]> git.ipfire.org Git - thirdparty/dracut.git/commitdiff
fix(integrity): do not display any error if there is no IMA certificate
authorAntonio Alvarez Feijoo <antonio.feijoo@suse.com>
Tue, 24 May 2022 14:34:04 +0000 (16:34 +0200)
committerJóhann B. Guðmundsson <johannbg@gmail.com>
Thu, 26 May 2022 19:22:13 +0000 (19:22 +0000)
IMA appraisal can be used without digital signatures, just by storing hash
digests instead.

modules.d/98integrity/ima-keys-load.sh

index 2959331a6d20bf4f527a0d8d84761ae602a5a865..be234761d825cf5b42d041155d28512335153d77 100755 (executable)
@@ -17,8 +17,7 @@ load_x509_keys() {
         IMAKEYSDIR="/etc/keys/ima"
     fi
 
-    PUBKEY_LIST=$(ls "${NEWROOT}"${IMAKEYSDIR}/*)
-    for PUBKEY in ${PUBKEY_LIST}; do
+    for PUBKEY in "${NEWROOT}${IMAKEYSDIR}"/*; do
         # check for public key's existence
         if [ ! -f "${PUBKEY}" ]; then
             if [ "${RD_DEBUG}" = "yes" ]; then