For discussion of Alpine Linux development and developer support

[alpine-devel] Permissions on initramfs with cryptkey feature

Daniel Gerber
Details
Message ID
<87pntw1cdg.fsf@atufi.org>
Sender timestamp
1545317403
DKIM signature
missing
Download raw message
Patch: +1 -0
Hello alpine,

When using mkinitfs cryptkey feature, shouldn't the initramfs file 
have stricter permissions? It would be convenient if it were done 
by default in the mkinitfs package.


diff --git a/main/mkinitfs/mkinitfs.trigger 
b/main/mkinitfs/mkinitfs.trigger
index e8acc97854..53125959f3 100644
--- a/main/mkinitfs/mkinitfs.trigger
+++ b/main/mkinitfs/mkinitfs.trigger
@@ -13,6 +13,7 @@ for i in "$@"; do
 	abi_release=$(cat "$i"/kernel.release)
 	initfs=initramfs-$flavor
 	mkinitfs -o /boot/$initfs $abi_release
+	chmod 0600 /boot/$initfs
 done

 # extlinux will use path relative partition, so if /boot is on a



--
Daniel Gerber
--


---
Unsubscribe:  alpine-devel+unsubscribe@lists.alpinelinux.org
Help:         alpine-devel+help@lists.alpinelinux.org
---