Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 777300

Summary: system wont boot with both IMA (Integrity Measurement Architecture) and SELINUX enabled at the same time
Product: Gentoo Linux Reporter: ben <benjamin.gra>
Component: Current packagesAssignee: Gentoo Linux bug wranglers <bug-wranglers>
Status: RESOLVED DUPLICATE    
Severity: normal CC: jstein
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---

Description ben 2021-03-19 16:06:18 UTC 
"IMA + EVM + SELINUX" will not boot together you either have to choose one or the other. Either IMA or SELINUX alone but if both are enabled with EVM using TPM hardware to store keys system will not boot past initrc. Cant seem to find out what is going on. Boot is broken very early in the boot process during initrc. System can boot
with only selinux or IMA alone but not both.
Comment 1 ben 2021-03-19 17:31:32 UTC 
Im using custom IMA policy loaded in a initscript. Then EVM is enabled. EVM key blobs is also the first thing this script loads before IMA policy and EVM enable.
Comment 2 Jonas Stein gentoo-dev 2021-03-20 22:33:31 UTC 

*** This bug has been marked as a duplicate of bug 777294 ***
Comment 3 ben 2021-03-21 00:10:29 UTC 
This is a separate problem from bug 777294 why has it been maked as duplicate to 777294. These problems are not related at all I just included this problem in the other report as well.