packages/anaconda
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

change the grub2 user.cfg permission from 0700 to 0600

Browse Source
This commit is contained in:
zhangqiumiao 2022-04-08 17:16:39 +08:00
parent 7085911d72
commit e5551e9693
2 changed files with 32 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
anaconda.spec
View File

@ -1,7 +1,7 @@
%define _empty_manifest_terminate_build 0 %define _empty_manifest_terminate_build 0
Name: anaconda Name: anaconda
Version: 33.19 Version: 33.19
Release: 42 Release: 43
Summary: Graphical system installer Summary: Graphical system installer
License: GPLv2+ and MIT License: GPLv2+ and MIT
URL: http://fedoraproject.org/wiki/Anaconda URL: http://fedoraproject.org/wiki/Anaconda
@ -121,8 +121,9 @@ Patch9028: Change-sidebar-background-size.patch
Patch6078: bugfix-Cancel-planned-manual-update-of-system-time-on-turni.patch Patch6078: bugfix-Cancel-planned-manual-update-of-system-time-on-turni.patch
Patch9029: support-use-sm3-crypt-user-password.patch Patch9029: support-use-sm3-crypt-user-password.patch
Patch6079: backport-remove-authconfig-support.patch Patch6079: backport-remove-authconfig-support.patch
Patch6080: bugfix-change-the-startup-mode-of-do_transaction-sub-proces.patch Patch6080: backport-change-the-grub2-user-cfg-permission-from-0700-to-0600.patch
Patch6081: Support-configuration-of-additional-boot-arguments.patch Patch6081: bugfix-change-the-startup-mode-of-do_transaction-sub-proces.patch
Patch6082: Support-configuration-of-additional-boot-arguments.patch
%define dbusver 1.2.3 %define dbusver 1.2.3
%define dnfver 3.6.0 %define dnfver 3.6.0
@ -362,6 +363,12 @@ update-desktop-database &> /dev/null || :
%{_prefix}/libexec/anaconda/dd_* %{_prefix}/libexec/anaconda/dd_*
%changelog %changelog
* Fri Apr 8 2022 zhangqiumiao <zhangqiumiao1@huawei.com> - 33.19-43
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:change the grub2 user.cfg permission from 0700 to 0600
* Thu Apr 7 2022 zhangqiumiao <zhangqiumiao1@huawei.com> - 33.19-42 * Thu Apr 7 2022 zhangqiumiao <zhangqiumiao1@huawei.com> - 33.19-42
- Type:bugfix - Type:bugfix
- CVE:NA - CVE:NA

22
backport-change-the-grub2-user-cfg-permission-from-0700-to-0600.patch Normal file
View File

@ -0,0 +1,22 @@
From 7db645b89c3c68fbd116dbb8c6e6c1b4ab8eeb07 Mon Sep 17 00:00:00 2001
From: bitcoffee <854182924@qq.com>
Date: Tue, 2 Mar 2021 16:11:35 +0800
Subject: [PATCH] change the grub2 user.cfg permission from 0600 to 0700
---
pyanaconda/modules/storage/bootloader/grub2.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pyanaconda/modules/storage/bootloader/grub2.py b/pyanaconda/modules/storage/bootloader/grub2.py
index add7dc97086..44b08e4dec9 100644
--- a/pyanaconda/modules/storage/bootloader/grub2.py
+++ b/pyanaconda/modules/storage/bootloader/grub2.py
@@ -310,7 +310,7 @@ def write_password_config(self):
return
users_file = "%s%s/%s" % (conf.target.system_root, self.config_dir, self._passwd_file)
- header = util.open_with_perm(users_file, "w", 0o700)
+ header = util.open_with_perm(users_file, "w", 0o600)
# XXX FIXME: document somewhere that the username is "root"
self._encrypt_password()
password_line = "GRUB2_PASSWORD=" + self.encrypted_password