Menu
▾
▴
Re: [Linux-ima-user] IMA (latest patches) do not allow creation of in policy files.
|
From: Mimi Z. <zo...@li...> - 2015-06-22 18:26:53
|
On Mon, 2015-06-22 at 11:03 -0600, Curtis Veit wrote: > Hi Mimi, > > We are seeing interesting behavior here. I have two things to share. > first a repeatable test case. (on our box - we are using IMA only (no evm) > and second a slightly simplified version of the policy we are using. > > A test case. > As root run either chpasswd or passwd to change a user password on the > ima machine. > view /etc/shadow > (we get permission denied.) > then > touch /etc/shadow > view /etc/shadow > now we can see the contents of shadow What is the boot command line (/proc/cmdline)? Remove "ima_appraise=fix" from the boot command line if present. Mimi |
