naccyde / rpms / systemd

Forked from rpms/systemd a year ago
Clone
1ff636
From d066c82a5a5c63c50617be27409ae0bb4bd3a356 Mon Sep 17 00:00:00 2001
1ff636
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
1ff636
Date: Sat, 14 Mar 2015 22:35:30 -0400
1ff636
Subject: [PATCH] cryptsetup-generator: remove warning about crypttab access
1ff636
 mode
1ff636
MIME-Version: 1.0
1ff636
Content-Type: text/plain; charset=UTF-8
1ff636
Content-Transfer-Encoding: 8bit
1ff636
1ff636
This file contains no privileged data — just names of devices to decrypt
1ff636
and files containing keys. On a running system most of this can be inferred from
1ff636
the device tree anyway.
1ff636
1ff636
(cherry picked from commit 71e4e1258436e7e81d772aed52a02bb5d9c87cb8)
1ff636
---
1ff636
 src/cryptsetup/cryptsetup-generator.c | 7 -------
1ff636
 1 file changed, 7 deletions(-)
1ff636
1ff636
diff --git a/src/cryptsetup/cryptsetup-generator.c b/src/cryptsetup/cryptsetup-generator.c
c62b8e
index dfbca8754f..d191def5f8 100644
1ff636
--- a/src/cryptsetup/cryptsetup-generator.c
1ff636
+++ b/src/cryptsetup/cryptsetup-generator.c
1ff636
@@ -377,13 +377,6 @@ static int add_crypttab_devices(void) {
1ff636
                 return 0;
1ff636
         }
1ff636
 
1ff636
-        /* If we readd support for specifying passphrases
1ff636
-         * directly in crypttab we should upgrade the warning
1ff636
-         * below, though possibly only if a passphrase is
1ff636
-         * specified directly. */
1ff636
-        if (st.st_mode & 0005)
1ff636
-                log_debug("/etc/crypttab is world-readable. This is usually not a good idea.");
1ff636
-
1ff636
         for (;;) {
1ff636
                 int r, k;
1ff636
                 char line[LINE_MAX], *l, *uuid;