From 5e615f4eb488e469395e7e30059a22d8225d9a0a Mon Sep 17 00:00:00 2001 From: Lubomir Rintel Date: Thu, 30 Aug 2018 18:38:34 +0200 Subject: [PATCH] iscsi: do not install all of /etc/iscsi unless hostonly /etc/iscsi/initiatorname.iscsi would leak the host initiator name (that is host configuration) to the initramfs. Perhaps other files too. --- modules.d/95iscsi/module-setup.sh | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/modules.d/95iscsi/module-setup.sh b/modules.d/95iscsi/module-setup.sh index 04beae4c..5c2073bb 100755 --- a/modules.d/95iscsi/module-setup.sh +++ b/modules.d/95iscsi/module-setup.sh @@ -216,7 +216,11 @@ install() { $systemdsystemunitdir/sockets.target.wants/iscsid.socket \ $systemdsystemunitdir/sockets.target.wants/iscsiuio.socket - [[ -d /etc/iscsi ]] && inst_dir $(/usr/bin/find /etc/iscsi) + if [[ $hostonly ]]; then + inst_dir $(/usr/bin/find /etc/iscsi) + else + inst_simple /etc/iscsi/iscsid.conf + fi # Detect iBFT and perform mandatory steps if [[ $hostonly_cmdline == "yes" ]] ; then