Mudassar Aslam
mudas****@sics*****
Thu Sep 26 01:18:43 JST 2013
Hi I am setting up OpenPTS on Fedora 19 and following the user guide for Fedora 12 (section 5.2 in version 0.2.4). I have couple of questions: 1. Fedora 19 comes with grub2 whereas all the help I could find so far to set up measurements for IPL is about GRUB legacy (0.97 with patch). Even the OpenPTS user guide describes about old grub. I don't mind if my reference manifests don't have measurements for the grub. Is is necessary to have grub measurements when Linux-IMA is used? If yes, is it necessary to use old grub with patch or I can configure grub2 as well somehow? 2. I am asking this beacuse when I initialize the collector (ptsc -i), I get level 0 and level 1 RMs (i.e. rm0.xml, rm1.xml). However, when I check the status (ptsc -D), the FSM models it displays are only for BIOS (pcr0 to pcr7). Which means that GRUB models (pcr4,5,8) are not generated (may be because I don't have GRUB-IMA). But at the same time model and RM for pcr 10 (Linux-IMA) is also missing even though I have complied kernel with IMA enabled and have IMA measurements in /sys/kernel/security/ima/. Is this due to the missing GRUB-IMA? 3. The UML model for PCR10 in /usr/share/openpts/models is ima_rhel6_pcr10.uml. Is it OK to use this model in my /etc/ptsc.conf file when I am using Fedora? regards. -- *Mudassar Aslam* Cell: +46 (0)70-242-9981 -------------- next part -------------- An HTML attachment was scrubbed...Download -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 3750 bytes Desc: S/MIME Cryptographic Signature Url : http://lists.sourceforge.jp/mailman/archives/openpts-users/attachments/20130925/08dc3f4e/attachment.bin
Fork