carry security.evm when copying files
This commit is contained in:
Anakin Zhang
parent
4a39275305
commit
18108b1a96
31
0008-carry-security.evm-when-copying-files.patch
Normal file
31
0008-carry-security.evm-when-copying-files.patch
Normal file
@ -0,0 +1,31 @@
|
||||
From a0be13cb66e2297adce275d4308cae10ac4eb5e9 Mon Sep 17 00:00:00 2001
|
||||
From: Anakin Zhang <benjamin93@163.com>
|
||||
Date: Wed, 2 Sep 2020 23:18:56 +0800
|
||||
Subject: [PATCH] carry security.evm when copy files
|
||||
|
||||
security.evm xattr is used to store a file's EVM signature. This xattr is
|
||||
needed by kernel EVM (Extended Verification Module) to provide file integrity
|
||||
protection.
|
||||
|
||||
This patch is intended to allow carrying security.evm xattr when copying files.
|
||||
Without this patch, digest lists' security.evm xattr will miss when running
|
||||
dracut to make new initramfs.
|
||||
|
||||
Signed-off-by: Anakin Zhang <benjamin93@163.com>
|
||||
---
|
||||
xattr.conf | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/xattr.conf b/xattr.conf
|
||||
index dcbc12c..125fd18 100644
|
||||
--- a/xattr.conf
|
||||
+++ b/xattr.conf
|
||||
@@ -18,4 +18,4 @@ trusted.SGI_DMI_* skip # xfs specific
|
||||
trusted.SGI_MAC_FILE skip # xfs specific
|
||||
xfsroot.* skip # xfs specific; obsolete
|
||||
user.Beagle.* skip # ignore Beagle index data
|
||||
-security.evm skip # may only be written by kernel
|
||||
+#security.evm skip # may only be written by kernel
|
||||
--
|
||||
2.23.0.windows.1
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
%{!?_licensedir:%global license %%doc}
|
||||
Name: attr
|
||||
Version: 2.4.48
|
||||
Release: 11
|
||||
Release: 12
|
||||
Summary: Commands for Manipulating Filesystem Extended Attributes
|
||||
License: GPLv2+ AND LGPLv2+
|
||||
URL: https://savannah.nongnu.org/projects/attr
|
||||
@ -15,6 +15,7 @@ Patch4: 0004-getfattr-don-t-count-terminating-NULL-in-well_enough.patch
|
||||
Patch5: 0005-attr-Replace-bzero-with-memset.patch
|
||||
Patch6: 0006-Switch-back-to-syscall.patch
|
||||
Patch7: 0007-bypass-wrong-output-when-enabled-selinux.patch
|
||||
Patch8: 0008-carry-security.evm-when-copying-files.patch
|
||||
|
||||
BuildRequires: gettext, libtool, chrpath, gcc, git, gdb
|
||||
Provides: libattr
|
||||
@ -101,6 +102,12 @@ fi
|
||||
%{_mandir}/man3/*
|
||||
|
||||
%changelog
|
||||
* Wed Sep 2 2020 Anakin Zhang <benjamin93@163.com> - 2.4.48-12
|
||||
- Type:bugfix
|
||||
- ID:NA
|
||||
- SUG:NA
|
||||
- DESC: carry security.evm when copying files
|
||||
|
||||
* Sun Jul 12 2020 Zhiqiang Liu <liuzhiqiang26@huawei.com> - 2.4.48-11
|
||||
- backport upstream bugfix patches
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user