home *** CD-ROM | disk | FTP | other *** search
- config SECURITY_APPARMOR
- bool "AppArmor support"
- depends on SECURITY
- select AUDIT
- select SECURITYFS
- help
- This enables the AppArmor security module.
- Required userspace tools (if they are not included in your
- distribution) and further information may be found at
- <http://forge.novell.com/modules/xfmod/project/?apparmor>
-
- If you are unsure how to answer this question, answer N.
-
- config SECURITY_APPARMOR_BOOTPARAM_VALUE
- int "AppArmor boot parameter default value"
- depends on SECURITY_APPARMOR
- range 0 1
- default 1
- help
- This option sets the default value for the kernel parameter
- 'apparmor', which allows AppArmor to be enabled or disabled
- at boot. If this option is set to 0 (zero), the AppArmor
- kernel parameter will default to 0, disabling AppArmor at
- bootup. If this option is set to 1 (one), the AppArmor
- kernel parameter will default to 1, enabling AppArmor at
- bootup.
-
- If you are unsure how to answer this question, answer 1.
-
- config SECURITY_APPARMOR_DISABLE
- bool "AppArmor runtime disable"
- depends on SECURITY_APPARMOR
- default n
- help
- This option enables writing to a apparmorfs node 'disable', which
- allows AppArmor to be disabled at runtime prior to the policy load.
- AppArmor will then remain disabled until the next boot.
- This option is similar to the apparmor.enabled=0 boot parameter,
- but is to support runtime disabling of AppArmor, e.g. from
- /sbin/init, for portability across platforms where boot
- parameters are difficult to employ.
-
- If you are unsure how to answer this question, answer N.
-
