Git-Mirrors/security-misc
1
0
Fork 0
mirror of https://github.com/Kicksecure/security-misc.git synced 2025-05-02 17:54:51 -04:00
Code Issues Projects Releases Packages Wiki Activity

improve remount-secure

Browse source
This commit is contained in:
Patrick Schleizer 2023-10-22 16:08:21 -04:00
parent 555d83792d
commit 5182d7502b
No known key found for this signature in database
GPG key ID: CB8D50BB77BB3C48
2 changed files with 75 additions and 37 deletions
Download patch file Download diff file Expand all files Collapse all files

26
usr/lib/dracut/modules.d/20remount-secure/remount-secure.sh
View file

@ -9,29 +9,15 @@
remount_hook() {
local remountsecure_action
## getarg returns the last parameter only.
## if /proc/cmdline contains 'remountsecure=0 remountsecure=1 remountsecure=noexec' the last one wins.
## If /proc/cmdline contains 'remountsecure=0 remountsecure=1' the last one wins.
remountsecure_action=$(getarg remountsecure)
if [ "$remountsecure_action" = "1" ]; then
if ! remount-secure; then
warn "$0: ERROR: 'remount-secure' failed."
return 1
fi
info "$0: INFO: 'remount-secure' success."
return 0
if ! remount-secure $remountsecure_action; then
warn "$0: ERROR: 'remount-secure $remountsecure_action' failed."
return 1
fi
if [ "$remountsecure_action" = "noexec" ]; then
if ! remount-secure --remountnoexec; then
warn "$0: ERROR: 'remount-secure --remountnoexec' failed."
return 1
fi
info "$0: INFO: 'remount-secure --remountnoexec' success."
return 0
fi
warn "$0: WARNING: Not using remount-secure."
return 1
info "$0: INFO: 'remount-secure $remountsecure_action' success."
return 0
}
remount_hook