diff options
author | Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> | 2022-07-01 10:58:01 +0200 |
---|---|---|
committer | Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> | 2022-07-06 16:33:11 +0200 |
commit | 035f8acdf737ee5e0c49feaa14dd8cfcea0ffa5f (patch) | |
tree | 742db52f0ff90321ae6e8f0c4162392bd885cc45 /src | |
parent | f5f5047ff1d4008687186a45066f94f5b3a830fa (diff) | |
download | systemd-035f8acdf737ee5e0c49feaa14dd8cfcea0ffa5f.tar.gz |
kernel-install: do not silently ignore files we can't read
'test -r' is changed to 'test -f' everywhere. If the file exists but we
cannot read it, it would be better if we fail with a permission error. E.g. if
/etc/kernel/cmdline is unreadable, and we're running something as non-root, we
shouldn't fall back to /usr/lib/kernel/cmdline. This commit doesn't resolve
this fully, because we're not running with 'set -e', but this is a preparator
step.
Diffstat (limited to 'src')
-rw-r--r-- | src/kernel-install/90-loaderentry.install | 10 | ||||
-rwxr-xr-x | src/kernel-install/kernel-install.in | 16 |
2 files changed, 15 insertions, 11 deletions
diff --git a/src/kernel-install/90-loaderentry.install b/src/kernel-install/90-loaderentry.install index 549437c7cd..ee55965110 100644 --- a/src/kernel-install/90-loaderentry.install +++ b/src/kernel-install/90-loaderentry.install @@ -52,10 +52,10 @@ case "$COMMAND" in ;; esac -if [ -r /etc/os-release ]; then +if [ -f /etc/os-release ]; then # shellcheck source=/dev/null . /etc/os-release -elif [ -r /usr/lib/os-release ]; then +elif [ -f /usr/lib/os-release ]; then # shellcheck source=/dev/null . /usr/lib/os-release fi @@ -65,9 +65,9 @@ fi SORT_KEY="$IMAGE_ID" [ -z "$SORT_KEY" ] && SORT_KEY="$ID" -if [ -r /etc/kernel/cmdline ]; then +if [ -f /etc/kernel/cmdline ]; then BOOT_OPTIONS="$(tr -s "$IFS" ' ' </etc/kernel/cmdline)" -elif [ -r /usr/lib/kernel/cmdline ]; then +elif [ -f /usr/lib/kernel/cmdline ]; then BOOT_OPTIONS="$(tr -s "$IFS" ' ' </usr/lib/kernel/cmdline)" else BOOT_OPTIONS="$(tr -s "$IFS" '\n' </proc/cmdline | grep -ve '^BOOT_IMAGE=' -e '^initrd=' | tr '\n' ' ')" @@ -83,7 +83,7 @@ if [ "$ENTRY_TOKEN" = "$MACHINE_ID" ]; then BOOT_OPTIONS="$BOOT_OPTIONS systemd.machine_id=$MACHINE_ID" fi -if [ -r /etc/kernel/tries ]; then +if [ -f /etc/kernel/tries ]; then read -r TRIES </etc/kernel/tries if ! echo "$TRIES" | grep -q '^[0-9][0-9]*$'; then echo "/etc/kernel/tries does not contain an integer." >&2 diff --git a/src/kernel-install/kernel-install.in b/src/kernel-install/kernel-install.in index c3181ef5f5..044ba9f6f2 100755 --- a/src/kernel-install/kernel-install.in +++ b/src/kernel-install/kernel-install.in @@ -108,9 +108,9 @@ initrd_generator= _MACHINE_ID_SAVED="$MACHINE_ID" _BOOT_ROOT_SAVED="$BOOT_ROOT" -if [ -r "/etc/kernel/install.conf" ]; then +if [ -f "/etc/kernel/install.conf" ]; then install_conf="/etc/kernel/install.conf" -elif [ -r "/usr/lib/kernel/install.conf" ]; then +elif [ -f "/usr/lib/kernel/install.conf" ]; then install_conf="/usr/lib/kernel/install.conf" else install_conf= @@ -150,11 +150,14 @@ fi # /etc/machine-info to use for our purpose, we'll use that instead (for # compatibility). # shellcheck source=/dev/null -if [ -z "$MACHINE_ID" ] && [ -r /etc/machine-info ] && . /etc/machine-info && MACHINE_ID="$KERNEL_INSTALL_MACHINE_ID"; then +if [ -z "$MACHINE_ID" ] && [ -f /etc/machine-info ]; then + . /etc/machine-info + MACHINE_ID="$KERNEL_INSTALL_MACHINE_ID" [ -n "$MACHINE_ID" ] && [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \ echo "machine-id $MACHINE_ID acquired from /etc/machine-info" fi -if [ -z "$MACHINE_ID" ] && [ -r /etc/machine-id ] && read -r MACHINE_ID </etc/machine-id; then +if [ -z "$MACHINE_ID" ] && [ -f /etc/machine-id ]; then + read -r MACHINE_ID </etc/machine-id [ -n "$MACHINE_ID" ] && [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \ echo "machine-id $MACHINE_ID acquired from /etc/machine-id" fi @@ -168,7 +171,8 @@ fi # $BOOT where we want to place the kernel/initrd and related resources, as well # for naming the .conf boot loader spec entry. Typically this is just the # machine ID, but it can be anything else, too, if we are told so. -if [ -z "$ENTRY_TOKEN" ] && [ -r /etc/kernel/entry-token ] && read -r ENTRY_TOKEN </etc/kernel/entry-token; then +if [ -z "$ENTRY_TOKEN" ] && [ -f /etc/kernel/entry-token ]; then + read -r ENTRY_TOKEN </etc/kernel/entry-token [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \ echo "entry-token \"$ENTRY_TOKEN\" acquired from /etc/kernel/entry-token" fi @@ -178,7 +182,7 @@ if [ -z "$ENTRY_TOKEN" ]; then # string "Default" ENTRY_TOKEN_SEARCH="$MACHINE_ID" # shellcheck source=/dev/null - [ -r /etc/os-release ] && . /etc/os-release + [ -f /etc/os-release ] && . /etc/os-release [ -n "$IMAGE_ID" ] && ENTRY_TOKEN_SEARCH="$ENTRY_TOKEN_SEARCH $IMAGE_ID" [ -n "$ID" ] && ENTRY_TOKEN_SEARCH="$ENTRY_TOKEN_SEARCH $ID" ENTRY_TOKEN_SEARCH="$ENTRY_TOKEN_SEARCH Default" |