMOR is not set CONFIG_DEFAULT_SECURITY_DAC=y CONFIG_DEFAULT_SECURITY="" CONFIG_XOR_BLOCKS=m |