SVN: geninitrd/trunk/geninitrd
arekm
arekm at pld-linux.org
Sun Mar 2 22:21:58 CET 2008
Author: arekm
Date: Sun Mar 2 22:21:57 2008
New Revision: 9559
Modified:
geninitrd/trunk/geninitrd
Log:
debugshell is potential security weakness so make it dependant on sysconfig/system:RUN_SULOGIN_ON_ERR
Modified: geninitrd/trunk/geninitrd
==============================================================================
--- geninitrd/trunk/geninitrd (original)
+++ geninitrd/trunk/geninitrd Sun Mar 2 22:21:57 2008
@@ -17,6 +17,7 @@
. /etc/rc.d/init.d/functions
. /etc/geninitrd/functions
+. /etc/sysconfig/system
COMPRESS=yes
USERAIDSTART=yes
@@ -1842,7 +1843,17 @@
# make debugshell() invoke subshell if $DEBUGINITRD=sh
if [ "$DEBUGINITRD" = "sh" ]; then
debugshell() {
- sh
+EOF
+if is_yes "$RUN_SULOGIN_ON_ERR"; then
+add_linuxrc <<-'EOF'
+ echo "debug shell disabled by /etc/sysconfig/system:RUN_SULOGIN_ON_ERR setting"
+EOF
+else
+add_linuxrc <<-'EOF'
+ sh
+EOF
+fi
+add_linuxrc <<-'EOF'
}
else
debugshell() {
More information about the pld-cvs-commit
mailing list