DBPolicyManager's getPolicy(appraiser, device) has historically
returned the default policy for an appraiser if none is defined
in the device group that the given device belongs to. However,
this behavior does not in fact support the current use of devices,
groups, and policies; in the case where a group has no policy
assigned for a type of appraiser, the system is in a state
where that type of appraisal will not occur for devices in
a given group. To better reflect desired behavior, the method
now returns null if a policy is not explicitly set for
the given (appraiser, device group) pair.
Closes#49.
ImaAcceptableRecordBaseline and its subclasses have been updated to include
a containsHashes method to be able to match IMA measurement records
based solely on their hashes. Supporting classes have been
updated or created as necessary.
Additionally, the set of path equivalencies as specified in the IMA
policy have been updated to include additional entries.
Closes#33.
The CentOS7 package selinux-policy-targeted does not allow Tomcat
to use port 3306, which is the default MySQL port. This commit
changes the ACA RPM to modify the SELinux policy to grant that
permission on fresh installs. This makes the ACA RPM now require
the policycoreutils package to be installed.
Added an additional null check for a platform supply validation. Added a mapping object for platform credential to the associated attributes during validations.
Added an additional null check for a platform supply validation. Added a mapping object for platform credential to the associated attributes during validations. Missed import statement.
