1 |
Hi |
2 |
|
3 |
My system: |
4 |
Gentoo Hardened - grsec & pax: |
5 |
/Linux version 3.9.4-grie5 (root@localhost) (gcc version 4.6.3 (Gentoo |
6 |
Hardened 4.6.3 p1.5, pie-0.5.2) ) #6 SMP PREEMPT Fri Jun 7 19:05:38 CEST |
7 |
2013/ |
8 |
|
9 |
I have a few questions about Integrity check using IMA / EVM, as |
10 |
described in this article: |
11 |
http://www.gentoo.org/proj/en/hardened/integrity/ |
12 |
|
13 |
|
14 |
How to automatically sign installed by Portage packages for the IMA and EVM? |
15 |
Is it possible to run the added convenience Portage, acting similarly to |
16 |
currently applying SELinux tags? |
17 |
Is there a tool similar to rlpkg package policycoreutils to sign files |
18 |
for EVM / IMA? |
19 |
|
20 |
Is it possible to use EVM is installed in accordance with this guide: |
21 |
http://www.gentoo.org/proj/en/hardened/integrity/docs/evm-guide.xml |
22 |
without SELinux? |
23 |
As in this case (without SELinux) to the EVM/IMA policy integrity check |
24 |
that did not include such locations as |
25 |
//////usr///// share// |
26 |
/// var///// log// |
27 |
// /// tmp// |
28 |
///////var// |
29 |
// ///////usr /////portage// |
30 |
// /// media |
31 |
//////Where / |
32 |
// var, /tmp and / usr is on rootfs? |
33 |
|
34 |
/Cheers |
35 |
;) |