Some packages in Fedora 38 don't seem to carry IMA file signatures. With the rpm-plugin-ima installed on my system I get file signatures installed for most files but not all of them. Some packages I found without IMA file signatures are: jq-1.6-15.fc38.x86_64.rpm gpgme-1.17.1-3.fc38.x86_64 uresourced-0.5.3-2.fc37.x86_64 ; F37 package that should be rebuilt guile-2.0.14-30.fc38.x86_64 fcoe-utils-1.0.34-3.gitb233050.fc37.x86_64 ; F37 package ... Reproducible: Always Steps to Reproduce: 1. dnf -y install rpm-plugin-ima 2. dnf -y install jq 3. getfattr -m ^sec -e hex --dump /usr/bin/jq The last command returns nothing for security.ima Actual Results: # getfattr -m ^security -e hex --dump /usr/bin/jq getfattr: Removing leading '/' from absolute path names # file: usr/bin/jq security.selinux=0x73797374656d5f753a6f626a6563745f723a62696e5f743a733000 Expected Results: There should be a security.ima xattr. Other way to find unsigned files: getfattr -m ^security -e hex --dump /usr/*bin/* | grep -v security.selinux | less
Upgraded to F39 and it looks better there now.