[systemd-devel] [Linux-ima-user] [PATCH 2/2] main: added support for loading IMA custom policies

Roberto Sassu roberto.sassu at polito.it
Tue Feb 21 10:07:05 PST 2012


On 02/21/2012 06:56 PM, Kay Sievers wrote:
> On Tue, Feb 21, 2012 at 18:32, Roberto Sassu<roberto.sassu at polito.it>  wrote:
>
>>   I meant we can create a new package called for example 'ima-utils'
>> that can be used by Systemd to determine, at compile time, whether
>> the IMA support for loading custom policies should be enabled or not.
>
> That's not needed. There is no problem enabling ima support
> conditionally in ./configure.
>
> Build systems are unlikely to install ima in the buildroot anyway,
> when there is no library or anything to link against, so
> auto-detection is not really useful.
>
> A default to off and requiring an explicit enable sounds sufficient here.
>

Hi Kay

ok, that was because Systemd also checks for the presence of libselinux
in order to enable the SELinux support. I will introduce in the next
version of the patches only the new configure parameter '--enable_ima'
without additional checks.

Thanks

Roberto Sassu


> Kay



More information about the systemd-devel mailing list