[SCM] debian-live/live-helper branch, master, updated. 1.0_a40-1-17-g7150380

Chris Lamb chris at chris-lamb.co.uk
Sun Mar 23 06:34:11 UTC 2008


The following commit has been merged in the master branch:
commit 71503807d81c29a47f18d68f78ff9b8c9e157345
Author: Chris Lamb <chris at chris-lamb.co.uk>
Date:   Sun Mar 23 04:27:21 2008 +0000

    lh_chroot_hacks: Ensure initrds are group- and world- readable
    
    The loop-aes-utils sets a umask in its update-initramfs configuration,
    causing initrds to have "0600" permissions which causes boot failures
    when offering the files over netboot or similar.
    
    The justification given by loop-aes is that, as it supports encrypting
    against embedded GPG keyrings, the keys would be compromised if the files
    were group- or world- readable. However, as live-helper does not support
    this feature, it is safe to simply correct the permissions.
    
    Signed-off-by: Chris Lamb <chris at chris-lamb.co.uk>

diff --git a/helpers/lh_chroot_hacks b/helpers/lh_chroot_hacks
index 753fcb6..7a90d36 100755
--- a/helpers/lh_chroot_hacks
+++ b/helpers/lh_chroot_hacks
@@ -82,6 +82,10 @@ fi
 # Update initramfs
 Chroot "update-initramfs -k all -t -u"
 
+# Ensure readable permissions on initramfs. loop-aes-utils sets umask to
+# protect GPG keys, which live-helper does not support.
+chmod go+r chroot/boot/initrd*
+
 # Remove build systems clock drift
 echo "0.0 0 0.0" > chroot/etc/adjtime
 

-- 
debian-live/live-helper



More information about the debian-live-changes mailing list