your distribution will provide these and enable the new controls
in the kernel they also distribute.
- Note that this option can be overriden at boot with the
+ Note that this option can be overridden at boot with the
selinux_compat_net parameter, and after boot via
/selinux/compat_net. See Documentation/kernel-parameters.txt
for details on this parameter.
well as any conntrack helpers for protocols which you
wish to control.
- If you are unsure what do do here, select N.
+ If you are unsure what to do here, select N.
config SECURITY_SELINUX_POLICYDB_VERSION_MAX
bool "NSA SELinux maximum supported policy format version"
It can be adjusted downward to support legacy userland (init) that
does not correctly handle kernels that support newer policy versions.
- Examples: For FC3 or FC4, enable this option and set the value via
- the next option. For FC5 and later, do not enable this option.
+ Examples:
+ For the Fedora Core 3 or 4 Linux distributions, enable this option
+ and set the value via the next option. For Fedore Core 5 and later,
+ do not enable this option.
If you are unsure how to answer this question, answer N.
This option sets the value for the maximum policy format version
supported by SELinux.
- Examples: For FC3, use 18. For FC4, use 19.
+ Examples:
+ For Fedora Core 3, use 18.
+ For Fedora Core 4, use 19.
If you are unsure how to answer this question, look for the
policy format version supported by your policy toolchain, by