Re: [Linux-ima-user] Measuring lib and executables only ....

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

On Mon, 2014-07-14 at 20:49 -0700, M.AMJAD wrote: 
> 
> 1. Is there any option in configuration file to measure only
> binaries and executable permanently(name of that configuration file plz)?
> 2. How to get SMLs in the following format 
>  #000 :   D6DC07881A7EFDS8EB8E9186CC72F452AS4D3DB
> boot_aggregate
>  #001 :   CDSS4B285123353BDA1794D9AB4BD69B2F74D73  linuxrc
>  #002 :   9F860256709F1CD35037563DCDF798054F978705  nash  
>  #003 :   7DF33561E2A467AE7CDD4BBEF6880517D3CAECB  libc-2.3.2.so
> ETC

There isn't a builtin policy, but you can load a custom policy.
Probably only the bprm and mmap hooks are needed.

measure func=BPRM_CHECK
measure func=MMAP_CHECK

Refer to Documentation/ABI/testing/ima_policy.

Mimi