carry security.evm when copying files
This commit is contained in:
Anakin Zhang
parent
4a39275305
commit
18108b1a96
31
0008-carry-security.evm-when-copying-files.patch
Normal file
31
0008-carry-security.evm-when-copying-files.patch
Normal file
@ -0,0 +1,31 @@
|
|||||||
|
From a0be13cb66e2297adce275d4308cae10ac4eb5e9 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Anakin Zhang <benjamin93@163.com>
|
||||||
|
Date: Wed, 2 Sep 2020 23:18:56 +0800
|
||||||
|
Subject: [PATCH] carry security.evm when copy files
|
||||||
|
|
||||||
|
security.evm xattr is used to store a file's EVM signature. This xattr is
|
||||||
|
needed by kernel EVM (Extended Verification Module) to provide file integrity
|
||||||
|
protection.
|
||||||
|
|
||||||
|
This patch is intended to allow carrying security.evm xattr when copying files.
|
||||||
|
Without this patch, digest lists' security.evm xattr will miss when running
|
||||||
|
dracut to make new initramfs.
|
||||||
|
|
||||||
|
Signed-off-by: Anakin Zhang <benjamin93@163.com>
|
||||||
|
---
|
||||||
|
xattr.conf | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/xattr.conf b/xattr.conf
|
||||||
|
index dcbc12c..125fd18 100644
|
||||||
|
--- a/xattr.conf
|
||||||
|
+++ b/xattr.conf
|
||||||
|
@@ -18,4 +18,4 @@ trusted.SGI_DMI_* skip # xfs specific
|
||||||
|
trusted.SGI_MAC_FILE skip # xfs specific
|
||||||
|
xfsroot.* skip # xfs specific; obsolete
|
||||||
|
user.Beagle.* skip # ignore Beagle index data
|
||||||
|
-security.evm skip # may only be written by kernel
|
||||||
|
+#security.evm skip # may only be written by kernel
|
||||||
|
--
|
||||||
|
2.23.0.windows.1
|
||||||
|
|
||||||
@ -1,7 +1,7 @@
|
|||||||
%{!?_licensedir:%global license %%doc}
|
%{!?_licensedir:%global license %%doc}
|
||||||
Name: attr
|
Name: attr
|
||||||
Version: 2.4.48
|
Version: 2.4.48
|
||||||
Release: 11
|
Release: 12
|
||||||
Summary: Commands for Manipulating Filesystem Extended Attributes
|
Summary: Commands for Manipulating Filesystem Extended Attributes
|
||||||
License: GPLv2+ AND LGPLv2+
|
License: GPLv2+ AND LGPLv2+
|
||||||
URL: https://savannah.nongnu.org/projects/attr
|
URL: https://savannah.nongnu.org/projects/attr
|
||||||
@ -15,6 +15,7 @@ Patch4: 0004-getfattr-don-t-count-terminating-NULL-in-well_enough.patch
|
|||||||
Patch5: 0005-attr-Replace-bzero-with-memset.patch
|
Patch5: 0005-attr-Replace-bzero-with-memset.patch
|
||||||
Patch6: 0006-Switch-back-to-syscall.patch
|
Patch6: 0006-Switch-back-to-syscall.patch
|
||||||
Patch7: 0007-bypass-wrong-output-when-enabled-selinux.patch
|
Patch7: 0007-bypass-wrong-output-when-enabled-selinux.patch
|
||||||
|
Patch8: 0008-carry-security.evm-when-copying-files.patch
|
||||||
|
|
||||||
BuildRequires: gettext, libtool, chrpath, gcc, git, gdb
|
BuildRequires: gettext, libtool, chrpath, gcc, git, gdb
|
||||||
Provides: libattr
|
Provides: libattr
|
||||||
@ -101,6 +102,12 @@ fi
|
|||||||
%{_mandir}/man3/*
|
%{_mandir}/man3/*
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Wed Sep 2 2020 Anakin Zhang <benjamin93@163.com> - 2.4.48-12
|
||||||
|
- Type:bugfix
|
||||||
|
- ID:NA
|
||||||
|
- SUG:NA
|
||||||
|
- DESC: carry security.evm when copying files
|
||||||
|
|
||||||
* Sun Jul 12 2020 Zhiqiang Liu <liuzhiqiang26@huawei.com> - 2.4.48-11
|
* Sun Jul 12 2020 Zhiqiang Liu <liuzhiqiang26@huawei.com> - 2.4.48-11
|
||||||
- backport upstream bugfix patches
|
- backport upstream bugfix patches
|
||||||
|
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user