rpms/keylime
6
0
Fork 0
Code Issues Pull Requests Releases Activity

Fix tmpfiles.d configuration related to the cert store

Browse Source 
Resolves: RHEL-104571

Signed-off-by: Sergio Correia <scorreia@redhat.com>
This commit is contained in:
Sergio Correia 2025-07-22 05:33:14 -03:00
parent 17296a6b3a
commit e502db4d71
No known key found for this signature in database
GPG Key ID: D0D219ED1F7E762C
1 changed files with 3 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
keylime.tmpfiles
View File

@ -1,6 +1,5 @@
d /run/keylime 0700 keylime keylime -
d /var/lib/keylime/tpm_cert_store 0500 keylime keylime -
d /var/lib/keylime 0700 keylime keylime -
d /etc/keylime 0500 keylime keylime -
@ -11,13 +10,13 @@ d /etc/keylime/tenant.conf.d 0500 keylime keylime -
d /etc/keylime/agent.conf.d 0500 keylime keylime -
# TPM certificate store.
# Copy the cert store from /usr/share/keylime/cert_store_dir
# to /var/lib/keylime/cert_store_dir.
# Copy the cert store from /usr/share/keylime/tpm_cert_store
# to /var/lib/keylime/tpm_cert_store.
# Files inside /var/lib/keylime/tpm_cert_store/ have
# 0400 permission and are owned by keylime/keylime,
# while /var/lib/keylime/tpm_cert_store/ itself has
# permission 0500, also owned by keylime/keylime.
C /var/lib/keylime/tpm_cert_store 0500 keylime keylime - /usr/share/keylime/cert_store_dir
C /var/lib/keylime/tpm_cert_store 0500 keylime keylime - /usr/share/keylime/tpm_cert_store
Z /var/lib/keylime/tpm_cert_store 0400 keylime keylime -
z /var/lib/keylime/tpm_cert_store 0500 keylime keylime -
# Finally, /var/lib/keylime itself has 0700 permission,