Version:  2.0.40 2.2.26 2.4.37 3.11 3.12 3.13 3.14 3.15 3.16 3.17 3.18 3.19 4.0 4.1 4.2 4.3 4.4 4.5 4.6 4.7 4.8

Linux/security/apparmor/Kconfig

  1 config SECURITY_APPARMOR
  2         bool "AppArmor support"
  3         depends on SECURITY && NET
  4         select AUDIT
  5         select SECURITY_PATH
  6         select SECURITYFS
  7         select SECURITY_NETWORK
  8         default n
  9         help
 10           This enables the AppArmor security module.
 11           Required userspace tools (if they are not included in your
 12           distribution) and further information may be found at
 13           http://apparmor.wiki.kernel.org
 14 
 15           If you are unsure how to answer this question, answer N.
 16 
 17 config SECURITY_APPARMOR_BOOTPARAM_VALUE
 18         int "AppArmor boot parameter default value"
 19         depends on SECURITY_APPARMOR
 20         range 0 1
 21         default 1
 22         help
 23           This option sets the default value for the kernel parameter
 24           'apparmor', which allows AppArmor to be enabled or disabled
 25           at boot.  If this option is set to 0 (zero), the AppArmor
 26           kernel parameter will default to 0, disabling AppArmor at
 27           boot.  If this option is set to 1 (one), the AppArmor
 28           kernel parameter will default to 1, enabling AppArmor at
 29           boot.
 30 
 31           If you are unsure how to answer this question, answer 1.
 32 
 33 config SECURITY_APPARMOR_HASH
 34         bool "Enable introspection of sha1 hashes for loaded profiles"
 35         depends on SECURITY_APPARMOR
 36         select CRYPTO
 37         select CRYPTO_SHA1
 38         default y
 39 
 40         help
 41           This option selects whether introspection of loaded policy
 42           is available to userspace via the apparmor filesystem.
 43 
 44 config SECURITY_APPARMOR_HASH_DEFAULT
 45        bool "Enable policy hash introspection by default"
 46        depends on SECURITY_APPARMOR_HASH
 47        default y
 48 
 49        help
 50          This option selects whether sha1 hashing of loaded policy
 51          is enabled by default. The generation of sha1 hashes for
 52          loaded policy provide system administrators a quick way
 53          to verify that policy in the kernel matches what is expected,
 54          however it can slow down policy load on some devices. In
 55          these cases policy hashing can be disabled by default and
 56          enabled only if needed.

This page was automatically generated by LXR 0.3.1 (source).  •  Linux is a registered trademark of Linus Torvalds  •  Contact us