[Linux-ima-devel] about the use of ima-appraisal and evm

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

When I enable IMA-Appraisal and EVM as these two guide

1）
https://sourceforge.net/p/linux-ima/wiki/Home/#compiling-the-kernel-with-evmima-appraisal-enabled

2） http://linux-ima.sourceforge.net/evmctl.1.html

Here is two questions(kernel version: v4.8.0):
1) when setting the new policy by "cat /etc/ima_policy >
/sys/kernel/security/ima/policy", it reports
"[  366.008465] IMA: signed policy file (specified as an absolute pathname)
required"
2) when I read a signed file, it reports
"5677] integrity: Request for unknown key 'id:8f79faca' err -11"

And there is some differences between "_ima" and ".ima". So is there a
better guide document for enable IMA-Appraisal and EVM ?

Thanks!

Sam
-------------- next part --------------
An HTML attachment was scrubbed...