Menu
▾
▴
Re: [Linux-ima-user] [LTP] Can not run Test
|
From: Mimi Z. <zo...@li...> - 2009-06-28 22:11:32
|
On Sat, 2009-06-27 at 12:45 +0600, waqar afridi wrote: > > > On Fri, Jun 26, 2009 at 5:32 PM, Subrata Modak > <su...@li...> wrote: > > On Thu, 2009-06-25 at 08:04 -0400, Mimi Zohar wrote: > > On Thu, 2009-06-25 at 16:17 +0530, Subrata Modak wrote: > > > On Thu, 2009-06-25 at 16:39 +0600, waqar afridi wrote: > > > > > > > > > > > > On Thu, Jun 25, 2009 at 3:11 PM, Subrata Modak > > > > <su...@li...> wrote: > > > > On Thu, 2009-06-25 at 13:00 +0600, waqar afridi > wrote: > > > > > Hi All > > > > > > > > > > I have downloaded ltp-full-20090531.tgz and > installed it > > > > using the > > > > > commands make autotools, ./configure, make > all, make > > > > install. but when > > > > > I try to run a test like > > > > > > > > > > # ./ima_tpm.sh > > > > > ./ima_tpm.sh: 163: source: not found > > > > > ./ima_tpm.sh: 164: setup: not found > > > > > > > > > > I get the error above. What could be the > problem, > > > > Desperately need > > > > > help. I'm not sure as the lines 163/164 from http://ltp.cvs.sourceforge.net/viewvc/ltp/ltp/testcases/kernel/security/integrity/ima/tests/ima_tpm.sh?revision=1.1&view=markup 163 164 # Function: main >From ltp-full-20090531, could you run the tests as: "./runltp -f ima"? > > > > > > > > Look through: > > > > > http://ltp.cvs.sourceforge.net/viewvc/ltp/ltp/testcases/kernel/security/integrity/ima/README, > > > > on instructions to setup before executing those > tests. > > > > > > > > I already have done these steps. but I think the > problem will be with > > > > mounting partition with iversion support(I have done > this too, added > > > > iversion to fstab). I am not clear about whats iversion, > so thats why > > > > I am going to clear my Idea about iversion. but if some > body can help > > > > with both the problem and iversion, I will be very > thankful. > > > > > > Mimi, > > > > > > Can you please help Afridi ? > > > > > > Regards-- > > > Subrata > > > > Sure. I'm in the process of updating the web site > > http://linux-ima.sourceforge.net/, but it is a good place to > start. > > There's also IMA mailing lists > > http://sourceforge.net/projects/linux-ima. > > > Thanks. I am going to put this info as well on: > http://ltp.cvs.sourceforge.net/viewvc/ltp/ltp/testcases/kernel/security/integrity/ima/README > > > Regards-- > Subrata > > > > > > Mimi > > > > > > > > > > > > > > > > > > Regards-- > > > > Subrata > > > > > > > > > > > > > > -- > > > > > Waqar Afridi > > > > > Research Associate > > > > > Member: Security Engineering Research Group > (SERG) > > > > > IM | Sciences Peshawar > > > > > > > > > > > > > > ------------------------------------------------------------------------------ > > > > > > _______________________________________________ > > > > > Ltp-list mailing list > > > > > Ltp...@li... > > > > > > https://lists.sourceforge.net/lists/listinfo/ltp-list > > > > > > > > > > > > > > > > > > > > -- > > > > Waqar Afridi > > > > Research Associate > > > > Member: Security Engineering Research Group (SERG) > > > > IM | Sciences Peshawar > > > > > > > > > I forgot to mention that I am using Ubuntu 9.04, and their is no > auditd, but in README it was stated that in case if we have auditd > then we will have to patch it. Does these things have something to do > with it, Without auditing, the msgs should be in /var/log/messages. > The line of fstab is > > # / was on /dev/sda1 during installation > UUID=4aff6b42-ccde-4a54-9b58-da77e94e8372 / ext3 > relatime,errors=remount-ro,iversion 0 1 > > but i have also tried "mount -n -o remount,rw,iversion /" manully. It > did not report any error. so what could be the problem. Before adding i_version support, lets make sure the IMA measurement list exists. You'll need to mount securityfs. Add the following line to /etc/fstab: securityfs /sys/kernel/security securityfs defaults 0 0 As securityfs files can only be read by root, you'll need to view the IMA measurement list as root: su -c 'cat /sys/kernel/security/ima/ascii_runtime_measurements' The first 10 lines should look something like this: 10 7971593a7ad22a7cce5b234e4bc5d71b04696af4 ima b5a166c10d153b7cc3e5b4f1eab1f71672b7c524 boot_aggregate 10 2c7020ad8cab6b7419e4973171cb704bdbf52f77 ima e09e048c48301268ff38645f4c006137e42951d0 /init 10 ef7a0aff83dd46603ebd13d1d789445365adb3b3 ima 0f8b3432535d5eab912ad3ba744507e35e3617c1 /init 10 247dba6fc82b346803660382d1973c019243e59f ima 747acb096b906392a62734916e0bb39cef540931 ld-2.9.so 10 341de30a46fa55976b26e55e0e19ad22b5712dcb ima 326045fc3d74d8c8b23ac8ec0a4d03fdacd9618a ld.so.cache 10 78bd3f605d53111aeb0ff3dd44b2eba8586e8626 ima 52ac5da573595ac0804f9e54ba4bf8c446c6b803 libnash.so.6.0.71 10 971df3483b50e89ee2685c4c2ff178923bf0e7f5 ima 530973299e3888233d00cf9a82ac614e3d08a107 libbdevid.so.6.0.71 10 c3ec0e0379aece05e819c0caa10cf0d55da7e99e ima 275a2b138888ec42ae880ecbb4b17a16f4fff363 libdevmapper.so.1.02 10 10df829c1c4c59520299da8898b3c73608978cd3 ima b0a889ac403277a070699748bcd795ea39891fb6 libparted-1.8.so.8.0.0 10 b82d233e5a098e8e4948aabf3595c18a3541d40a ima 303510d38e827a6e2cb8fa43fbf10792ccf7ffc2 libblkid.so.1.0 10 4e46623f457d47cae48fd2cb839a5bf057e22842 ima 3b99b61fa8fe50be2b2556b3e45ec877276f29ad libselinux.so.1 1st field - the IMA PCR register 2nd field - SHA1 hash of the IMA template (SHA1 file data hash, file name hint) 3rd field - template name 4th field - SHA1 hash of the file data Mimi |
