diff options
| author | Arkadiusz MiĆkiewicz | 2010-10-22 08:46:00 (GMT) |
|---|---|---|
| committer | cvs2git | 2012-06-24 12:13:13 (GMT) |
| commit | 0fab1401c3240aee62e402aed33bdcf4f44ae0a5 (patch) | |
| tree | 186a4096c59fb86250d3d75a1bb8f969d2a90462 | |
| parent | ba86f8330235190d99f8f1908a6c94ace86fadad (diff) | |
| download | kernel-0fab1401c3240aee62e402aed33bdcf4f44ae0a5.zip kernel-0fab1401c3240aee62e402aed33bdcf4f44ae0a5.tar.gz | |
- drop apparmor bcond (apparmor is in mainline)
Changed files:
kernel-multiarch.config -> 1.46
kernel.spec -> 1.845
| -rw-r--r-- | kernel-multiarch.config | 10 | ||||
| -rw-r--r-- | kernel.spec | 18 |
2 files changed, 11 insertions, 17 deletions
diff --git a/kernel-multiarch.config b/kernel-multiarch.config index 64d46ec..9732a21 100644 --- a/kernel-multiarch.config +++ b/kernel-multiarch.config @@ -6630,10 +6630,17 @@ LSM_MMAP_MIN_ADDR all=0 x86_64=65536 i386=65536 sparc64=8192 ppc=65536 DEFAULT_SECURITY_SELINUX all=y DEFAULT_SECURITY_SMACK all=n DEFAULT_SECURITY_TOMOYO all=n +DEFAULT_SECURITY_APPARMOR=n DEFAULT_SECURITY_DAC all=n CONFIG_DEFAULT_SECURITY all="selinux" #- +#- *** FILE: security/apparmor/Kconfig *** +#- +SECURITY_APPARMOR=y +SECURITY_APPARMOR_BOOTPARAM_VALUE=1 + +#- #- *** FILE: security/integrity/ima/Kconfig *** #- IMA all=n @@ -7076,6 +7083,9 @@ RAMZSWAP all=m RAMZSWAP_STATS all=y RT3090 all=m RTL8187SE all=m +SECURITY_APPARMOR_COMPAT_24=y +SECURITY_APPARMOR_DISABLE=n +SECURITY_APPARMOR_NETWORK=y SECURITY_FILE_CAPABILITIES all=y SENSORS_ADT7473 all=m SLOW_WORK_DEBUG all=n diff --git a/kernel.spec b/kernel.spec index 9b4617a..d8dcdc3 100644 --- a/kernel.spec +++ b/kernel.spec @@ -2,7 +2,6 @@ # NOTE: # the following bcond combos will not work # - without_vserver and any of the following -# - with_apparmor # - with_grsec_minimal # - with_grsec_full # @@ -48,7 +47,6 @@ %bcond_without vserver # support for VServer (enabled by default) %bcond_without tuxonice # support for tuxonice (ex-suspend2) (enabled by default) -%bcond_without apparmor # build kernel with apparmor (exerimental mix) %bcond_with rescuecd # build kernel for our rescue @@ -86,7 +84,6 @@ %define have_pcmcia 1 %if %{with rescuecd} -%unglobal with_apparmor %unglobal with_tuxonice %unglobal with_grsecurity %unglobal with_grsec_full @@ -129,7 +126,7 @@ %endif %else %if %{without rescuecd} -%define __alt_kernel %{?with_pax:pax}%{!?with_grsec_full:nogrsecurity}%{!?with_apparmor:noaa}%{?with_pae:pae} +%define __alt_kernel %{?with_pax:pax}%{!?with_grsec_full:nogrsecurity}%{?with_pae:pae} %if "%{__alt_kernel}" != "" %define alt_kernel %{__alt_kernel} %endif @@ -474,7 +471,6 @@ BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n) %{?with_pax:PaX support - enabled}\ %{?with_fbcondecor:Fbsplash/fbcondecor - enabled }\ %{?with_nfsroot:Root on NFS - enabled}\ -%{?with_apparmor:apparmor support - enabled}\ %define Features %(echo "%{__features}" | sed '/^$/d') @@ -843,9 +839,7 @@ sed -i 's/-Werror//' arch/alpha/kernel/Makefile # end of grsecurity & pax stuff # apparmor -%if %{with apparmor} %patch5000 -p1 -%endif # FIXME #%patch150 -p1 @@ -988,16 +982,6 @@ BuildConfig() { CONFIG_RT_DEADLOCK_DETECT=y %endif -# apparmor, will be moved to external file if works -%if %{with apparmor} - CONFIG_SECURITY_APPARMOR=y - CONFIG_SECURITY_APPARMOR_BOOTPARAM_VALUE=1 - CONFIG_SECURITY_APPARMOR_DISABLE=n - CONFIG_SECURITY_APPARMOR_NETWORK=y - CONFIG_SECURITY_APPARMOR_COMPAT_24=y - CONFIG_DEFAULT_SECURITY_APPARMOR=n -%endif - %if %{without ipv6} CONFIG_IPV6=n %endif |