On Wed, 10 Oct 2007 08:40:31 PDT, Randy Dunlap said: > >>> config SECURITY_SELINUX > >>> bool "NSA SELinux Support" > >>> - depends on SECURITY_NETWORK && AUDIT && NET && INET > >>> + depends on SECURITY > >>> + select SECURITY_NETWORK > >>> + select AUDIT > >>> + select NET > >>> + select INET > >>> select NETWORK_SECMARK > AUDIT isn't quite library code, still I don't have a (big) problem with > selecting it or NETWORK_SECMARK. (other than select is evil :) > > OTOH, NET and INET are large config options, not library-like code, and > should not be selected. If it does a 'select SECURITY_NETWORK' but NET=n, does the resulting kernel actually build? The problem seems to be that select isn't transitive - if you select something, it won't automagically select that something's pre-reqs (modulo the recent patches I've seen posted, have those been mainlined?).
Attachment:
pgpDi1G6KStnx.pgp
Description: PGP signature
- Follow-Ups:
- References:
- [PATCH 0/6] SELinux patches for 2.6.24
- From: James Morris <[email protected]>
- [PATCH 1/6] SELinux: change Kconfig to use select instead of depends
- From: James Morris <[email protected]>
- Re: [PATCH 1/6] SELinux: change Kconfig to use select instead of depends
- From: Randy Dunlap <[email protected]>
- Re: [PATCH 1/6] SELinux: change Kconfig to use select instead of depends
- From: Stephen Smalley <[email protected]>
- Re: [PATCH 1/6] SELinux: change Kconfig to use select instead of depends
- From: Randy Dunlap <[email protected]>
- [PATCH 0/6] SELinux patches for 2.6.24
- Prev by Date: Re: parisc arch makefile clean-up needed [Was: cleaning up "make headers_install" for various architectures]
- Next by Date: Re: parisc arch makefile clean-up needed [Was: cleaning up "make headers_install" for various architectures]
- Previous by thread: Re: [PATCH 1/6] SELinux: change Kconfig to use select instead of depends
- Next by thread: Re: [PATCH 1/6] SELinux: change Kconfig to use select instead of depends
- Index(es):
 |