lh_chroot_hacks: Ensure initrds are group- and world- readable

The loop-aes-utils sets a umask in its update-initramfs configuration, causing initrds to have "0600" permissions which causes boot failures when offering the files over netboot or similar. The justification given by loop-aes is that, as it supports encrypting against embedded GPG keyrings, the keys would be compromised if the files were group- or world- readable. However, as live-helper does not support this feature, it is safe to simply correct the permissions. Signed-off-by: Chris Lamb <chris@chris-lamb.co.uk>
author: Chris Lamb <chris@chris-lamb.co.uk> 2008-03-23 04:27:21 +0000
committer: Chris Lamb <chris@chris-lamb.co.uk> 2008-03-23 04:27:21 +0000
commit: 71503807d81c29a47f18d68f78ff9b8c9e157345 (patch)
tree: 747fbf67e3e9065105712d2e8ffa83dc0c40fb41 /helpers
parent: 1ca0b58aac2ab58b900eb0c44490ba15d0052f2a (diff)
download: vyos-live-build-71503807d81c29a47f18d68f78ff9b8c9e157345.tar.gz
vyos-live-build-71503807d81c29a47f18d68f78ff9b8c9e157345.zip
1 files changed, 4 insertions, 0 deletions
diff --git a/helpers/lh_chroot_hacks b/helpers/lh_chroot_hacks
index 753fcb681..7a90d369b 100755
--- a/helpers/lh_chroot_hacks
+++ b/helpers/lh_chroot_hacks
@@ -82,6 +82,10 @@ fi
 # Update initramfs
 Chroot "update-initramfs -k all -t -u"
 
+# Ensure readable permissions on initramfs. loop-aes-utils sets umask to
+# protect GPG keys, which live-helper does not support.
+chmod go+r chroot/boot/initrd*
+
 # Remove build systems clock drift
 echo "0.0 0 0.0" > chroot/etc/adjtime
author	Chris Lamb <chris@chris-lamb.co.uk>	2008-03-23 04:27:21 +0000
committer	Chris Lamb <chris@chris-lamb.co.uk>	2008-03-23 04:27:21 +0000
commit	71503807d81c29a47f18d68f78ff9b8c9e157345 (patch)
tree	747fbf67e3e9065105712d2e8ffa83dc0c40fb41 /helpers
parent	1ca0b58aac2ab58b900eb0c44490ba15d0052f2a (diff)
download	vyos-live-build-71503807d81c29a47f18d68f78ff9b8c9e157345.tar.gz vyos-live-build-71503807d81c29a47f18d68f78ff9b8c9e157345.zip