########################################

#

# Policy build options

#

# Policy version

# By default, checkpolicy will create the highest

# version policy it supports.  Setting this will

# override the version.  This only has an

# effect for monolithic policies.

#OUTPUT_POLICY = 18

# Policy Type

# standard, mls, mcs

TYPE = standard

# Policy Name

# If set, this will be used as the policy

# name.  Otherwise the policy type will be

# used for the name.

NAME = refpolicy

# Distribution

# Some distributions have portions of policy

# for programs or configurations specific to the

# distribution.  Setting this will enable options

# for the distribution.

# redhat, gentoo, debian, suse, and rhel4 are current options.

# Fedora users should enable redhat.

#DISTRO = redhat

# Unknown Permissions Handling

# The behavior for handling permissions defined in the

# kernel but missing from the policy.  The permissions

# can either be allowed, denied, or the policy loading

# can be rejected.

# allow, deny, and reject are current options.

#UNK_PERMS = deny

# Direct admin init

# Setting this will allow sysadm to directly

# run init scripts, instead of requring run_init.

# This is a build option, as role transitions do

# not work in conditional policy.

DIRECT_INITRC = n

# Build monolithic policy.  Putting n here

# will build a loadable module policy.

MONOLITHIC = y

# User-based access control (UBAC)

# Enable UBAC for role separations.

UBAC = y

# Number of MLS Sensitivities

# The sensitivities will be s0 to s(MLS_SENS-1).

# Dominance will be in increasing numerical order

# with s0 being lowest.

MLS_SENS = 16

# Number of MLS Categories

# The categories will be c0 to c(MLS_CATS-1).

MLS_CATS = 256

# Number of MCS Categories

# The categories will be c0 to c(MLS_CATS-1).

MCS_CATS = 256

# Set this to y to only display status messages

# during build.

QUIET = n