veriexec database not loaded during the bootup

To: netbsd-users%NetBSD.org@localhost
Subject: veriexec database not loaded during the bootup
From: Martin T <m4rtntns%gmail.com@localhost>
Date: Sun, 25 Mar 2012 06:25:15 +0300

For testing purposes I tried to set up veriexec on NetBSD 5.1.2(i386).
First of all I created signatures file using the veriexecgen. I didn't
specify any options so this means that /etc/signatures file was chosen
as a fingerprint database, SHA256 hash function was used to create
hashes and /bin, /sbin, /usr/bin, /usr/sbin, /lib, /usr/lib, /libexec,
and /usr/libexec directories were searched for files. Fingerprint
database(/etc/signatures) looks fine to me. After that I enabled
veriexec in /etc/rc.conf file by adding "veriexec=YES" to the end of
the file. Then I added "kern.veriexec.strict=1" to the end of the
/etc/sysctl.conf file in order to specify strict level. Last but no
least I made the veriexec device file with "sh MAKEDEV /dev/veriexec"
and checked that it's there using the "ls -l /dev/veriexec".
Now if I reload the machine and would like to dump the veriexec
database from the kernel using the "veriexecctl dump", then nothing is
dumped. What might cause this? Or have I missed some steps?



martin

Prev by Date: Re: TFTP spawn issue
Next by Date: 6.0_BETA/i386 no longer does MP
Previous by Thread: TFTP spawn issue
Next by Thread: 6.0_BETA/i386 no longer does MP
Indexes:

Home | Main Index | Thread Index | Old Index