Policy Samples

This section includes contributed samples of a Boot Time Custom Policy or Runtime Custom Policy.

Each contribution should be a stand alone .rst file and include:

The use case, the rationale for the policy.
An explanation of nearly each line of the policy.
The complete policy, i.e., not a snippet. A policy can include comments with the # character.

Policy 1 Template

This is a template for contributions.

Use Case

This policy is used in an IoT device. It appraises these files and measures these other files. It is used with the Linux ABC distro and kernel 1.1.1 and greater.

Explanation

The measure rules ensure that. The appraises rules ensure that.

Policy

# this rule attests to this.
measure func=xyz
# this rule ensures that.
appraise func=abc