Manoj Srivastava:

- Added SELinux capability, and turned it on be default. Added restorecon calls in preinst and postinst (should not matter if the machine is not SELinux aware). By and large, the changes made should have no effect unless the rules file calls --with-selinux; and even then there should be no performance hit for machines not actively running SELinux. - Modified the preinst and postinst to call restorecon to set the security context for the generated public key files. - Added a comment to /etc/pam.d/ssh to indicate that an SELinux system may want to also include pam_selinux.so.
author: Colin Watson <cjwatson@debian.org> 2005-06-17 12:44:30 +0000
committer: Colin Watson <cjwatson@debian.org> 2005-06-17 12:44:30 +0000
commit: 4c2d1c67cea075107aadaa6d81fe456687c69e67 (patch)
tree: 4f31813c8306491c908948bd75254912385ed651 /configure.ac
parent: bed4bb0fe9380912ecb90e5f918bce8825ec0a38 (diff)
1 files changed, 13 insertions, 0 deletions
diff --git a/configure.ac b/configure.ac
index 20c8f1587..b938228c5 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2407,6 +2407,18 @@ int main()
                        [#include <arpa/nameser.h>])
        ])
+# Check whether user wants SELinux support
+SELINUX_MSG="no"
+AC_ARG_WITH(selinux,
+        [  --with-selinux          Enable SELinux support],
+        [ if test "x$withval" != "xno" ; then
+                AC_DEFINE(WITH_SELINUX, 1, [Define if you want SELinux support.])
+                SELINUX_MSG="yes"
+                AC_CHECK_HEADERS(selinux/selinux.h)
+                LIBS="$LIBS -lselinux"
+        fi
+        ])
 # Check whether user wants Kerberos 5 support
 KRB5_MSG="no"
 AC_ARG_WITH(kerberos5,
@@ -3188,6 +3200,7 @@ fi
 echo "                    Manpage format: $MANTYPE"
 echo "                       PAM support: $PAM_MSG"
 echo "                 KerberosV support: $KRB5_MSG"
+echo "                   SELinux support: $SELINUX_MSG"
 echo "                 Smartcard support: $SCARD_MSG"
 echo "                     S/KEY support: $SKEY_MSG"
 echo "              TCP Wrappers support: $TCPW_MSG"
author	Colin Watson <cjwatson@debian.org>	2005-06-17 12:44:30 +0000
committer	Colin Watson <cjwatson@debian.org>	2005-06-17 12:44:30 +0000
commit	4c2d1c67cea075107aadaa6d81fe456687c69e67 (patch)
tree	4f31813c8306491c908948bd75254912385ed651 /configure.ac
parent	bed4bb0fe9380912ecb90e5f918bce8825ec0a38 (diff)

diff --git a/configure.ac b/configure.ac index 20c8f1587..b938228c5 100644 --- a/configure.ac +++ b/configure.ac
@@ -2407,6 +2407,18 @@ int main()
2407	[#include <arpa/nameser.h>])	2407	[#include <arpa/nameser.h>])
2408	])	2408	])
2409		2409
		2410	# Check whether user wants SELinux support
		2411	SELINUX_MSG="no"
		2412	AC_ARG_WITH(selinux,
		2413	[ --with-selinux Enable SELinux support],
		2414	[ if test "x$withval" != "xno" ; then
		2415	AC_DEFINE(WITH_SELINUX, 1, [Define if you want SELinux support.])
		2416	SELINUX_MSG="yes"
		2417	AC_CHECK_HEADERS(selinux/selinux.h)
		2418	LIBS="$LIBS -lselinux"
		2419	fi
		2420	])
		2421
2410	# Check whether user wants Kerberos 5 support	2422	# Check whether user wants Kerberos 5 support
2411	KRB5_MSG="no"	2423	KRB5_MSG="no"
2412	AC_ARG_WITH(kerberos5,	2424	AC_ARG_WITH(kerberos5,
@@ -3188,6 +3200,7 @@ fi
3188	echo " Manpage format: $MANTYPE"	3200	echo " Manpage format: $MANTYPE"
3189	echo " PAM support: $PAM_MSG"	3201	echo " PAM support: $PAM_MSG"
3190	echo " KerberosV support: $KRB5_MSG"	3202	echo " KerberosV support: $KRB5_MSG"
		3203	echo " SELinux support: $SELINUX_MSG"
3191	echo " Smartcard support: $SCARD_MSG"	3204	echo " Smartcard support: $SCARD_MSG"
3192	echo " S/KEY support: $SKEY_MSG"	3205	echo " S/KEY support: $SKEY_MSG"
3193	echo " TCP Wrappers support: $TCPW_MSG"	3206	echo " TCP Wrappers support: $TCPW_MSG"