Comment # 25 on bug 1187654 from 
(In reply to Alberto Planas Dominguez from comment #24)
> (In reply to Antonio Feijoo from comment #23)
> > (In reply to Alberto Planas Dominguez from comment #22)
> > > (In reply to Antonio Feijoo from comment #21)
> > > 
> > > > No, with this fix if there is not any cert file in /sysroot/etc/keys/ima, no
> > > > message is shown.
> > > 
> > > Uhm, I mean if RD_DEBUG was "yes" it will show "integrity: IMA x509 cert
> > > file not found: /sysroot/etc/keys/ima/*"
> > 
> > That part of the code is inside the loop content and is never reached if
> > there is no file. 
> 
> But that is the issue, isn't? As I commented before, if there is not file
> the PUBKEY variable will not be empty, it will have a value, and this value
> is the string "/sysroot/etc/keys/ima/*"
> 
> Check this here, for example:
> 
>   for PUBKEY in "/non/existent/"*; do
>     echo "Inside loop: ${PUBKEY}"
>   done
> 
> This produce this output:
> 
>   Inside loop: /non/existent/*
> 
> Are we using different shells?

Yes, you're right, you're not seeing anything because rd.debug is not set on
the kernel command line. Sorry for my mistake, I'm multitasking right now...

You are receiving this mail because: