\chapter{Installation instructions}
\section{Installing IMA on Arch}
\url{https://wiki.archlinux.org/index.php/Kernel/Arch_Build_System} in combination with \url{https://wiki.gentoo.org/wiki/Integrity_Measurement_Architecture}:

\begin{lstlisting}
	sudo pacman -S asp base-devel
	cd ~
	mkdir build && cd build
	asp update linux
	asp export linux	#Linux repo exported to this directory
\end{lstlisting}
Change \emph{pkgbase} in \texttt{linux/PKGBUILD} to custom name, e.g. linux-ima.
Check \texttt{linux/config} for the following settings:
\begin{lstlisting}
	CONFIG_INTEGRITY=y
	CONFIG_IMA=y
	CONFIG_IMA_MEASURE_PCR_IDX=10
	CONFIG_IMA_LSM_RULES=y
	CONFIG_INTEGRITY_SIGNATURE=y
	CONFIG_IMA_APPRAISE=y
	IMA_APPRAISE_BOOTPARAM=y
\end{lstlisting}
For optimizing file access, add to every fstab-entry \emph{iversion}.
It prevents creating a hash of the file at every access.
Instead the hash will only be created when writing the file.

\texttt{updpkgsums} generates new checksums for the modified files.

\texttt{makepkg -s} then makes the new kernel

S\texttt{S}l\texttt{l}M\texttt{M}x\texttt{x}i\texttt{i} \textsf{Hallowelt}