summaryrefslogtreecommitdiffstats
path: root/security/apparmor/Kconfig
blob: 232469baa94f2f17e686f2cf702a56424eda8176 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
config SECURITY_APPARMOR
	bool "AppArmor support"
	depends on SECURITY && NET
	select AUDIT
	select SECURITY_PATH
	select SECURITYFS
	select SECURITY_NETWORK
	default n
	help
	  This enables the AppArmor security module.
	  Required userspace tools (if they are not included in your
	  distribution) and further information may be found at
	  http://apparmor.wiki.kernel.org

	  If you are unsure how to answer this question, answer N.

config SECURITY_APPARMOR_BOOTPARAM_VALUE
	int "AppArmor boot parameter default value"
	depends on SECURITY_APPARMOR
	range 0 1
	default 1
	help
	  This option sets the default value for the kernel parameter
	  'apparmor', which allows AppArmor to be enabled or disabled
          at boot.  If this option is set to 0 (zero), the AppArmor
	  kernel parameter will default to 0, disabling AppArmor at
	  boot.  If this option is set to 1 (one), the AppArmor
	  kernel parameter will default to 1, enabling AppArmor at
	  boot.

	  If you are unsure how to answer this question, answer 1.

config SECURITY_APPARMOR_HASH
	bool "SHA1 hash of loaded profiles"
	depends on SECURITY_APPARMOR
	select CRYPTO
	select CRYPTO_SHA1
	default y

	help
	  This option selects whether sha1 hashing is done against loaded
          profiles and exported for inspection to user space via the apparmor
          filesystem.