mirror of
https://git.code.sf.net/p/linux-ima/ima-evm-utils
synced 2025-07-02 21:53:17 +02:00
evmctl: Remove filtering support for file types unsupported by IMA
Remove support for filtering on file types unsupported by IMA from evmctl. This now prevents func(de->d_name) to be invoked on symlinks, block device files, etc. since signature verification on those file types is not supported by IMA in the kernel. Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
This commit is contained in:
Stefan Berger
committed by
Mimi Zohar
Mimi Zohar
parent
309d3369bb
commit
3f806e1100
2
README
2
README
@ -51,7 +51,7 @@ OPTIONS
|
||||
-o, --portable generate portable EVM signatures
|
||||
-p, --pass password for encrypted signing key
|
||||
-r, --recursive recurse into directories (sign)
|
||||
-t, --type file types to fix 'fdsxm' (f: file, d: directory, s: block/char/symlink)
|
||||
-t, --type file types to fix 'fxm' (f: file)
|
||||
x - skip fixing if both ima and evm xattrs exist (use with caution)
|
||||
m - stay on the same filesystem (like 'find -xdev')
|
||||
-n print result to stdout instead of setting xattr
|
||||
|
||||
Reference in New Issue
Block a user