On 2/14/18 11:18 AM, Matthias Gerstner wrote:
I'm currently evaluating the IMA (Integrity Measurement Architecture)
for the security team. This is basically enabled in our current Leap and
SLE-12 kernels but not in Tumbleweed.
For harmonization and because I'd like to test IMA with a current
kernel on Tumbleweed, could you please enable the following kernel
But *without* CONFIG_IMA_TRUSTED_KEYRING and
CONFIG_INTEGRITY_TRUSTED_KEYRING (those don't make sense as long as we
have no possibility to sign third party keys). See bnc#1075517.
For more information about what IMA does I've written up documentation
Hi Matthias -
I'm looking at integrating this. It looks like this is an older list of
config options. I'm getting questions on:
What should these be?