diff --git a/0540-Check-the-proper-variable-for-a-custom-IMA-keys-dire.patch b/0540-Check-the-proper-variable-for-a-custom-IMA-keys-dire.patch new file mode 100644 index 0000000..7655455 --- /dev/null +++ b/0540-Check-the-proper-variable-for-a-custom-IMA-keys-dire.patch @@ -0,0 +1,25 @@ +From 551cc3694e32be97084b1f198f76f4daf908d503 Mon Sep 17 00:00:00 2001 +From: Jason Dana +Date: Thu, 27 Apr 2017 07:55:58 -0400 +Subject: [PATCH] Check the proper variable for a custom IMA keys directory + +--- + modules.d/98integrity/ima-keys-load.sh | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/modules.d/98integrity/ima-keys-load.sh b/modules.d/98integrity/ima-keys-load.sh +index 659b7222..e142f74d 100755 +--- a/modules.d/98integrity/ima-keys-load.sh ++++ b/modules.d/98integrity/ima-keys-load.sh +@@ -13,7 +13,7 @@ load_x509_keys() + . ${IMACONFIG} + fi + +- if [ -z "${IMAKEYDIR}" ]; then ++ if [ -z "${IMAKEYSDIR}" ]; then + IMAKEYSDIR="/etc/keys/ima" + fi + +-- +2.14.1 + diff --git a/dracut.changes b/dracut.changes index 8934184..494add9 100644 --- a/dracut.changes +++ b/dracut.changes @@ -1,3 +1,16 @@ +------------------------------------------------------------------- +Tue Oct 17 08:03:22 UTC 2017 - daniel.molkentin@suse.com + +- Check the proper variable for a custom IMA keys directory (cherry-picked) + Part of fate#323289. + * adds 0540-Check-the-proper-variable-for-a-custom-IMA-keys-dire.patch + +------------------------------------------------------------------- +Sun Oct 8 00:10:44 UTC 2017 - jengelh@inai.de + +- Reword dracut-ima description to avoid misunderstandings. +- Replace old RPM constructs. + ------------------------------------------------------------------- Thu Sep 28 11:35:43 UTC 2017 - daniel.molkentin@suse.com diff --git a/dracut.spec b/dracut.spec index c545282..9b74f74 100644 --- a/dracut.spec +++ b/dracut.spec @@ -221,6 +221,7 @@ Patch536: 0536-90multipath-drop-67-kpartx-compat.rules.patch Patch537: 0537-dracut-init.sh-ignore-crc32.ko-in-builtin-test.patch Patch538: 0538-Enable-core-dumps-with-systemd-from-initrd.patch Patch539: 0539-Add-IMA-functionality-fate-323289.patch +Patch540: 0540-Check-the-proper-variable-for-a-custom-IMA-keys-dire.patch BuildRequires: asciidoc BuildRequires: bash @@ -284,7 +285,7 @@ Requires: %{name} = %{version}-%{release} %description ima This package requires everything which is needed to build an -initramfs with dracut, which tries to load an IMA policy during startup. +initramfs (using dracut) which tries to load an IMA policy during startup. %package tools Summary: Tools to build a local initramfs @@ -478,6 +479,7 @@ chmod a+x modules.d/91zipl/install_zipl_cmdline.sh %patch537 -p1 %patch538 -p1 %patch539 -p1 +%patch540 -p1 %build %configure\ @@ -487,7 +489,7 @@ chmod a+x modules.d/91zipl/install_zipl_cmdline.sh make all CFLAGS="%{optflags}" %{?_smp_mflags} %install -make DESTDIR=%{buildroot} install %{?_smp_mflags} +%make_install %{?_smp_mflags} echo -e "#!/bin/bash\nDRACUT_VERSION=%{_pkg_version}-%{release}" > %{buildroot}/%{dracutlibdir}/dracut-version.sh