mirror of
https://github.com/jiazhang0/meta-secure-core.git
synced 2026-07-16 20:56:58 +00:00
key-store: rename ima private key and certificate on target
If sample keys are selected, key-store service will deploy IMA private key during first boot, but beople may be confused if we deploy a sample private key like "xxx.crt", so this commit is making sure key/cert on target are consistent with key files on build system. Signed-off-by: Yunguo Wei <yunguo.wei@windriver.com>
This commit is contained in:
@@ -110,10 +110,10 @@ for cert in ${ROOT_DIR}/etc/keys/x509_secondary_*.der; do
|
||||
fi
|
||||
done
|
||||
|
||||
# The trusted IMA certificate /etc/keys/x509_evm.der in initramfs was
|
||||
# The trusted IMA certificate /etc/keys/x509_ima.der in initramfs was
|
||||
# automatically loaded by kernel already. Here is the opportunity to load
|
||||
# a custom IMA certificate from the real rootfs.
|
||||
for cert in ${ROOT_DIR}/etc/keys/x509_evm*.der; do
|
||||
for cert in ${ROOT_DIR}/etc/keys/x509_ima*.der; do
|
||||
[ ! -s "$cert" ] && continue
|
||||
name=`basename $cert`
|
||||
|
||||
|
||||
Reference in New Issue
Block a user