diff options
author | John Johansen <john.johansen@canonical.com> | 2010-07-29 17:48:08 -0400 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2010-08-02 01:38:34 -0400 |
commit | f9ad1af53d5232a89a1ff1827102843999975dfa (patch) | |
tree | 2d7f4c35208b74995651fa6eb47031a37f928503 | |
parent | c1c124e91e7c6d5a600c98f6fb5b443c403a14f4 (diff) |
AppArmor: Enable configuring and building of the AppArmor security module
Kconfig and Makefiles to enable configuration and building of AppArmor.
Signed-off-by: John Johansen <john.johansen@canonical.com>
Signed-off-by: James Morris <jmorris@namei.org>
-rw-r--r-- | security/Kconfig | 6 | ||||
-rw-r--r-- | security/Makefile | 2 |
2 files changed, 8 insertions, 0 deletions
diff --git a/security/Kconfig b/security/Kconfig index 226b9556b25f..bd72ae623494 100644 --- a/security/Kconfig +++ b/security/Kconfig | |||
@@ -140,6 +140,7 @@ config LSM_MMAP_MIN_ADDR | |||
140 | source security/selinux/Kconfig | 140 | source security/selinux/Kconfig |
141 | source security/smack/Kconfig | 141 | source security/smack/Kconfig |
142 | source security/tomoyo/Kconfig | 142 | source security/tomoyo/Kconfig |
143 | source security/apparmor/Kconfig | ||
143 | 144 | ||
144 | source security/integrity/ima/Kconfig | 145 | source security/integrity/ima/Kconfig |
145 | 146 | ||
@@ -148,6 +149,7 @@ choice | |||
148 | default DEFAULT_SECURITY_SELINUX if SECURITY_SELINUX | 149 | default DEFAULT_SECURITY_SELINUX if SECURITY_SELINUX |
149 | default DEFAULT_SECURITY_SMACK if SECURITY_SMACK | 150 | default DEFAULT_SECURITY_SMACK if SECURITY_SMACK |
150 | default DEFAULT_SECURITY_TOMOYO if SECURITY_TOMOYO | 151 | default DEFAULT_SECURITY_TOMOYO if SECURITY_TOMOYO |
152 | default DEFAULT_SECURITY_APPARMOR if SECURITY_APPARMOR | ||
151 | default DEFAULT_SECURITY_DAC | 153 | default DEFAULT_SECURITY_DAC |
152 | 154 | ||
153 | help | 155 | help |
@@ -163,6 +165,9 @@ choice | |||
163 | config DEFAULT_SECURITY_TOMOYO | 165 | config DEFAULT_SECURITY_TOMOYO |
164 | bool "TOMOYO" if SECURITY_TOMOYO=y | 166 | bool "TOMOYO" if SECURITY_TOMOYO=y |
165 | 167 | ||
168 | config DEFAULT_SECURITY_APPARMOR | ||
169 | bool "AppArmor" if SECURITY_APPARMOR=y | ||
170 | |||
166 | config DEFAULT_SECURITY_DAC | 171 | config DEFAULT_SECURITY_DAC |
167 | bool "Unix Discretionary Access Controls" | 172 | bool "Unix Discretionary Access Controls" |
168 | 173 | ||
@@ -173,6 +178,7 @@ config DEFAULT_SECURITY | |||
173 | default "selinux" if DEFAULT_SECURITY_SELINUX | 178 | default "selinux" if DEFAULT_SECURITY_SELINUX |
174 | default "smack" if DEFAULT_SECURITY_SMACK | 179 | default "smack" if DEFAULT_SECURITY_SMACK |
175 | default "tomoyo" if DEFAULT_SECURITY_TOMOYO | 180 | default "tomoyo" if DEFAULT_SECURITY_TOMOYO |
181 | default "apparmor" if DEFAULT_SECURITY_APPARMOR | ||
176 | default "" if DEFAULT_SECURITY_DAC | 182 | default "" if DEFAULT_SECURITY_DAC |
177 | 183 | ||
178 | endmenu | 184 | endmenu |
diff --git a/security/Makefile b/security/Makefile index da20a193c8dd..8bb0fe9e1ca9 100644 --- a/security/Makefile +++ b/security/Makefile | |||
@@ -6,6 +6,7 @@ obj-$(CONFIG_KEYS) += keys/ | |||
6 | subdir-$(CONFIG_SECURITY_SELINUX) += selinux | 6 | subdir-$(CONFIG_SECURITY_SELINUX) += selinux |
7 | subdir-$(CONFIG_SECURITY_SMACK) += smack | 7 | subdir-$(CONFIG_SECURITY_SMACK) += smack |
8 | subdir-$(CONFIG_SECURITY_TOMOYO) += tomoyo | 8 | subdir-$(CONFIG_SECURITY_TOMOYO) += tomoyo |
9 | subdir-$(CONFIG_SECURITY_APPARMOR) += apparmor | ||
9 | 10 | ||
10 | # always enable default capabilities | 11 | # always enable default capabilities |
11 | obj-y += commoncap.o | 12 | obj-y += commoncap.o |
@@ -19,6 +20,7 @@ obj-$(CONFIG_SECURITY_SELINUX) += selinux/built-in.o | |||
19 | obj-$(CONFIG_SECURITY_SMACK) += smack/built-in.o | 20 | obj-$(CONFIG_SECURITY_SMACK) += smack/built-in.o |
20 | obj-$(CONFIG_AUDIT) += lsm_audit.o | 21 | obj-$(CONFIG_AUDIT) += lsm_audit.o |
21 | obj-$(CONFIG_SECURITY_TOMOYO) += tomoyo/built-in.o | 22 | obj-$(CONFIG_SECURITY_TOMOYO) += tomoyo/built-in.o |
23 | obj-$(CONFIG_SECURITY_APPARMOR) += apparmor/built-in.o | ||
22 | obj-$(CONFIG_CGROUP_DEVICE) += device_cgroup.o | 24 | obj-$(CONFIG_CGROUP_DEVICE) += device_cgroup.o |
23 | 25 | ||
24 | # Object integrity file lists | 26 | # Object integrity file lists |