| 1 |
Hi |
| 2 |
|
| 3 |
My system: |
| 4 |
Gentoo Hardened - grsec & pax: |
| 5 |
/Linux version 3.9.4-grie5 (root@localhost) (gcc version 4.6.3 (Gentoo |
| 6 |
Hardened 4.6.3 p1.5, pie-0.5.2) ) #6 SMP PREEMPT Fri Jun 7 19:05:38 CEST |
| 7 |
2013/ |
| 8 |
|
| 9 |
I have a few questions about Integrity check using IMA / EVM, as |
| 10 |
described in this article: |
| 11 |
http://www.gentoo.org/proj/en/hardened/integrity/ |
| 12 |
|
| 13 |
|
| 14 |
How to automatically sign installed by Portage packages for the IMA and EVM? |
| 15 |
Is it possible to run the added convenience Portage, acting similarly to |
| 16 |
currently applying SELinux tags? |
| 17 |
Is there a tool similar to rlpkg package policycoreutils to sign files |
| 18 |
for EVM / IMA? |
| 19 |
|
| 20 |
Is it possible to use EVM is installed in accordance with this guide: |
| 21 |
http://www.gentoo.org/proj/en/hardened/integrity/docs/evm-guide.xml |
| 22 |
without SELinux? |
| 23 |
As in this case (without SELinux) to the EVM/IMA policy integrity check |
| 24 |
that did not include such locations as |
| 25 |
//////usr///// share// |
| 26 |
/// var///// log// |
| 27 |
// /// tmp// |
| 28 |
///////var// |
| 29 |
// ///////usr /////portage// |
| 30 |
// /// media |
| 31 |
//////Where / |
| 32 |
// var, /tmp and / usr is on rootfs? |
| 33 |
|
| 34 |
/Cheers |
| 35 |
;) |
Archives