libimcv: Add Debian 12 (bookworm) to database

Because libcrypto and libssl are measured, we need a new group for Debian
versions with OpenSSL 3 (I've rather added a suffix to the old group as
that could eventually get removed, although we might need a 3.1 variant
in the future - maybe we should measure some other files?).

diff --git a/src/libimcv/imv/data.sql b/src/libimcv/imv/data.sql
index 1b32d28d4f96a633f93f9d01db4b9ea735d45d72..88e1e330f7d3747236d11d47d92b7a4e77e00ae3 100644 (file)
--- a/src/libimcv/imv/data.sql
+++ b/src/libimcv/imv/data.sql
@@ -616,6 +616,12 @@ INSERT INTO products (      /* 103 */
  'Debian 11 x86_64'
 );
 
+INSERT INTO products (      /* 104 */
+  name
+) VALUES (
+ 'Debian 12 x86_64'
+);
+
 /* Directories */
 
 INSERT INTO directories (              /*  1 */
@@ -740,6 +746,18 @@ INSERT INTO files (                                /*  6 */
   'tnc_config', 2
 );
 
+INSERT INTO files (             /*  7 */
+  name, dir
+) VALUES (
+ 'libcrypto.so.3', 11
+);
+
+INSERT INTO files (             /*  8 */
+  name, dir
+) VALUES (
+ 'libssl.so.3', 11
+);
+
 /* Algorithms */
 
 INSERT INTO algorithms (
@@ -995,7 +1013,7 @@ INSERT INTO groups (                       /*  4 */
 INSERT INTO groups (                   /*  5 */
   name, parent
 ) VALUES (
-  'Debian x86_64', 2
+  'Debian x86_64 OpenSSL 1.1', 2
 );
 
 INSERT INTO groups (                   /*  6 */
@@ -1064,6 +1082,12 @@ INSERT INTO groups (      /* 16 */
   'TPM TBOOT'
 );
 
+INSERT INTO groups (      /* 17 */
+  name, parent
+) VALUES (
+  'Debian x86_64', 2
+);
+
 /* Default Product Groups */
 
 INSERT INTO groups_product_defaults (
@@ -1678,6 +1702,12 @@ INSERT INTO groups_product_defaults (
   15, 79
 );
 
+INSERT INTO groups_product_defaults (
+  group_id, product_id
+) VALUES (
+  17, 104
+);
+
 /* Policies */
 
 INSERT INTO policies (                 /*  1 */
@@ -1812,6 +1842,18 @@ INSERT INTO policies (          /* 22 */
   16, 'TPM TBOOT Measurements', 'T', 2, 2
 );
 
+INSERT INTO policies (          /* 23 */
+  type, name, file, rec_fail, rec_noresult
+) VALUES (
+  6, 'Measure /usr/lib/x86_64-linux-gnu/libcrypto.so.3', 7, 2, 2
+);
+
+INSERT INTO policies (          /* 24 */
+  type, name, file, rec_fail, rec_noresult
+) VALUES (
+  6, 'Measure /usr/lib/x86_64-linux-gnu/libssl.so.3', 8, 2, 2
+);
+
 /* Enforcements */
 
 INSERT INTO enforcements (             /*  1 */
@@ -1922,6 +1964,18 @@ INSERT INTO enforcements (      /* 18 */
   22, 16, 60
 );
 
+INSERT INTO enforcements (      /* 19 */
+  policy, group_id, max_age
+) VALUES (
+  23, 17, 86400
+);
+
+INSERT INTO enforcements (      /* 20 */
+  policy, group_id, max_age
+) VALUES (
+  24, 17, 86400
+);
+
 /* swid_entities */
 
 INSERT INTO "swid_entities" (          /*  1 */