[Apparmor-general] security= kernel cmdline
Arkadiusz Miskiewicz
arekm at maven.pl
Fri Oct 31 09:35:52 MDT 2008
On Friday 31 of October 2008, Marcus Meissner wrote:
> On Fri, Oct 31, 2008 at 02:42:47PM +0100, Arkadiusz Miskiewicz wrote:
> > Recent kernels support security= parameter for "Choose a security module
> > to enable at boot."
> >
> > Right now apparmor doesn't obey it it seems. I used "security=capability"
> > while apparmor was still activated:
> >
> > # dmesg|grep -i appar
> > [ 0.010018] AppArmor: AppArmor initialized
> > [ 1.534344] AppArmor: AppArmor Filesystem Enabled
> >
> > That was on 2.6.27.4 kernel. It would be nice to change apparmor to obey
> > security= option.
>
> There is no capability module anymore I think.
Right.
security=default should do the job (+ a patch that zbyniu at pld made and he
should post it here soon)
Also security_operations structure for apparmor misses
.name = "apparmor",
member. Please add that.
--
Arkadiusz Miśkiewicz PLD/Linux Team
arekm / maven.pl http://ftp.pld-linux.org/
More information about the Apparmor-general
mailing list