packages/dracut
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
dracut/backport-fix-integrity-do-not-display-any-error-if-there-is-n.patch
hongjinghao 9d9fb131b3 backport patchs from upstream 
(cherry picked from commit 74c55dc789a3aacb444c42ab40cd308bd213f5e3)
2024-02-22 16:48:54 +08:00

33 lines
1.1 KiB
Diff
Raw Blame History

From f63f411d52df613936082d646ab072447b8b9d7f Mon Sep 17 00:00:00 2001
From: Antonio Alvarez Feijoo <antonio.feijoo@suse.com>
Date: Tue, 24 May 2022 16:34:04 +0200
Subject: [PATCH] fix(integrity): do not display any error if there is no IMA
certificate
IMA appraisal can be used without digital signatures, just by storing hash
digests instead.
Reference:https://github.com/dracutdevs/dracut/commit/f63f411d52df613936082d646ab072447b8b9d7f
Conflict:NA
---
modules.d/98integrity/ima-keys-load.sh | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/modules.d/98integrity/ima-keys-load.sh b/modules.d/98integrity/ima-keys-load.sh
index 2959331a..be234761 100755
--- a/modules.d/98integrity/ima-keys-load.sh
+++ b/modules.d/98integrity/ima-keys-load.sh
@@ -17,8 +17,7 @@ load_x509_keys() {
IMAKEYSDIR="/etc/keys/ima"
fi
- PUBKEY_LIST=$(ls "${NEWROOT}"${IMAKEYSDIR}/*)
- for PUBKEY in ${PUBKEY_LIST}; do
+ for PUBKEY in "${NEWROOT}${IMAKEYSDIR}"/*; do
# check for public key's existence
if [ ! -f "${PUBKEY}" ]; then
if [ "${RD_DEBUG}" = "yes" ]; then
--
2.23.0
Reference in New Issue View Git Blame Copy Permalink