Menu
▾
▴
Re: [Linux-ima-user] No runtime_measurements
|
From: Mimi Z. <zo...@li...> - 2010-06-30 14:47:15
|
On Wed, 2010-06-30 at 14:15 +0100, chloé Fouquet wrote: > Hi, > I have compile a kernel 2.6.32 on my ubuntu 9.04. My menu.lst is : > > > title Linux kernel 2.6.32 > root (hd0,1) > kernel /boot/vmlinuz-2.6.32 root=/dev/mapper/systemvg-root > initrd /boot/initrd.img-2.6.32 ima_tcb=1 selinux=1 > > > But the command : /sys/kernel/security/ima/ascii_runtime_measurements > gives me only the boot aggregate > > > 10 bcaa719b82183ba8276ae77ddb1d870ce4e1a1dc ima > 4daed4d737ce85a26da3841274da3e6d857db514 boot_aggregate > > > What I'm missing ? I tried on my virtual machine without tpm chip and > it was working, I could get the value of executables and libraries... > Do I need to use this function : ima_appraise, I didn't really > understand what it was for... > > > Chloe Hi Choloe, To enable the default measurement policy, you need to specify on the boot command line the option 'ima_tcb=1'. Mimi |