lh_chroot_hacks: Ensure initrds are group- and world- readable
The loop-aes-utils sets a umask in its update-initramfs configuration, causing initrds to have "0600" permissions which causes boot failures when offering the files over netboot or similar. The justification given by loop-aes is that, as it supports encrypting against embedded GPG keyrings, the keys would be compromised if the files were group- or world- readable. However, as live-helper does not support this feature, it is safe to simply correct the permissions. Signed-off-by: Chris Lamb <chris@chris-lamb.co.uk>
This commit is contained in:
parent
1ca0b58aac
commit
71503807d8
|
@ -82,6 +82,10 @@ fi
|
|||
# Update initramfs
|
||||
Chroot "update-initramfs -k all -t -u"
|
||||
|
||||
# Ensure readable permissions on initramfs. loop-aes-utils sets umask to
|
||||
# protect GPG keys, which live-helper does not support.
|
||||
chmod go+r chroot/boot/initrd*
|
||||
|
||||
# Remove build systems clock drift
|
||||
echo "0.0 0 0.0" > chroot/etc/adjtime
|
||||
|
||||
|
|
Loading…
Reference in New Issue