aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMing Liu <liu.ming50@gmail.com>2021-03-01 13:35:58 +0100
committerArmin Kuster <akuster808@gmail.com>2021-03-04 13:09:24 -0800
commit3daf99fd138b0eebe864bbe1b9c71241d97c4512 (patch)
tree7b91114101a09969febddd5925bb1743dfdd1a5b
parentbf83dca254c70901ac08a818cb0c36e30891f1e4 (diff)
downloadmeta-security-3daf99fd138b0eebe864bbe1b9c71241d97c4512.tar.gz
meta-security-3daf99fd138b0eebe864bbe1b9c71241d97c4512.tar.bz2
meta-security-3daf99fd138b0eebe864bbe1b9c71241d97c4512.zip
ima-policy-hashed: add CGROUP2_SUPER_MAGIC fsmagicgatesgarth
This fixes following systemd boot issues: [ 7.455580] systemd[1]: Failed to create /init.scope control group: Permission denied [ 7.457677] systemd[1]: Failed to allocate manager object: Permission denied [!!!!!!] Failed to allocate manager object. [ 7.459270] systemd[1]: Freezing execution. Signed-off-by: Ming Liu <liu.ming50@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
-rw-r--r--meta-integrity/recipes-security/ima_policy_hashed/files/ima_policy_hashed3
1 files changed, 3 insertions, 0 deletions
diff --git a/meta-integrity/recipes-security/ima_policy_hashed/files/ima_policy_hashed b/meta-integrity/recipes-security/ima_policy_hashed/files/ima_policy_hashed
index 7f89c8d..4d9e4ca 100644
--- a/meta-integrity/recipes-security/ima_policy_hashed/files/ima_policy_hashed
+++ b/meta-integrity/recipes-security/ima_policy_hashed/files/ima_policy_hashed
@@ -53,6 +53,9 @@ dont_measure fsmagic=0x43415d53
# CGROUP_SUPER_MAGIC
dont_appraise fsmagic=0x27e0eb
dont_measure fsmagic=0x27e0eb
+# CGROUP2_SUPER_MAGIC
+dont_appraise fsmagic=0x63677270
+dont_measure fsmagic=0x63677270
# EFIVARFS_MAGIC
dont_appraise fsmagic=0xde5e81e4
dont_measure fsmagic=0xde5e81e4