There are some important changes compared to the linux 3.4.0-rc5 config:
- enabled options that are required for systemd (cgroups: CONFIG_CGROUPS, autofs: CONFIG_AUTOFS4_FS)
- enabled seemingly useless dnotify (CONFIG_DNOTIFY) without which NFS refuses to start
- enabled nftables, but iptables is still included (both as modules), so either of the two can be used
- finally disabled IPsec... I used to be swayed by the "If unsure, say Y."
- enabled dm-crypt for encrypted media
- disabled CONFIG_CRYPTO_DEV_GEODE (Support for the Geode LX AES engine) -- there are more than enough ways the NSA can compromise our systems even without this
- enabled extended FS attributes, security labels (FS capabilities) and ACLs
- enabled the shiny-new ext4 encryption option (CONFIG_EXT4_ENCRYPTION)
- disabled local file systems other than ext2/3/4, msdos, vfat, ntfs, with only ext4 being built in; the others that are enabled are built as modules
- enabled CIFS (samba)
- enabled VLAN support (CONFIG_VLAN_8021Q)
This means the following should work:
- using the kernel with systemd
- using encrypted storage (cryptsetup)
- the Alix button, LEDs and watchdog
- nftables
- setcap/getcap, setfacl/getfacl
- NFS and samba sharing/mounting
Still disabled are things like USB mice and keyboards. If you need these, you need to enable them yourself. Also, WiFi is not enabled in the sample config -- this needs to be enabled based on what WiFi card, if any, you have in your Alix.
No comments:
Post a Comment