From 94a553a52db3ab4a0f9e82016a7f7948b882a217 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sun, 13 Sep 2020 17:41:45 +0200 Subject: Kernel: T2879: remove auditing support Enabling this would do: Enable auditing infrastructure that can be used with another kernel subsystem, such as SELinux (which requires this for logging of avc messages output). System call auditing is include on architectures which support it. We have no SELinux. --- packages/linux-kernel/x86_64_vyos_defconfig | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) (limited to 'packages') diff --git a/packages/linux-kernel/x86_64_vyos_defconfig b/packages/linux-kernel/x86_64_vyos_defconfig index 7e8da66..418d215 100644 --- a/packages/linux-kernel/x86_64_vyos_defconfig +++ b/packages/linux-kernel/x86_64_vyos_defconfig @@ -42,11 +42,8 @@ CONFIG_POSIX_MQUEUE=y CONFIG_POSIX_MQUEUE_SYSCTL=y CONFIG_CROSS_MEMORY_ATTACH=y CONFIG_USELIB=y -CONFIG_AUDIT=y +# CONFIG_AUDIT is not set CONFIG_HAVE_ARCH_AUDITSYSCALL=y -CONFIG_AUDITSYSCALL=y -CONFIG_AUDIT_WATCH=y -CONFIG_AUDIT_TREE=y # # IRQ subsystem @@ -1144,7 +1141,6 @@ CONFIG_NETFILTER_XT_SET=m # # Xtables targets # -CONFIG_NETFILTER_XT_TARGET_AUDIT=m CONFIG_NETFILTER_XT_TARGET_CHECKSUM=m CONFIG_NETFILTER_XT_TARGET_CLASSIFY=m CONFIG_NETFILTER_XT_TARGET_CONNMARK=m @@ -4744,7 +4740,6 @@ CONFIG_HARDENED_USERCOPY=y # CONFIG_HARDENED_USERCOPY_PAGESPAN is not set CONFIG_FORTIFY_SOURCE=y # CONFIG_STATIC_USERMODEHELPER is not set -# CONFIG_SECURITY_SELINUX is not set # CONFIG_SECURITY_SMACK is not set # CONFIG_SECURITY_TOMOYO is not set # CONFIG_SECURITY_APPARMOR is not set @@ -4754,7 +4749,6 @@ CONFIG_INTEGRITY=y CONFIG_INTEGRITY_SIGNATURE=y CONFIG_INTEGRITY_ASYMMETRIC_KEYS=y CONFIG_INTEGRITY_TRUSTED_KEYRING=y -CONFIG_INTEGRITY_AUDIT=y # CONFIG_IMA is not set # CONFIG_EVM is not set CONFIG_DEFAULT_SECURITY_DAC=y -- cgit v1.2.3