diff options
author | Armin Kuster <akuster808@gmail.com> | 2019-05-25 23:04:32 -0700 |
---|---|---|
committer | Armin Kuster <akuster808@gmail.com> | 2019-05-26 21:58:11 -0700 |
commit | cc754f8e8fc67ebae3dcd5e170cecd1c3b7fc60f (patch) | |
tree | a1970071ea4a8c419a9404d4ec0aadad2514cb0b | |
parent | e6162d49f9f0c98826550a6ba85f9ec0865be94c (diff) | |
download | meta-security-cc754f8e8fc67ebae3dcd5e170cecd1c3b7fc60f.tar.gz |
ima_policy_simple: add another sample policy
Signed-off-by: Armin Kuster <akuster808@gmail.com>
-rw-r--r-- | meta-integrity/recipes-security/ima_policy_simple/files/ima_policy_simple | 4 | ||||
-rw-r--r-- | meta-integrity/recipes-security/ima_policy_simple/ima-policy-simple_1.0.bb | 18 |
2 files changed, 22 insertions, 0 deletions
diff --git a/meta-integrity/recipes-security/ima_policy_simple/files/ima_policy_simple b/meta-integrity/recipes-security/ima_policy_simple/files/ima_policy_simple new file mode 100644 index 0000000..38ca8f5 --- /dev/null +++ b/meta-integrity/recipes-security/ima_policy_simple/files/ima_policy_simple | |||
@@ -0,0 +1,4 @@ | |||
1 | # Very simple policy demonstrating the systemd policy loading bug | ||
2 | # (policy with one line works, two lines don't). | ||
3 | dont_appraise fsmagic=0x9fa0 | ||
4 | dont_appraise fsmagic=0x62656572 | ||
diff --git a/meta-integrity/recipes-security/ima_policy_simple/ima-policy-simple_1.0.bb b/meta-integrity/recipes-security/ima_policy_simple/ima-policy-simple_1.0.bb new file mode 100644 index 0000000..17132aa --- /dev/null +++ b/meta-integrity/recipes-security/ima_policy_simple/ima-policy-simple_1.0.bb | |||
@@ -0,0 +1,18 @@ | |||
1 | SUMMARY = "IMA sample simple policy" | ||
2 | LICENSE = "MIT" | ||
3 | LIC_FILES_CHKSUM = "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420" | ||
4 | |||
5 | # This policy file will get installed as /etc/ima/ima-policy. | ||
6 | # It is located via the normal file search path, so a .bbappend | ||
7 | # to this recipe can just point towards one of its own files. | ||
8 | IMA_POLICY ?= "ima_policy_simple" | ||
9 | |||
10 | SRC_URI = " file://${IMA_POLICY}" | ||
11 | |||
12 | do_install () { | ||
13 | install -d ${D}/${sysconfdir}/ima | ||
14 | install ${WORKDIR}/${IMA_POLICY} ${D}/${sysconfdir}/ima/ima-policy | ||
15 | } | ||
16 | |||
17 | FILES_${PN} = "${sysconfdir}/ima" | ||
18 | RDEPENDS_${PN} = "ima-evm-utils" | ||