| Denis Vlasenko | d46d3c2 | 2007-02-06 19:28:50 +0000 | [diff] [blame] | 1 | # |
| 2 | # For a description of the syntax of this configuration file, |
| 3 | # see scripts/kbuild/config-language.txt. |
| 4 | # |
| 5 | |
| Bernhard Reutner-Fischer | aa2a1c0 | 2008-10-24 19:48:47 +0000 | [diff] [blame] | 6 | menu "SELinux Utilities" |
| Denis Vlasenko | d46d3c2 | 2007-02-06 19:28:50 +0000 | [diff] [blame] | 7 | depends on SELINUX |
| 8 | |
| Denys Vlasenko | d70e0e9 | 2010-06-08 12:15:11 +0200 | [diff] [blame] | 9 | INSERT |
| 10 | |
| Denis Vlasenko | 49622d7 | 2007-03-10 16:58:49 +0000 | [diff] [blame] | 11 | config CHCON |
| 12 | bool "chcon" |
| 13 | default n |
| 14 | depends on SELINUX |
| 15 | help |
| 16 | Enable support to change the security context of file. |
| 17 | |
| 18 | config FEATURE_CHCON_LONG_OPTIONS |
| 19 | bool "Enable long options" |
| 20 | default y |
| Denys Vlasenko | f3b92d3 | 2009-06-19 12:10:38 +0200 | [diff] [blame] | 21 | depends on CHCON && LONG_OPTS |
| Denis Vlasenko | 49622d7 | 2007-03-10 16:58:49 +0000 | [diff] [blame] | 22 | help |
| 23 | Support long options for the chcon applet. |
| 24 | |
| Denis Vlasenko | d46d3c2 | 2007-02-06 19:28:50 +0000 | [diff] [blame] | 25 | config GETENFORCE |
| 26 | bool "getenforce" |
| 27 | default n |
| 28 | depends on SELINUX |
| 29 | help |
| 30 | Enable support to get the current mode of SELinux. |
| 31 | |
| 32 | config GETSEBOOL |
| 33 | bool "getsebool" |
| 34 | default n |
| 35 | depends on SELINUX |
| 36 | help |
| 37 | Enable support to get SELinux boolean values. |
| 38 | |
| Denis Vlasenko | 1fc6e56 | 2007-03-24 15:37:57 +0000 | [diff] [blame] | 39 | config LOAD_POLICY |
| 40 | bool "load_policy" |
| 41 | default n |
| 42 | depends on SELINUX |
| 43 | help |
| 44 | Enable support to load SELinux policy. |
| 45 | |
| Denis Vlasenko | d46d3c2 | 2007-02-06 19:28:50 +0000 | [diff] [blame] | 46 | config MATCHPATHCON |
| 47 | bool "matchpathcon" |
| 48 | default n |
| 49 | depends on SELINUX |
| 50 | help |
| 51 | Enable support to get default security context of the |
| 52 | specified path from the file contexts configuration. |
| 53 | |
| Denis Vlasenko | 397137b | 2007-07-23 14:03:30 +0000 | [diff] [blame] | 54 | config RESTORECON |
| 55 | bool "restorecon" |
| 56 | default n |
| 57 | depends on SELINUX |
| 58 | help |
| 59 | Enable support to relabel files. The feature is almost |
| 60 | the same as setfiles, but usage is a little different. |
| 61 | |
| Denis Vlasenko | 49622d7 | 2007-03-10 16:58:49 +0000 | [diff] [blame] | 62 | config RUNCON |
| 63 | bool "runcon" |
| 64 | default n |
| 65 | depends on SELINUX |
| 66 | help |
| 67 | Enable support to run command in speficied security context. |
| 68 | |
| 69 | config FEATURE_RUNCON_LONG_OPTIONS |
| 70 | bool "Enable long options" |
| 71 | default y |
| Denys Vlasenko | f3b92d3 | 2009-06-19 12:10:38 +0200 | [diff] [blame] | 72 | depends on RUNCON && LONG_OPTS |
| Denis Vlasenko | 49622d7 | 2007-03-10 16:58:49 +0000 | [diff] [blame] | 73 | help |
| 74 | Support long options for the runcon applet. |
| 75 | |
| Denis Vlasenko | d46d3c2 | 2007-02-06 19:28:50 +0000 | [diff] [blame] | 76 | config SELINUXENABLED |
| 77 | bool "selinuxenabled" |
| 78 | default n |
| 79 | depends on SELINUX |
| 80 | help |
| 81 | Enable support for this command to be used within shell scripts |
| 82 | to determine if selinux is enabled. |
| 83 | |
| 84 | config SETENFORCE |
| 85 | bool "setenforce" |
| 86 | default n |
| 87 | depends on SELINUX |
| 88 | help |
| 89 | Enable support to modify the mode SELinux is running in. |
| 90 | |
| Denis Vlasenko | 397137b | 2007-07-23 14:03:30 +0000 | [diff] [blame] | 91 | config SETFILES |
| 92 | bool "setfiles" |
| 93 | default n |
| 94 | depends on SELINUX |
| 95 | help |
| 96 | Enable support to modify to relabel files. |
| 97 | Notice: If you built libselinux with -D_FILE_OFFSET_BITS=64, |
| 98 | (It is default in libselinux's Makefile), you _must_ enable |
| 99 | CONFIG_LFS. |
| 100 | |
| 101 | config FEATURE_SETFILES_CHECK_OPTION |
| 102 | bool "Enable check option" |
| 103 | default n |
| 104 | depends on SETFILES |
| 105 | help |
| 106 | Support "-c" option (check the validity of the contexts against |
| 107 | the specified binary policy) for setfiles. Requires libsepol. |
| 108 | |
| Denis Vlasenko | be03937 | 2007-10-14 04:48:44 +0000 | [diff] [blame] | 109 | config SETSEBOOL |
| 110 | bool "setsebool" |
| 111 | default n |
| 112 | depends on SELINUX |
| 113 | help |
| Denis Vlasenko | 3f5fdc7 | 2007-10-14 04:55:59 +0000 | [diff] [blame] | 114 | Enable support for change boolean. |
| Denis Vlasenko | be03937 | 2007-10-14 04:48:44 +0000 | [diff] [blame] | 115 | semanage and -P option is not supported yet. |
| 116 | |
| Denis Vlasenko | 705eaf8 | 2007-11-22 01:10:41 +0000 | [diff] [blame] | 117 | config SESTATUS |
| 118 | bool "sestatus" |
| 119 | default n |
| 120 | depends on SELINUX |
| 121 | help |
| 122 | Displays the status of SELinux. |
| 123 | |
| Denis Vlasenko | d46d3c2 | 2007-02-06 19:28:50 +0000 | [diff] [blame] | 124 | endmenu |