From 10505f2f9b145c67a7ecfe38d2b0d332f661e0b4 Mon Sep 17 00:00:00 2001 From: Jan Alexander Steffens Date: Tue, 7 May 2019 20:04:22 +0000 Subject: [PATCH] Disable integrity, enable safesetid, only load yama by default --- PKGBUILD | 2 +- config | 10 +++------- 2 files changed, 4 insertions(+), 8 deletions(-) diff --git a/PKGBUILD b/PKGBUILD index 93255d2..d004616 100644 --- a/PKGBUILD +++ b/PKGBUILD @@ -26,7 +26,7 @@ validpgpkeys=( '8218F88849AAC522E94CF470A5E9288C4FA415FA' # Jan Alexander Steffens (heftig) ) sha256sums=('SKIP' - 'd1ad8403bfc9681bddf42300b1b51d8975506b91e791e341f839797513208eff' + '02390efe7637927502bc834daf3f413ea5e2cb084bca125372e70dc9438e824c' 'ae2e95db94ef7176207c690224169594d49445e04249d2499e9d2fbc117a0b21' 'c043f3033bb781e2688794a59f6d1f7ed49ef9b13eb77ff9a425df33a244a636' 'ad6344badc91ad0630caacde83f7f9b97276f80d26a20619a87952be65492c65') diff --git a/config b/config index 98ec66b..f9f36d1 100644 --- a/config +++ b/config @@ -9330,18 +9330,14 @@ CONFIG_SECURITY_APPARMOR_HASH_DEFAULT=y # CONFIG_SECURITY_APPARMOR_DEBUG is not set # CONFIG_SECURITY_LOADPIN is not set CONFIG_SECURITY_YAMA=y -# CONFIG_SECURITY_SAFESETID is not set -CONFIG_INTEGRITY=y -# CONFIG_INTEGRITY_SIGNATURE is not set -CONFIG_INTEGRITY_AUDIT=y -# CONFIG_IMA is not set -# CONFIG_EVM is not set +CONFIG_SECURITY_SAFESETID=y +# CONFIG_INTEGRITY is not set # CONFIG_DEFAULT_SECURITY_SELINUX is not set # CONFIG_DEFAULT_SECURITY_SMACK is not set # CONFIG_DEFAULT_SECURITY_TOMOYO is not set # CONFIG_DEFAULT_SECURITY_APPARMOR is not set CONFIG_DEFAULT_SECURITY_DAC=y -CONFIG_LSM="yama,loadpin,safesetid,integrity" +CONFIG_LSM="yama" CONFIG_XOR_BLOCKS=m CONFIG_ASYNC_CORE=m CONFIG_ASYNC_MEMCPY=m