The following series of patches addresses some issues with signatures on
files. In particular:
- some files marked as config files are also executables and therefore
need to have the signature applied
- some RPM packages require that the files be signed when the post
install scriptlets are run since they may invoke executables that
were just installed; so we move the IMA plugin from the psm_post hook
to the fsm_file_prepare hook.
Regards,
Stefan
Stefan Berger (2):
ima-plugin: Have executable configuration files signed
ima-plugin: Move the IMA plugin to the fsm_file_prepare hook
plugins/ima.c | 38 +++++++++++++++++++++++---------------
1 file changed, 23 insertions(+), 15 deletions(-)
--
2.5.5
_______________________________________________
Rpm-maint mailing list
Rpm-maint@lists.rpm.org
http://lists.rpm.org/mailman/listinfo/rpm-maint
