|
Harald Hoyer |
f8c4a0 |
From 5ae33613ab3145db12f21bca491d97832160cc1a Mon Sep 17 00:00:00 2001
|
|
Harald Hoyer |
f8c4a0 |
From: Harald Hoyer <harald@redhat.com>
|
|
Harald Hoyer |
f8c4a0 |
Date: Tue, 6 Aug 2013 11:43:58 +0200
|
|
Harald Hoyer |
f8c4a0 |
Subject: [PATCH] dracut.sh: do not strip in FIPS mode
|
|
Harald Hoyer |
f8c4a0 |
|
|
Harald Hoyer |
f8c4a0 |
---
|
|
Harald Hoyer |
f8c4a0 |
dracut.sh | 22 ++++------------------
|
|
Harald Hoyer |
f8c4a0 |
1 file changed, 4 insertions(+), 18 deletions(-)
|
|
Harald Hoyer |
f8c4a0 |
|
|
Harald Hoyer |
f8c4a0 |
diff --git a/dracut.sh b/dracut.sh
|
|
Harald Hoyer |
f8c4a0 |
index e119bd2..4ef71f3 100755
|
|
Harald Hoyer |
f8c4a0 |
--- a/dracut.sh
|
|
Harald Hoyer |
f8c4a0 |
+++ b/dracut.sh
|
|
Harald Hoyer |
f8c4a0 |
@@ -1209,25 +1209,11 @@ if [[ $do_strip = yes ]] ; then
|
|
Harald Hoyer |
f8c4a0 |
done
|
|
Harald Hoyer |
f8c4a0 |
fi
|
|
Harald Hoyer |
f8c4a0 |
|
|
Harald Hoyer |
f8c4a0 |
-if [[ $do_strip = yes ]] ; then
|
|
Harald Hoyer |
f8c4a0 |
+if [[ $do_strip = yes ]] && ! [[ $DRACUT_FIPS_MODE ]]; then
|
|
Harald Hoyer |
f8c4a0 |
dinfo "*** Stripping files ***"
|
|
Harald Hoyer |
f8c4a0 |
- if [[ $DRACUT_FIPS_MODE ]]; then
|
|
Harald Hoyer |
f8c4a0 |
- find "$initdir" -type f \
|
|
Harald Hoyer |
f8c4a0 |
- -executable -not -path '*/lib/modules/*.ko' -print0 \
|
|
Harald Hoyer |
f8c4a0 |
- | while read -r -d $'\0' f; do
|
|
Harald Hoyer |
f8c4a0 |
- if ! [[ -e "${f%/*}/.${f##*/}.hmac" ]] \
|
|
Harald Hoyer |
f8c4a0 |
- && ! [[ -e "/lib/hmaccalc/${f##*/}.hmac" ]] \
|
|
Harald Hoyer |
f8c4a0 |
- && ! [[ -e "/lib64/hmaccalc/${f##*/}.hmac" ]] \
|
|
Harald Hoyer |
f8c4a0 |
- && ! [[ -e "/lib/fipscheck/${f##*/}.hmac" ]] \
|
|
Harald Hoyer |
f8c4a0 |
- && ! [[ -e "/lib64/fipscheck/${f##*/}.hmac" ]]; then
|
|
Harald Hoyer |
f8c4a0 |
- printf "%s\000" "$f";
|
|
Harald Hoyer |
f8c4a0 |
- fi
|
|
Harald Hoyer |
f8c4a0 |
- done | xargs -r -0 strip -g 2>/dev/null
|
|
Harald Hoyer |
f8c4a0 |
- else
|
|
Harald Hoyer |
f8c4a0 |
- find "$initdir" -type f \
|
|
Harald Hoyer |
f8c4a0 |
- -executable -not -path '*/lib/modules/*.ko' -print0 \
|
|
Harald Hoyer |
f8c4a0 |
- | xargs -r -0 strip -g 2>/dev/null
|
|
Harald Hoyer |
f8c4a0 |
- fi
|
|
Harald Hoyer |
f8c4a0 |
+ find "$initdir" -type f \
|
|
Harald Hoyer |
f8c4a0 |
+ -executable -not -path '*/lib/modules/*.ko' -print0 \
|
|
Harald Hoyer |
f8c4a0 |
+ | xargs -r -0 strip -g 2>/dev/null
|
|
Harald Hoyer |
f8c4a0 |
|
|
Harald Hoyer |
f8c4a0 |
# strip kernel modules, but do not touch signed modules
|
|
Harald Hoyer |
f8c4a0 |
find "$initdir" -type f -path '*/lib/modules/*.ko' -print0 \
|