The original systemd IMA module loaded the IMA policy by mmaping the file into memory and then writing the entire file to <securityfs>/ima/policy. By changing this behavior of writing the entire file, commit 4dfb18922d5d "ima-setup: simplify" broke IMA policy loading. Version-Release number of selected component (if applicable): Fedora 22: systemd src/core/ima-setup.c How reproducible: Always Steps to Reproduce: 1. On boot with an IMA policy in /etc/ima/ima-policy (default location) Actual results: systemd[1]: Failed to load the IMA custom policy file /etc/ima/ima-policy: Invalid argument IMA: policy updated failed [!!!!!!] Failed to load IMA policy, freezing Expected results: systemd[1]: Successfully loaded the IMA custom policy /etc/ima/ima-policy kernel: IMA: policy update completed Additional info: Please revert commit 4dfb18922d5d1efb13ee459cbf23832277f85ed7 and the related hunk in commit 7430ec6ac08f2c0416d9f806964c46b30f3862b2. This bug was reported by Patrick Ohly.
"[PATCH] Partially revert "ma-setup: simplify" by Zbigniew Jędrzejewski-Szmek http://lists.freedesktop.org/archives/systemd-devel/2015-June/032632.html fixes the regression. Please pick up the patch.
https://github.com/systemd/systemd/pull/167 merged.
systemd-219-19.fc22 has been submitted as an update for Fedora 22. https://admin.fedoraproject.org/updates/systemd-219-19.fc22
Package systemd-219-19.fc22: * should fix your issue, * was pushed to the Fedora 22 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing systemd-219-19.fc22' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2015-11332/systemd-219-19.fc22 then log in and leave karma (feedback).
systemd-219-19.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report.