SVN: geninitrd/trunk/geninitrd

[arekm]

Author: arekm
Date: Sun Mar  2 22:21:57 2008
New Revision: 9559

Modified:
   geninitrd/trunk/geninitrd
Log:
debugshell is potential security weakness so make it dependant on 
sysconfig/system:RUN_SULOGIN_ON_ERR

Modified: geninitrd/trunk/geninitrd
==============================================================================
--- geninitrd/trunk/geninitrd   (original)
+++ geninitrd/trunk/geninitrd   Sun Mar  2 22:21:57 2008
@@ -17,6 +17,7 @@
 
 . /etc/rc.d/init.d/functions
 . /etc/geninitrd/functions
+. /etc/sysconfig/system
 
 COMPRESS=yes
 USERAIDSTART=yes
@@ -1842,7 +1843,17 @@
        # make debugshell() invoke subshell if $DEBUGINITRD=sh
        if [ "$DEBUGINITRD" = "sh" ]; then
                debugshell() {
-                       sh
+EOF
+if is_yes "$RUN_SULOGIN_ON_ERR"; then
+add_linuxrc <<-'EOF'
+       echo "debug shell disabled by /etc/sysconfig/system:RUN_SULOGIN_ON_ERR 
setting"
+EOF
+else
+add_linuxrc <<-'EOF'
+       sh
+EOF
+fi
+add_linuxrc <<-'EOF'
                }
        else
                debugshell() {
_______________________________________________
pld-cvs-commit mailing list
pld-cvs-commit@lists.pld-linux.org
http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit