diff options
| author |   Sven Vermeulen <sven.vermeulen@siphos.be> | 2012-04-21 20:07:46 +0200 |
|---|---|---|
| committer | Sven Vermeulen <sven.vermeulen@siphos.be> | 2012-04-21 20:07:46 +0200 |
| commit | 3962a6834f4e7ef04441de4f3134ff329d8602f9 (patch) | |
| tree | cae07463edd5b609a97513e00d63e1bd410cc8bb /build.conf | |
| parent | Initial commit (diff) | |
| download | hardened-refpolicy-3962a6834f4e7ef04441de4f3134ff329d8602f9.tar.gz hardened-refpolicy-3962a6834f4e7ef04441de4f3134ff329d8602f9.tar.bz2 hardened-refpolicy-3962a6834f4e7ef04441de4f3134ff329d8602f9.zip | |
Pushing 2.20120215 (current version)
Diffstat (limited to 'build.conf')
| -rw-r--r-- | build.conf | 77 |
1 files changed, 77 insertions, 0 deletions
diff --git a/build.conf b/build.conf new file mode 100644 index 00000000..5a521c46 --- /dev/null +++ b/build.conf @@ -0,0 +1,77 @@ +######################################## +# +# Policy build options +# + +# Policy version +# By default, checkpolicy will create the highest +# version policy it supports. Setting this will +# override the version. This only has an +# effect for monolithic policies. +#OUTPUT_POLICY = 18 + +# Policy Type +# standard, mls, mcs +TYPE = standard + +# Policy Name +# If set, this will be used as the policy +# name. Otherwise the policy type will be +# used for the name. +NAME = refpolicy + +# Distribution +# Some distributions have portions of policy +# for programs or configurations specific to the +# distribution. Setting this will enable options +# for the distribution. +# redhat, gentoo, debian, suse, and rhel4 are current options. +# Fedora users should enable redhat. +#DISTRO = redhat + +# Unknown Permissions Handling +# The behavior for handling permissions defined in the +# kernel but missing from the policy. The permissions +# can either be allowed, denied, or the policy loading +# can be rejected. +# allow, deny, and reject are current options. +#UNK_PERMS = deny + +# Direct admin init +# Setting this will allow sysadm to directly +# run init scripts, instead of requring run_init. +# This is a build option, as role transitions do +# not work in conditional policy. +DIRECT_INITRC = n + +# Build monolithic policy. Putting y here +# will build a monolithic policy. +MONOLITHIC = n + +# User-based access control (UBAC) +# Enable UBAC for role separations. +UBAC = y + +# Custom build options. This field enables custom +# build options. Putting foo here will enable +# build option blocks named foo. Options should be +# separated by spaces. +CUSTOM_BUILDOPT = + +# Number of MLS Sensitivities +# The sensitivities will be s0 to s(MLS_SENS-1). +# Dominance will be in increasing numerical order +# with s0 being lowest. +MLS_SENS = 16 + +# Number of MLS Categories +# The categories will be c0 to c(MLS_CATS-1). +MLS_CATS = 1024 + +# Number of MCS Categories +# The categories will be c0 to c(MLS_CATS-1). +MCS_CATS = 1024 + +# Set this to y to only display status messages +# during build. +QUIET = n |