2c5a82a29c
linux-pam is required to login via OpenSSH if the upstream refpolicy for SELinux is enaabled, as linux-pam handles changing user contexts. If a user wants to make their own policy and use a refpolicy via git, we of course should let them do so. As such, only select linux-pam if the upstream version of refpolicy is selected. Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
44 lines
1.0 KiB
Plaintext
44 lines
1.0 KiB
Plaintext
config BR2_PACKAGE_OPENSSH
|
|
bool "openssh"
|
|
depends on BR2_USE_MMU # fork()
|
|
select BR2_PACKAGE_LINUX_PAM if BR2_PACKAGE_REFPOLICY_UPSTREAM_VERSION
|
|
select BR2_PACKAGE_OPENSSL
|
|
select BR2_PACKAGE_ZLIB
|
|
help
|
|
A free version of the SSH protocol suite of network
|
|
connectivity tools. The standard 'ssh', 'sshd', 'scp', and
|
|
friends.
|
|
|
|
http://www.openssh.com/
|
|
|
|
if BR2_PACKAGE_OPENSSH
|
|
|
|
config BR2_PACKAGE_OPENSSH_CLIENT
|
|
bool "client"
|
|
default y
|
|
help
|
|
Client programs: ssh, scp, sftp, ssh-agent, ssh-add,
|
|
ssh-copy-id.
|
|
|
|
config BR2_PACKAGE_OPENSSH_SERVER
|
|
bool "server"
|
|
default y
|
|
help
|
|
Server programs: sshd, sftp-server
|
|
|
|
config BR2_PACKAGE_OPENSSH_KEY_UTILS
|
|
bool "key utilities"
|
|
default y
|
|
help
|
|
Key utilities: ssh-keygen, ssh-keyscan.
|
|
|
|
config BR2_PACKAGE_OPENSSH_SANDBOX
|
|
bool "use sandboxing"
|
|
default y
|
|
help
|
|
Use sandboxing for extra privilege protection of processes.
|
|
|
|
This is normally preferable, but may cause seccomp problems
|
|
for certain combinations of C libraries and kernel versions.
|
|
endif
|