72 lines
1.8 KiB
Plaintext
72 lines
1.8 KiB
Plaintext
########################################
|
|
#
|
|
# Policy build options
|
|
#
|
|
|
|
# Policy version
|
|
# By default, checkpolicy will create the highest
|
|
# version policy it supports. Setting this will
|
|
# override the version. This only has an
|
|
# effect for monolithic policies.
|
|
#OUTPUT_POLICY = 18
|
|
|
|
# Policy Type
|
|
# standard, mls, mcs
|
|
TYPE = standard
|
|
|
|
# Policy Name
|
|
# If set, this will be used as the policy
|
|
# name. Otherwise the policy type will be
|
|
# used for the name.
|
|
NAME = refpolicy
|
|
|
|
# Distribution
|
|
# Some distributions have portions of policy
|
|
# for programs or configurations specific to the
|
|
# distribution. Setting this will enable options
|
|
# for the distribution.
|
|
# redhat, gentoo, debian, suse, and rhel4 are current options.
|
|
# Fedora users should enable redhat.
|
|
#DISTRO = redhat
|
|
|
|
# Unknown Permissions Handling
|
|
# The behavior for handling permissions defined in the
|
|
# kernel but missing from the policy. The permissions
|
|
# can either be allowed, denied, or the policy loading
|
|
# can be rejected.
|
|
# allow, deny, and reject are current options.
|
|
#UNK_PERMS = deny
|
|
|
|
# Direct admin init
|
|
# Setting this will allow sysadm to directly
|
|
# run init scripts, instead of requring run_init.
|
|
# This is a build option, as role transitions do
|
|
# not work in conditional policy.
|
|
DIRECT_INITRC = n
|
|
|
|
# Build monolithic policy. Putting n here
|
|
# will build a loadable module policy.
|
|
MONOLITHIC = y
|
|
|
|
# User-based access control (UBAC)
|
|
# Enable UBAC for role separations.
|
|
UBAC = y
|
|
|
|
# Number of MLS Sensitivities
|
|
# The sensitivities will be s0 to s(MLS_SENS-1).
|
|
# Dominance will be in increasing numerical order
|
|
# with s0 being lowest.
|
|
MLS_SENS = 16
|
|
|
|
# Number of MLS Categories
|
|
# The categories will be c0 to c(MLS_CATS-1).
|
|
MLS_CATS = 1024
|
|
|
|
# Number of MCS Categories
|
|
# The categories will be c0 to c(MLS_CATS-1).
|
|
MCS_CATS = 1024
|
|
|
|
# Set this to y to only display status messages
|
|
# during build.
|
|
QUIET = n
|