Re: [Linux-ima-user] no ima or tpm0 measurements

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

The IMA  wiki actually mentions this:

IMA was first included in the 2.6.30 kernel. For distros that enable IMA by
default in their kernels, collecting IMA measurements simply requires
rebooting the kernel with the boot command line parameter 'ima_tcb'.
(Fedora/RHEL may also require the boot command line parameter 'ima=on'.)

http://sourceforge.net/p/linux-ima/wiki/Home/

So this is something (potentially) applicable to Fedora/RHEL/CentOS

On 18 November 2013 13:47, Mimi Zohar <zo...@li...> wrote:

> On Mon, 2013-11-18 at 12:07 +0100, Nicolae Paladi wrote:
> > For the record:
> >
> >
> > On CentOS 6.4, the correct set of boot options is:
> >
> > ima=on ima_tcb
> >
> > Using only ima=on results in an ima runtime measurement that only
> contains
> > the boot aggregate
> > Using only ima_tcb results in no ima runtime measurement log.
>
> Interesting, there is no upstreamed boot command line parameter named
> 'ima='.  Refer to Documentation/kernel-parameters.txt for a list of
> options.
>
> Mimi
>
>