All of lore.kernel.org
 help / color / mirror / Atom feed
* [meta-security][v2][PATCH] linux-yocto: make bbappend version neutral
@ 2019-04-01  0:38 Armin Kuster
  0 siblings, 0 replies; only message in thread
From: Armin Kuster @ 2019-04-01  0:38 UTC (permalink / raw)
  To: yocto

update apparmor configs

[v2]
Just update configs.

leave versions intact.

Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
 recipes-kernel/linux/linux-yocto/apparmor.cfg        | 12 +++++++-----
 .../linux/linux-yocto/apparmor_on_boot.cfg           |  1 +
 recipes-kernel/linux/linux-yocto_4.%.bbappend        |  1 +
 3 files changed, 9 insertions(+), 5 deletions(-)
 create mode 100644 recipes-kernel/linux/linux-yocto/apparmor_on_boot.cfg

diff --git a/recipes-kernel/linux/linux-yocto/apparmor.cfg b/recipes-kernel/linux/linux-yocto/apparmor.cfg
index 1dc4168..b5f9bb2 100644
--- a/recipes-kernel/linux/linux-yocto/apparmor.cfg
+++ b/recipes-kernel/linux/linux-yocto/apparmor.cfg
@@ -1,13 +1,15 @@
 CONFIG_AUDIT=y
-CONFIG_AUDITSYSCALL=y
-CONFIG_AUDIT_WATCH=y
-CONFIG_AUDIT_TREE=y
 # CONFIG_NETFILTER_XT_TARGET_AUDIT is not set
+CONFIG_SECURITY_NETWORK=y
+# CONFIG_SECURITY_NETWORK_XFRM is not set
 CONFIG_SECURITY_PATH=y
 # CONFIG_SECURITY_SELINUX is not set
 CONFIG_SECURITY_APPARMOR=y
-CONFIG_SECURITY_APPARMOR_BOOTPARAM_VALUE=1
 CONFIG_SECURITY_APPARMOR_HASH=y
 CONFIG_SECURITY_APPARMOR_HASH_DEFAULT=y
+# CONFIG_SECURITY_APPARMOR_DEBUG is not set
 CONFIG_INTEGRITY_AUDIT=y
-# CONFIG_DEFAULT_SECURITY_APPARMOR is not set
+CONFIG_DEFAULT_SECURITY_APPARMOR=y
+# CONFIG_DEFAULT_SECURITY_DAC is not set
+CONFIG_DEFAULT_SECURITY="apparmor"
+CONFIG_AUDIT_GENERIC=y
diff --git a/recipes-kernel/linux/linux-yocto/apparmor_on_boot.cfg b/recipes-kernel/linux/linux-yocto/apparmor_on_boot.cfg
new file mode 100644
index 0000000..fc35740
--- /dev/null
+++ b/recipes-kernel/linux/linux-yocto/apparmor_on_boot.cfg
@@ -0,0 +1 @@
+CONFIG_SECURITY_APPARMOR_BOOTPARAM_VALUE=1
diff --git a/recipes-kernel/linux/linux-yocto_4.%.bbappend b/recipes-kernel/linux/linux-yocto_4.%.bbappend
index 067be8f..321392c 100644
--- a/recipes-kernel/linux/linux-yocto_4.%.bbappend
+++ b/recipes-kernel/linux/linux-yocto_4.%.bbappend
@@ -2,6 +2,7 @@ FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"
 
 SRC_URI += "\
         ${@bb.utils.contains('DISTRO_FEATURES', 'apparmor', ' file://apparmor.cfg', '', d)} \
+        ${@bb.utils.contains('DISTRO_FEATURES', 'apparmor', ' file://apparmor_on_boot.cfg', '', d)} \
 "
 
 SRC_URI += "\
-- 
2.17.1



^ permalink raw reply related	[flat|nested] only message in thread
only message in thread, other threads:[~2019-04-01  0:38 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-04-01  0:38 [meta-security][v2][PATCH] linux-yocto: make bbappend version neutral Armin Kuster

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.