On 5/2/23 07:06, Armin Kuster wrote:
Signed-off-by: Armin Kuster <[email protected]>
Reviewed-by: Stefan Berger <[email protected]>
--- meta-integrity/lib/oeqa/runtime/cases/ima.py | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/meta-integrity/lib/oeqa/runtime/cases/ima.py b/meta-integrity/lib/oeqa/runtime/cases/ima.py index 0c8617a..6b361ca 100644 --- a/meta-integrity/lib/oeqa/runtime/cases/ima.py +++ b/meta-integrity/lib/oeqa/runtime/cases/ima.py @@ -58,21 +58,19 @@ class IMACheck(OERuntimeTestCase): @OETestDepends(['ima.IMACheck.test_ima_enabled']) def test_ima_hash(self): ''' Test if IMA stores correct file hash ''' - filename = "/etc/filetest" + filename = "/etc/ld.so.cache" ima_measure_file = "/sys/kernel/security/ima/ascii_runtime_measurements" - status, output = self.target.run("echo test > %s" % filename) - self.assertEqual(status, 0, "Cannot create file %s on target" % filename)# wait for the IMA system to update the entry- maximum_tries = 30 + maximum_tries = 3 tries = 0 - status, output = self.target.run("sha1sum %s" %filename) + status, output = self.target.run("sha256sum %s" %filename) sleep(2) current_hash = output.split()[0] ima_hash = ""while tries < maximum_tries:- status, output = self.target.run("cat %s | grep %s" \ + status, output = self.target.run("cat %s | grep -e '%s'" \ % (ima_measure_file, filename)) # get last entry, 4th field if status == 0:
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#59837): https://lists.yoctoproject.org/g/yocto/message/59837 Mute This Topic: https://lists.yoctoproject.org/mt/98636143/21656 Group Owner: [email protected] Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
