32 lines
1.1 KiB
Diff
32 lines
1.1 KiB
Diff
|
From a0be13cb66e2297adce275d4308cae10ac4eb5e9 Mon Sep 17 00:00:00 2001
|
||
|
|
From: Anakin Zhang <benjamin93@163.com>
|
||
|
|
Date: Wed, 2 Sep 2020 23:18:56 +0800
|
||
|
|
Subject: [PATCH] carry security.evm when copy files
|
||
|
|
|
||
|
|
security.evm xattr is used to store a file's EVM signature. This xattr is
|
||
|
|
needed by kernel EVM (Extended Verification Module) to provide file integrity
|
||
|
|
protection.
|
||
|
|
|
||
|
|
This patch is intended to allow carrying security.evm xattr when copying files.
|
||
|
|
Without this patch, digest lists' security.evm xattr will miss when running
|
||
|
|
dracut to make new initramfs.
|
||
|
|
|
||
|
|
Signed-off-by: Anakin Zhang <benjamin93@163.com>
|
||
|
|
---
|
||
|
|
xattr.conf | 2 +-
|
||
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||
|
|
|
||
|
|
diff --git a/xattr.conf b/xattr.conf
|
||
|
|
index dcbc12c..125fd18 100644
|
||
|
|
--- a/xattr.conf
|
||
|
|
+++ b/xattr.conf
|
||
|
|
@@ -18,4 +18,4 @@ trusted.SGI_DMI_* skip # xfs specific
|
||
|
|
trusted.SGI_MAC_FILE skip # xfs specific
|
||
|
|
xfsroot.* skip # xfs specific; obsolete
|
||
|
|
user.Beagle.* skip # ignore Beagle index data
|
||
|
|
-security.evm skip # may only be written by kernel
|
||
|
|
+#security.evm skip # may only be written by kernel
|
||
|
|
--
|
||
|
|
2.23.0.windows.1
|
||
|
|
|