Menu
▾
▴
Re: [Linux-ima-user] How can I make kernel loads a signature from a .sig file ?
|
From: Mimi Z. <zo...@li...> - 2017-06-08 11:49:15
|
On Thu, 2017-06-08 at 16:59 +0800, Rock Lee wrote: > Hi, > > Besides storing IMA signature in xattr of a file, we can also store it > in a .sig file. If I store the signature in a .sig file, how can I > make the kernel load the signature form .sig file instead of from > xattr of a file ? > > Use this command to generate a .sig file. > evmctl ima_sign -f --key /etc/ima/public.key foo > > After this, we will get a foo.sig You can't, but yesterday Thiago Bauermann posted patches for adding appended signature support. Mimi |
