New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

dashboard/config: enable stacked security modules #973

Closed

dvyukov opened this issue Feb 1, 2019 · 1 comment

Labels

Collaborator

dvyukov commented Feb 1, 2019

See aa53be2 for details. Once stacked security modules reach upstream (presumably 5.1-rc1), we will need to use lsm= instead of security=.

The text was updated successfully, but these errors were encountered:

dvyukov added the os:linux label

dvyukov added a commit that referenced this issue


          dashboard/config: add lsm= cmdline arg for stacked modules

ffec3d1

It won't take effect right now as security= has precedence over lsm=.
But it won't harm too and later we will only need to remove security=.
Also it will work with this custom patch for syzbot:
https://groups.google.com/d/msg/syzkaller/BSgVCTSShRQ/E6lFuiDpFwAJ

Update #973

Collaborator Author

dvyukov commented Jun 3, 2019

This is done now. E.g. we use lsm=yama,safesetid,integrity,selinux,tomoyo cmd line for selinux.

dvyukov closed this as completed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment