[LTP] [PATCH v2 6/8] IMA: Add example policy for ima_violations.sh
Mimi Zohar
zohar@linux.ibm.com
Tue Dec 31 04:43:38 CET 2024
Hi Petr,
On Fri, 2024-12-13 at 23:20 +0100, Petr Vorel wrote:
> Suggested-by: Mimi Zohar <zohar@linux.ibm.com>
> Signed-off-by: Petr Vorel <pvorel@suse.cz>
> ---
> .../integrity/ima/datafiles/ima_violations/violations.policy | 1 +
> 1 file changed, 1 insertion(+)
> create mode 100644 testcases/kernel/security/integrity/ima/datafiles/ima_violations/violations.policy
>
> diff --git a/testcases/kernel/security/integrity/ima/datafiles/ima_violations/violations.policy b/testcases/kernel/security/integrity/ima/datafiles/ima_violations/violations.policy
> new file mode 100644
> index 0000000000..5734c7617f
> --- /dev/null
> +++ b/testcases/kernel/security/integrity/ima/datafiles/ima_violations/violations.policy
> @@ -0,0 +1 @@
> +func=FILE_CHECK
"[PATCH v2 1/8] IMA: Add TCB policy as an example for ima_measurements.sh"
contains two rules to measure files opened by root on file open.
measure func=FILE_CHECK mask=^MAY_READ euid=0
measure func=FILE_CHECK mask=^MAY_READ uid=0
If the 'tcb' or equivalent policy is loaded, there is no need to load another
policy rule.
Thanks,
Mimi
More information about the ltp
mailing list