config SECURITY_APPARMOR
	bool "AppArmor support"
	depends on SECURITY && SECURITY_NETWORK && NET && INET
	select AUDIT
	select SECURITY_PATH
	select SECURITYFS
	default n
	help
	  This enables the AppArmor security module.
	  Required userspace tools (if they are not included in your
	  distribution) and further information may be found at
	  <http://forge.novell.com/modules/xfmod/project/?apparmor>

	  If you are unsure how to answer this question, answer N.

config SECURITY_APPARMOR_NETWORK
       bool "AppArmor network support"
       depends on SECURITY_APPARMOR
       default n
       help
	 This enables AppArmor to mediate applications network use.
	 This will enable the SECURITY_NETWORK hooks.

config SECURITY_APPARMOR_BOOTPARAM_VALUE
	int "AppArmor boot parameter default value"
	depends on SECURITY_APPARMOR
	range 0 1
	default 1
	help
	  This option sets the default value for the kernel parameter
	  'apparmor', which allows AppArmor to be enabled or disabled
          at boot.  If this option is set to 0 (zero), the AppArmor
	  kernel parameter will default to 0, disabling AppArmor at
	  bootup.  If this option is set to 1 (one), the AppArmor
	  kernel parameter will default to 1, enabling AppArmor at
	  bootup.

	  If you are unsure how to answer this question, answer 1.

config SECURITY_APPARMOR_DISABLE
	bool "AppArmor runtime disable"
	depends on SECURITY_APPARMOR
	default n
	help
	  This option enables writing to a apparmorfs node 'disable', which
	  allows AppArmor to be disabled at runtime prior to the policy load.
	  AppArmor will then remain disabled until the next boot.
	  This option is similar to the apparmor.enabled=0 boot parameter,
	  but is to support runtime disabling of AppArmor, e.g. from
	  /sbin/init, for portability across platforms where boot
	  parameters are difficult to employ.

	  If you are unsure how to answer this question, answer N.
