Smack: add audit when smack is active
authorJosé Bollo <jose.bollo@iot.bzh>
Thu, 3 Nov 2016 10:30:25 +0000 (11:30 +0100)
committerStephane Desneux <stephane.desneux@iot.bzh>
Mon, 27 Mar 2017 13:33:39 +0000 (15:33 +0200)
It is important for developement process and for monitoring
hacking to track violations and to monitor wrong uses or problems.
By activating audit with Smack we ensure that detection and reporting
of hazardous or malicious violations will be possible.

Change-Id: I7808ff17b5b8ba1fb09742fd273f46f06917d26b
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
meta-app-framework/recipes-kernel/linux/linux-%.bbappend [new file with mode: 0644]
meta-app-framework/recipes-kernel/linux/linux/audit.cfg [new file with mode: 0644]

diff --git a/meta-app-framework/recipes-kernel/linux/linux-%.bbappend b/meta-app-framework/recipes-kernel/linux/linux-%.bbappend
new file mode 100644 (file)
index 0000000..02595ef
--- /dev/null
@@ -0,0 +1,3 @@
+FILESEXTRAPATHS_prepend := "${THISDIR}/linux:"
+SRC_URI_append_smack = " file://audit.cfg"
+
diff --git a/meta-app-framework/recipes-kernel/linux/linux/audit.cfg b/meta-app-framework/recipes-kernel/linux/linux/audit.cfg
new file mode 100644 (file)
index 0000000..214dbe3
--- /dev/null
@@ -0,0 +1,2 @@
+CONFIG_AUDIT=y
+CONFIG_AUDITSYSCALL=y