We want to prevent that the IMA plugin applies signatures of the older version of files. So we have to check whether we are in the install (TR_ADDED) or remove (TR_REMOVED) cycle of a package. We only apply signatures in the install cycle.
Signed-off-by: Stefan Berger <stef...@linux.vnet.ibm.com> --- plugins/ima.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/plugins/ima.c b/plugins/ima.c index 81ed194..4a419b0 100644 --- a/plugins/ima.c +++ b/plugins/ima.c @@ -44,6 +44,9 @@ static rpmRC ima_psm_post(rpmPlugin plugin, rpmte te, int res) int rc = 0, n; struct stat statbuf; + if (rpmteType(te) != TR_ADDED) + return 0; + if (fi == NULL) { rc = RPMERR_BAD_MAGIC; goto exit; -- 2.5.5 _______________________________________________ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint