Differences

This shows you the differences between two versions of the page.

--- aix:aix_trustexec [2025/01/16 12:31]
manu [Disable CHKEXEC, TE, TEP, TLP to install AIX package:]
+++ aix:aix_trustexec [2025/01/16 16:41] (current)
manu
@@ Line 47: / Line 47: @@
 </cli>
+<code>
 •	trustchk -t ALL reports an error message for
 •	/usr/ccs/lib/.recover/libc.a library.
@@ Line 56: / Line 57: @@
 •	trustchk: Verification of stanza failed:
 •	/usr/ccs/lib/.recover/libc.a
+</code>
+Secure boot: Signature verification failed for /usr/sbin/xntpd
+This issue can be worked around by deleting the erroneous entry from the Trusted Signature Database (TSD) by running:
+trustchk -d /usr/sbin/ntp4/ntpd4
+If you are already hitting this problem, then you need to reduce your Secure Boot policy to allow boot.  Then, delete the TSD entry, set the Secure Boot policy back to a level of 2 or less, and boot one more time.
 https://www.ibm.com/support/pages/aix-security-considerations-enabling-trusted-execution
 https://www.ibm.com/support/pages/node/630713
-https://www.ibm.com/support/pages/node/6513320
+AIX and TE (Trusted Execution): an underestimated security feature? part1\\
+https://community.ibm.com/community/user/power/blogs/christian-sonnemans1/2024/02/08/aix-and-te-sec-part1
+AIX and TE (Trusted Execution): an underestimated security feature? Part 2\\
+https://community.ibm.com/community/user/power/blogs/christian-sonnemans1/2024/02/22/aix-and-te-trusted-execution-an-underestimated-sec
+AIX and TE (Trusted Execution): an underestimated security feature? Part 3\\
+https://community.ibm.com/community/user/power/blogs/christian-sonnemans1/2024/03/21/aix-and-te-trusted-execution-an-underestimated-sec
+AIX and TE (Trusted Execution): an underestimated security feature? Part 4\\
+https://community.ibm.com/community/user/power/blogs/christian-sonnemans1/2024/04/15/aix-and-te-trusted-execution-an-underestimated-sec

wiki

User Tools

Site Tools

Differences

Page Tools