On Tue, 2019-01-29 at 14:21 +0530, rishi gupta wrote: > Hi Team, > > I set the policy for IMA as follows. (1) Files in partition B will be > appraised or not if its UUID is not yyyy-yy-yy-yy. (2) Do files in > partition C only will be appraised irrespective of whatever rule is > written for other partitions. > > My goal is to include a partition and exclude all other partitions. > > # Exclude partition A > dont_measure fsuuid=xxxx-xx-xx-xx > dont_appraise fsuuid=xxxx-xx-xx-xx > > # Exclude partition B (Problem here) > dont_measure fsuuid=yyyy-yy-yy-yy > dont_appraise fsuuid=yyyy-yy-yy-yy > > # Appraise partition C > appraise fsuuid=zzzz-zz-zz-zz appraise_type=imasig Are you having problems with these policy rules? Policy rules are handled sequentially. Just make sure these rules are before any of the other "appraise" rules. Mimi
