[SCM] debian-live/live-helper branch, master, updated. 1.0_a40-1-17-g7150380
Chris Lamb
chris at chris-lamb.co.uk
Sun Mar 23 06:34:11 UTC 2008
The following commit has been merged in the master branch:
commit 71503807d81c29a47f18d68f78ff9b8c9e157345
Author: Chris Lamb <chris at chris-lamb.co.uk>
Date: Sun Mar 23 04:27:21 2008 +0000
lh_chroot_hacks: Ensure initrds are group- and world- readable
The loop-aes-utils sets a umask in its update-initramfs configuration,
causing initrds to have "0600" permissions which causes boot failures
when offering the files over netboot or similar.
The justification given by loop-aes is that, as it supports encrypting
against embedded GPG keyrings, the keys would be compromised if the files
were group- or world- readable. However, as live-helper does not support
this feature, it is safe to simply correct the permissions.
Signed-off-by: Chris Lamb <chris at chris-lamb.co.uk>
diff --git a/helpers/lh_chroot_hacks b/helpers/lh_chroot_hacks
index 753fcb6..7a90d36 100755
--- a/helpers/lh_chroot_hacks
+++ b/helpers/lh_chroot_hacks
@@ -82,6 +82,10 @@ fi
# Update initramfs
Chroot "update-initramfs -k all -t -u"
+# Ensure readable permissions on initramfs. loop-aes-utils sets umask to
+# protect GPG keys, which live-helper does not support.
+chmod go+r chroot/boot/initrd*
+
# Remove build systems clock drift
echo "0.0 0 0.0" > chroot/etc/adjtime
--
debian-live/live-helper
More information about the debian-live-changes
mailing list