From 08f51b53be06671f4bd6f57467182fd2b081b2c4 Mon Sep 17 00:00:00 2001 From: Rob Landley Date: Wed, 15 Apr 2015 20:53:00 -0500 Subject: Put SELINUX in a a menu, and add config option for SMACK. --- Config.in | 30 +++++++++++++++++++++++++----- lib/portability.h | 4 ++++ 2 files changed, 29 insertions(+), 5 deletions(-) diff --git a/Config.in b/Config.in index 0d7cb0e1..9d3a73b3 100644 --- a/Config.in +++ b/Config.in @@ -35,12 +35,32 @@ config TOYBOX_SUID chown root:root toybox; chmod +s toybox +choice + prompt "Security Blanket" + default TOYBOX_LSM_NONE + help + Select a Linux Security Module to complicate your system + until you can't find holes in it. + +config TOYBOX_LSM_NONE + bool "None" + help + Don't try to achieve "watertight" by plugging the holes in a + collander, instead use conventional unix security (and possibly + Linux Containers) for a simple straightforward system. + config TOYBOX_SELINUX - bool "SELinux support" - default n - help - Include SELinux options in commands such as ls, and add - SELinux-specific commands such as chcon to the Android menu. + bool "SELinux support" + help + Include SELinux options in commands such as ls, and add + SELinux-specific commands such as chcon to the Android menu. + +config TOYBOX_SMACK + bool "SMACK support" + help + Include SMACK options in commands like ls for systems like Tizen. + +endchoice config TOYBOX_FLOAT bool "Floating point support" diff --git a/lib/portability.h b/lib/portability.h index a10213e5..f23d4f6e 100644 --- a/lib/portability.h +++ b/lib/portability.h @@ -246,3 +246,7 @@ pid_t xfork(void); #define is_selinux_enabled() 0 int getcon(void* con); #endif + +#if CFG_TOYBOX_SMACK +#include +#endif -- cgit v1.2.3