summaryrefslogtreecommitdiff
path: root/helpers
diff options
context:
space:
mode:
authorChris Lamb <chris@chris-lamb.co.uk>2008-03-23 04:27:21 +0000
committerDaniel Baumann <daniel@debian.org>2011-03-09 19:03:30 +0100
commit120528e1a2fb30ae5826d3a1c0f6fa5d658dd336 (patch)
tree747fbf67e3e9065105712d2e8ffa83dc0c40fb41 /helpers
parent55472e65570b2ebd33a0bd9ca4aebfb0cad203e4 (diff)
downloadvyos-live-build-120528e1a2fb30ae5826d3a1c0f6fa5d658dd336.tar.gz
vyos-live-build-120528e1a2fb30ae5826d3a1c0f6fa5d658dd336.zip
lh_chroot_hacks: Ensure initrds are group- and world- readable
The loop-aes-utils sets a umask in its update-initramfs configuration, causing initrds to have "0600" permissions which causes boot failures when offering the files over netboot or similar. The justification given by loop-aes is that, as it supports encrypting against embedded GPG keyrings, the keys would be compromised if the files were group- or world- readable. However, as live-helper does not support this feature, it is safe to simply correct the permissions.
Diffstat (limited to 'helpers')
-rwxr-xr-xhelpers/lh_chroot_hacks4
1 files changed, 4 insertions, 0 deletions
diff --git a/helpers/lh_chroot_hacks b/helpers/lh_chroot_hacks
index 753fcb681..7a90d369b 100755
--- a/helpers/lh_chroot_hacks
+++ b/helpers/lh_chroot_hacks
@@ -82,6 +82,10 @@ fi
# Update initramfs
Chroot "update-initramfs -k all -t -u"
+# Ensure readable permissions on initramfs. loop-aes-utils sets umask to
+# protect GPG keys, which live-helper does not support.
+chmod go+r chroot/boot/initrd*
+
# Remove build systems clock drift
echo "0.0 0 0.0" > chroot/etc/adjtime