Re: [Linux-ima-user] How to configure measurement list

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Hi Andreas,

After I rebooted the machine, the 'permission denied' error disappeard.
Howerver, once I cat a policy into '<security fs>/ima/policy', the policy
file disapperd, is that a normal situation? And if I want to change the
policy into another one, what can I do except for rebooting the machine.

Thanks and regards,
Jason

2012/9/13 Jason Chow <jas...@gm...>

> Hi Andreas,
>
> When I use cat to input my policy into '<security fs>/ima/policy' with
> root account, 'permission denied' error came out to reject the modification.
> Do you have any idea about this?
> Thanks for your help.
>
> Jason
>
> 2012/9/11 Andreas Steffen <and...@st...>
>
>> Hi Jason,
>>
>> you find information on how to define a custom-defined IMA policy
>> under this link:
>>
>>
>> http://sourceforge.net/apps/mediawiki/linux-ima/index.php?title=Main_Page#Defining_an_LSM_specific_policy
>>
>> The custom policy is applied during the early boot process using
>> a dracut initramfs.
>>
>> If you want to specify specific files or directories to be measured
>> then you must tag your file system using SE Linux. I tried this
>> approach to measure all Linux kernel modules. Have a look at the
>> custom IMA policy shown in Fig. 6 of my Linux IMA remote attestation paper
>>
>> http://www.strongswan.org/lss2012.pdf
>>
>> Best regards
>>
>> Andreas
>>
>> On 10.09.2012 16:17, Jason Chow wrote:
>> > Hi all,
>> >
>> > I'm a newbie in IMA, and I'm very interested in it. Could you help me to
>> > get familiar with it. Thanks a lot.
>> >
>> > As I know, new kernel has already put IMA in mainline. And I have
>> > already enabled it. But I'm confused with how to configure the measument
>> > list to make it do a measument for files as I wished. However I cannot
>> > find any documents about how to do this configuration. Any help from you
>> > will be highly appreciated.
>> >
>> > Thanks a lot.
>> >
>> > Jason
>>
>> ======================================================================
>> Andreas Steffen                         and...@st...
>> strongSwan - the Linux VPN Solution!                www.strongswan.org
>> Institute for Internet Technologies and Applications
>> University of Applied Sciences Rapperswil
>> CH-8640 Rapperswil (Switzerland)
>> ===========================================================[ITA-HSR]==
>>
>>
>