From d066c82a5a5c63c50617be27409ae0bb4bd3a356 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Sat, 14 Mar 2015 22:35:30 -0400
Subject: [PATCH] cryptsetup-generator: remove warning about crypttab access
mode
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
This file contains no privileged data — just names of devices to decrypt
and files containing keys. On a running system most of this can be inferred from
the device tree anyway.
(cherry picked from commit 71e4e1258436e7e81d772aed52a02bb5d9c87cb8)
---
src/cryptsetup/cryptsetup-generator.c | 7 -------
1 file changed, 7 deletions(-)
diff --git a/src/cryptsetup/cryptsetup-generator.c b/src/cryptsetup/cryptsetup-generator.c
index dfbca8754..d191def5f 100644
--- a/src/cryptsetup/cryptsetup-generator.c
+++ b/src/cryptsetup/cryptsetup-generator.c
@@ -377,13 +377,6 @@ static int add_crypttab_devices(void) {
return 0;
}
- /* If we readd support for specifying passphrases
- * directly in crypttab we should upgrade the warning
- * below, though possibly only if a passphrase is
- * specified directly. */
- if (st.st_mode & 0005)
- log_debug("/etc/crypttab is world-readable. This is usually not a good idea.");
-
for (;;) {
int r, k;
char line[LINE_MAX], *l, *uuid;