IMA – beko.famkos.net

Okay. It makes _some_ sense but it’s still weird:

Failed to load the IMA custom policy file /etc/ima/ima-policy1: Permission denied [!!!!!!] Failed to load IMA policy, freezing

So what really happened: /etc/ima/ima-policy exists. It is not looking for a file ima-policy1. The appended 1 is probably an exit code and it’s error message is misleading.

I had some rules making use of #SELinux labels like dont_appraise obj_type=systemd_journal_t in the policy and that goes boom when not bootet with SELinux support (e.g. selinux=0) at all. Good to know.

Also: System is still in dev mode so loading custom #IMA policy is fine 🤓

🦠 Ad-blocker not detected

Consider installing a browser extension that blocks ads and other malicious scripts in your browser to protect your privacy and security. Learn more.

Stay cool. Stay safe. Use an ad-blocker. Use protection.

beko.famkos.net

User Slice of beko

Tag: IMA