Re: [Linux-ima-user] File measurements not always stored or security.ima disappearing

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

On Fri, Jan 04, 2013 at 07:54:19AM -0500, Mimi Zohar wrote:
> > Indeed, without loading the custom policy it seems to work fine.
> 
> To summarize, the base policy works properly as there are not any LSM
> specific rules.  An IMA policy containing LSM rules works properly,
> until the LSM policy is reloaded, as shown in your setsebool example.
> Please let me know if the patch below fixes it.

Yes it does fixes it. I'm able to rebuild policies, toggle booleans, etc.
Also, the SELinux error messages on "selinux_audit_rule_match: stale rule"
have also almost fully disappeared (just get a single one right after
updating the policy) and I get my AVC denials just as I expected to (wasn't
the case before).

I'm now distributing it to my other test VMs so I can have the entire test
infrastructure run with IMA/EVM (enforcing).

Thanks!

Wkr,
	Sven Vermeulen