dcavalca / rpms / grub2

Forked from rpms/grub2 3 years ago
Clone

Blame SOURCES/0248-blscfg-expand-grub_users-before-passing-to-grub_norm.patch

8631a2
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
8631a2
From: Javier Martinez Canillas <javierm@redhat.com>
8631a2
Date: Wed, 21 Nov 2018 15:38:50 +0100
8631a2
Subject: [PATCH] blscfg: expand grub_users before passing to
8631a2
 grub_normal_add_menu_entry()
8631a2
8631a2
The "grub_users" field from the BLS snippet file is used to specifcy the
8631a2
users that are allowed to execute a given menu entry if the "superusers"
8631a2
environment variable is set.
8631a2
8631a2
If the "grub_users" isn't set, the menu entry is unrestricted and it can
8631a2
be executed without any authentication and if is set then only the users
8631a2
defined in "grub_users" can execute the menu entry after authentication.
8631a2
8631a2
But this field can contain an environment variable so has to be expanded
8631a2
or otherwise grub2 will wrongly assume that the user is "$var", and will
8631a2
populate a menu entry that it's resctrited even when "$var" isn't set.
8631a2
8631a2
Resolves: rhbz#1650706
8631a2
8631a2
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
8631a2
---
8631a2
 grub-core/commands/blscfg.c | 2 +-
8631a2
 1 file changed, 1 insertion(+), 1 deletion(-)
8631a2
8631a2
diff --git a/grub-core/commands/blscfg.c b/grub-core/commands/blscfg.c
8631a2
index 42892cbfd55..c432c6ba27a 100644
8631a2
--- a/grub-core/commands/blscfg.c
8631a2
+++ b/grub-core/commands/blscfg.c
8631a2
@@ -704,7 +704,7 @@ static void create_entry (struct bls_entry *entry)
8631a2
   initrds = bls_make_list (entry, "initrd", NULL);
8631a2
 
8631a2
   hotkey = bls_get_val (entry, "grub_hotkey", NULL);
8631a2
-  users = bls_get_val (entry, "grub_users", NULL);
8631a2
+  users = expand_val (bls_get_val (entry, "grub_users", NULL));
8631a2
   classes = bls_make_list (entry, "grub_class", NULL);
8631a2
   args = bls_make_list (entry, "grub_arg", &argc);
8631a2