Quoting Serge E. Hallyn ([email protected]):
> Ok, the following patch restores the CONFIG_FS_CAPS=n signaling
> behavior, but I'm having a config problem. When
> CONFIG_SECURITY_CAPABILITIES=n, and I toggle
> CONFIG_SECURITY_FS_CAPABILITIES between y and n, security/commoncap.o
> does not recompile. However since capabilities are now the default
> security module, commoncap.o is in fact included in the kernel build,
> and therefore should be recompiled.
>
> Looking into why, but maybe someone knows offhand what would be going
> wrong?
Uh, never mind. It does the right thing. CONFIG_SECURITY=n means we
use capabilities, but CONFIG_SECURITY=y and CONFIG_SECURITY_CAPABILITIES=n
means we use dummy. The following patch fixes the Kconfig accordingly.
From: Serge E. Hallyn <[email protected]>
Subject: [PATCH 1/1] file caps: don't show FILE_CAPABILITIES option when not relevant
FILE_CAPABILITIES are relevant when CONFIG_SECURITY=n, but not when
CONFIG_SECURITY=y && CONFIG_SECURITY_CAPABILITIES=n. So make
CONFIG_SECURITY_FS_CAPABILITIES depend on the right conditions.
Signed-off-by: Serge E. Hallyn <[email protected]>
---
security/Kconfig | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/security/Kconfig b/security/Kconfig
index 6c9d69e..1b47f01 100644
--- a/security/Kconfig
+++ b/security/Kconfig
@@ -82,6 +82,7 @@ config SECURITY_CAPABILITIES
config SECURITY_FS_CAPABILITIES
bool "File POSIX Capabilities"
+ depends on SECURITY=n || SECURITY_CAPABILITIES=y
default n
help
This enables filesystem capabilities, allowing you to give
--
1.4.1
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
