mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2026-05-04 11:51:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

sys-kernel/coreos-modules: Enable lockdown when booted with secure boot

Browse Source 
This is a requirement of the shim signing process.

Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
This commit is contained in:
Jeremi Piotrowski 2024-09-04 17:18:13 +02:00
parent 8393a4cf4b
commit 580c181df8
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/files/commonconfig-6.6 vendored
View File

@ -422,6 +422,7 @@ CONFIG_LEDS_CLASS=y
CONFIG_LIBFC=m
CONFIG_LIBFCOE=m
# CONFIG_LOCALVERSION_AUTO is not set
CONFIG_LOCK_DOWN_IN_EFI_SECURE_BOOT=y
CONFIG_LOG_BUF_SHIFT=18
CONFIG_LOOPBACK_TARGET=m
CONFIG_LSM="landlock,lockdown,yama,loadpin,safesetid,integrity,selinux,smack,tomoyo,apparmor"