Commit 99f6d61b authored by Stephen Smalley's avatar Stephen Smalley Committed by Linus Torvalds

[PATCH] selinux: require AUDIT

Make SELinux depend on AUDIT as it requires the basic audit support to log
permission denials at all.  Note that AUDITSYSCALL remains optional for
SELinux, although it can be useful in providing further information upon
denials.
Signed-off-by: default avatarStephen Smalley <sds@tycho.nsa.gov>
Acked-by: default avatarJames Morris <jmorris@namei.org>
Signed-off-by: default avatarAndrew Morton <akpm@osdl.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@osdl.org>
parent 46cd2f32
......@@ -169,7 +169,6 @@ config SYSCTL
config AUDIT
bool "Auditing support"
depends on NET
default y if SECURITY_SELINUX
help
Enable auditing infrastructure that can be used with another
kernel subsystem, such as SELinux (which requires this for
......
config SECURITY_SELINUX
bool "NSA SELinux Support"
depends on SECURITY_NETWORK && NET && INET
depends on SECURITY_NETWORK && AUDIT && NET && INET
default n
help
This selects NSA Security-Enhanced Linux (SELinux).
......
......@@ -43,13 +43,11 @@ static const struct av_perm_to_string
#undef S_
};
#ifdef CONFIG_AUDIT
static const char *class_to_string[] = {
#define S_(s) s,
#include "class_to_string.h"
#undef S_
};
#endif
#define TB_(s) static const char * s [] = {
#define TE_(s) };
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment