You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
After 'ostree-ext-cli ima-sign' is called on a dummy ostree repository, ostree checkout fails with an error related to fsetxattr:
fsetxattr(9, "", "\3\2\4\302\346%2\1\200\210\34D\326%\232\256\\370v\1776\233\376>(V\331\37\322\210\3\227"..., 393, 0) = -1 ERANGE (Numerical result out of range)
write(2, "error: Copy checkout of 3d0c9365"..., 161error: Copy checkout of 3d0c9365e02a275871097ec349c30e905d787937ca3293aad2014d84411a22cd to file.txt: Setting xattrs: fsetxattr(): Numerical result out of range
For some reason second fsetxattr parameter is an empty string, which looks obviously incorrect.
Note: if ostree init is called without --mode=archive then IMA signing fails, but may be that's expected.
Note: CONFIG_EXT4_FS_SECURITY is enabled, and I'm able to set attributes manually via setfattr
ostree version: 2024.5 ostree-ext-cli is compiled from recent ostree-rs-ext by cargo build
P.S. General context is that I'm trying to apply IMA signing to an embedded Linux yocto-based distro, but IMA file attributes are missing from rootfs. The above is done in scope of debugging this issue, as I'm not even able to check if attributes are properly set in the generated ostree repo.
The text was updated successfully, but these errors were encountered:
After 'ostree-ext-cli ima-sign' is called on a dummy ostree repository, ostree checkout fails with an error related to fsetxattr:
For some reason second fsetxattr parameter is an empty string, which looks obviously incorrect.
Testing script (see lines 15-20):
https://gist.github.com/vnd/48c4d57b646af9a6ba29e7453303b8a7
Note: if
ostree initis called without--mode=archivethen IMA signing fails, but may be that's expected.Note: CONFIG_EXT4_FS_SECURITY is enabled, and I'm able to set attributes manually via
setfattrostree version: 2024.5
ostree-ext-cliis compiled from recentostree-rs-extbycargo buildP.S. General context is that I'm trying to apply IMA signing to an embedded Linux yocto-based distro, but IMA file attributes are missing from rootfs. The above is done in scope of debugging this issue, as I'm not even able to check if attributes are properly set in the generated ostree repo.
The text was updated successfully, but these errors were encountered: