fix(integrity): do not display any error if there is no IMA certificate

IMA appraisal can be used without digital signatures, just by storing hash digests instead.
dracutdevs · May 26, 2022 · f63f411 · f63f411
1 parent b452270
commit f63f411
Showing 1 changed file with 1 addition and 2 deletions.
diff --git a/modules.d/98integrity/ima-keys-load.sh b/modules.d/98integrity/ima-keys-load.sh
@@ -17,8 +17,7 @@ load_x509_keys() {
         IMAKEYSDIR="/etc/keys/ima"
     fi
 
-    PUBKEY_LIST=$(ls "${NEWROOT}"${IMAKEYSDIR}/*)
-    for PUBKEY in ${PUBKEY_LIST}; do
+    for PUBKEY in "${NEWROOT}${IMAKEYSDIR}"/*; do
         # check for public key's existence
         if [ ! -f "${PUBKEY}" ]; then
             if [ "${RD_DEBUG}" = "yes" ]; then