IMA: move the default policy file to /etc/ima directory

Signed-off-by: Lans Zhang <jia.zhang@windriver.com>

2 files changed, 10 insertions, 8 deletions

diff --git a/meta-integrity/recipes-core/initrdscripts/files/init.ima b/meta-integrity/recipes-core/initrdscripts/files/init.ima
index fce7eae..65d4a37 100755
--- a/meta-integrity/recipes-core/initrdscripts/files/init.ima
+++ b/meta-integrity/recipes-core/initrdscripts/files/init.ima
@@ -26,7 +26,7 @@ ROOT_DIR="${1}"
 SECURITYFS_DIR="${ROOT_DIR}/sys/kernel/security"
 
 # The policy files are always placed in initramfs
-IMA_POLICY=/etc/ima_policy
+IMA_POLICY=/etc/ima/ima_policy
 
 SECURITYFS_MOUNTED=0
 
diff --git a/meta-integrity/recipes-support/ima-policy/ima-policy_0.1.bb b/meta-integrity/recipes-support/ima-policy/ima-policy_0.1.bb
index 982717a..9175839 100644
--- a/meta-integrity/recipes-support/ima-policy/ima-policy_0.1.bb
+++ b/meta-integrity/recipes-support/ima-policy/ima-policy_0.1.bb
@@ -1,18 +1,20 @@
 DESCRIPTION = "The default external IMA policy"
 LICENSE = "MIT"
-LIC_FILES_CHKSUM = "file://${COREBASE}/LICENSE;md5=4d92cd373abda3937c2bc47fbc49d690 \
-                    file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420"
+LIC_FILES_CHKSUM = "\
+    file://${COREBASE}/LICENSE;md5=4d92cd373abda3937c2bc47fbc49d690 \
+    file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420 \
+"
 
-SRC_URI = " \
-           file://ima_policy.default \
-          "
+SRC_URI = "\
+    file://ima_policy.default \
+"
 
 S = "${WORKDIR}"
 
 do_install() {
-    install -d "${D}${sysconfdir}"
+    install -d "${D}${sysconfdir}/ima"
     install -m 0400 "${WORKDIR}/ima_policy.default" \
-        "${D}${sysconfdir}"
+        "${D}${sysconfdir}/ima"
 }
 
 FILES_${PN} = "${sysconfdir}"