diff options
| author | Daniil Baturin <daniil@baturin.org> | 2023-09-29 14:59:46 +0100 |
|---|---|---|
| committer | Daniil Baturin <daniil@baturin.org> | 2023-09-29 14:59:46 +0100 |
| commit | c13949a63ee9ea4affade18fc944747c242909c3 (patch) | |
| tree | a8b30016fac603598939e3794c9849a1ad449e65 | |
| parent | 108255f13c602cc992f4ff0a509ef6ca4c084464 (diff) | |
| download | vyos-build-c13949a63ee9ea4affade18fc944747c242909c3.tar.gz vyos-build-c13949a63ee9ea4affade18fc944747c242909c3.zip | |
T5624: add a hook for deleting /etc/debian_version
| -rwxr-xr-x | data/live-build-config/hooks/live/30-remove-debian-version.chroot | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/data/live-build-config/hooks/live/30-remove-debian-version.chroot b/data/live-build-config/hooks/live/30-remove-debian-version.chroot new file mode 100755 index 00000000..64d00e26 --- /dev/null +++ b/data/live-build-config/hooks/live/30-remove-debian-version.chroot @@ -0,0 +1,13 @@ +#!/bin/sh + +# The /etc/debian_version file contains the Debian release version number. +#Since VyOS uses image-based upgrade, that file serves no useful purpose for us. +# +# However, security scanners love to jump to conclusions +# and declare an "old Debian version" vulnerable +# without checking if there may not be any packages from that version at all. +# Removing that file is an easy way to get fewer false positives. + +echo "I: Deleting the Debian version file" + +rm -f /etc/debian_version |