|
Chris PeBenito |
8e0ef1f |
########################################
|
|
Chris PeBenito |
8e0ef1f |
#
|
|
Chris PeBenito |
8e0ef1f |
# Policy build options
|
|
Chris PeBenito |
8e0ef1f |
#
|
|
Chris PeBenito |
8e0ef1f |
|
|
Chris PeBenito |
8e0ef1f |
# Policy version
|
|
Chris PeBenito |
8e0ef1f |
# By default, checkpolicy will create the highest
|
|
Chris PeBenito |
8e0ef1f |
# version policy it supports. Setting this will
|
|
Chris PeBenito |
8e0ef1f |
# override the version. This only has an
|
|
Chris PeBenito |
8e0ef1f |
# effect for monolithic policies.
|
|
Chris PeBenito |
8e0ef1f |
#OUTPUT_POLICY = 18
|
|
Chris PeBenito |
8e0ef1f |
|
|
Chris PeBenito |
8e0ef1f |
# Policy Type
|
|
Chris PeBenito |
350b6ab |
# standard, mls, mcs
|
|
Chris PeBenito |
350b6ab |
TYPE = standard
|
|
Chris PeBenito |
8e0ef1f |
|
|
Chris PeBenito |
8e0ef1f |
# Policy Name
|
|
Chris PeBenito |
8e0ef1f |
# If set, this will be used as the policy
|
|
Chris PeBenito |
8e0ef1f |
# name. Otherwise the policy type will be
|
|
Chris PeBenito |
8e0ef1f |
# used for the name.
|
|
Chris PeBenito |
8e0ef1f |
NAME = refpolicy
|
|
Chris PeBenito |
8e0ef1f |
|
|
Chris PeBenito |
8e0ef1f |
# Distribution
|
|
Chris PeBenito |
8e0ef1f |
# Some distributions have portions of policy
|
|
Chris PeBenito |
8e0ef1f |
# for programs or configurations specific to the
|
|
Chris PeBenito |
8e0ef1f |
# distribution. Setting this will enable options
|
|
Chris PeBenito |
8e0ef1f |
# for the distribution.
|
|
Chris PeBenito |
2f1a8fb |
# redhat, gentoo, debian, suse, and rhel4 are current options.
|
|
Chris PeBenito |
8e0ef1f |
# Fedora users should enable redhat.
|
|
Chris PeBenito |
cb1d1e9 |
#DISTRO = redhat
|
|
Chris PeBenito |
8e0ef1f |
|
|
Chris PeBenito |
8acfcbc |
# Unknown Permissions Handling
|
|
Chris PeBenito |
8acfcbc |
# The behavior for handling permissions defined in the
|
|
Chris PeBenito |
8acfcbc |
# kernel but missing from the policy. The permissions
|
|
Chris PeBenito |
8acfcbc |
# can either be allowed, denied, or the policy loading
|
|
Chris PeBenito |
8acfcbc |
# can be rejected.
|
|
Chris PeBenito |
8acfcbc |
# allow, deny, and reject are current options.
|
|
Chris PeBenito |
8acfcbc |
#UNK_PERMS = deny
|
|
Chris PeBenito |
8acfcbc |
|
|
Chris PeBenito |
8e0ef1f |
# Direct admin init
|
|
Chris PeBenito |
8e0ef1f |
# Setting this will allow sysadm to directly
|
|
Chris PeBenito |
8e0ef1f |
# run init scripts, instead of requring run_init.
|
|
Chris PeBenito |
8e0ef1f |
# This is a build option, as role transitions do
|
|
Chris PeBenito |
8e0ef1f |
# not work in conditional policy.
|
|
Chris PeBenito |
6a37eba |
DIRECT_INITRC = n
|
|
Chris PeBenito |
8e0ef1f |
|
|
Chris PeBenito |
8e0ef1f |
# Build monolithic policy. Putting n here
|
|
Chris PeBenito |
8e0ef1f |
# will build a loadable module policy.
|
|
Chris PeBenito |
6a37eba |
MONOLITHIC = y
|
|
Chris PeBenito |
8e0ef1f |
|
|
Chris PeBenito |
296273a |
# User-based access control (UBAC)
|
|
Chris PeBenito |
296273a |
# Enable UBAC for role separations.
|
|
Chris PeBenito |
296273a |
UBAC = y
|
|
Chris PeBenito |
296273a |
|
|
Chris PeBenito |
e070dd2 |
# Number of MLS Sensitivities
|
|
Chris PeBenito |
e070dd2 |
# The sensitivities will be s0 to s(MLS_SENS-1).
|
|
Chris PeBenito |
e070dd2 |
# Dominance will be in increasing numerical order
|
|
Chris PeBenito |
e070dd2 |
# with s0 being lowest.
|
|
Chris PeBenito |
6a37eba |
MLS_SENS = 16
|
|
Chris PeBenito |
e070dd2 |
|
|
Chris PeBenito |
e070dd2 |
# Number of MLS Categories
|
|
Chris PeBenito |
e070dd2 |
# The categories will be c0 to c(MLS_CATS-1).
|
|
Chris PeBenito |
6a37eba |
MLS_CATS = 256
|
|
Chris PeBenito |
e070dd2 |
|
|
Chris PeBenito |
e070dd2 |
# Number of MCS Categories
|
|
Chris PeBenito |
e070dd2 |
# The categories will be c0 to c(MLS_CATS-1).
|
|
Chris PeBenito |
6a37eba |
MCS_CATS = 256
|
|
Chris PeBenito |
e070dd2 |
|
|
Chris PeBenito |
9b3756b |
# Set this to y to only display status messages
|
|
Chris PeBenito |
9b3756b |
# during build.
|
|
Chris PeBenito |
6a37eba |
QUIET = n
|