Re: [Linux-ima-user] IMA installation problem...

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Hi Tamleek,

  You probably don't have securityfs mounted.  IIRC you can mount it with:

# mount -t securityfs securityfs /sys/kernel/security

Kent

On Feb 6, 2008 5:02 AM, Tamleek Ali <tam...@gm...> wrote:
> Hi All,
>
> Now i can see that ima is running using the 'dmesg | grep IMA' that is
> stated in the section 4 of the install instructions in the patch but I
> cannot find the mentioned /ima/binary_measurements nor the script
> print_ima_measuremnts that is mentioned in the section 5 of the
> instructions.
>
> note that i also tried to see the measurements using
>
> 'cat /sys/kernel/security/ima/ascii_runtime_measurements'
>
>  but no file present in "/sys/kernel/security"
>
> please advice what needs to be done in order to read the measurements??
>
> Regards
> Khanjee
>
>
>
> On Feb 5, 2008 4:43 PM, Tamleek Ali <tam...@gm...> wrote:
> > Hi All,
> >
> > I applied the IMA patch  and then compiled the kernel successfully, with
> the instructions given in the patch. However, still after rebooting and
> making SELinux disable, i could not see any message regarding IMA in the
> "dmesg".
> >
> > If any body can help me regarding installation of IMA, i will very
> thankful.
> >
> > Thanking you in advance.
> > Khanjee
> >
> >
> >
> >
> >
> >
> >
> > On Feb 5, 2008 12:14 PM, Tamleek Ali <tam...@gm...> wrote:
> >
> > > i cant see ima enabled in the
> > >
> > >     #dmesg | grep ima
> > >
> > > the steps that i performed are as follows...
> > >
> > > 1. downloaded the ibm-ima latest patch from sourceforge.net i.e
> ibm-ima-patch-2.6.22...
> > >
> > > 2. based on the patch downloaded the same kernel from kernel.org i.e.
> linux-2.6.22.tar.gz..
> > >
> > > 3. copied both the files to /usr/src
> > >
> > > 4. uncompressed the kernel to get linux-2.6.22 directory in /usr/src
> > >
> > > 5. cd kernel directory
> > >
> > > 6. checked whether the patch works
> > >
> > >     #patch -p1 --dry-run < ibm-ima-2.6.22.patch
> > >     and then patched successfully
> > >     #cd /usr/src/linux-2.6.22
> > >
> > > 7. #make ; make modules_install; make install;
> > >
> > > 8. booted with the kernel with options selinux = 0 ima=1
> > >
> > > Now i cannot see any ima in the dmesg.
> > >
> > > i need to ask that
> > > 1. i dont have a hardware TPM neither have software TPM... will it work
> without the tpm ??
> > > 2. i couldnt do the menuconfig, as it didnt work on my system... can it
> be a problem??
> > > 3. is it nessesary to have the same kernel version as of ima patch??
> > >
> > > Help needed please.
> > >
> > >
> > > Khanjee
> > >
> > >
> > >
> > >
> > >
> > >
> >
> >
>
>
> -------------------------------------------------------------------------
> This SF.net email is sponsored by: Microsoft
> Defy all challenges. Microsoft(R) Visual Studio 2008.
> http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
> _______________________________________________
> Linux-ima-user mailing list
> Lin...@li...
> https://lists.sourceforge.net/lists/listinfo/linux-ima-user
>
>

-- 
Kent Yoder
IBM LTC Security Dev.