Blob Blame History Raw
From d066c82a5a5c63c50617be27409ae0bb4bd3a356 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Sat, 14 Mar 2015 22:35:30 -0400
Subject: [PATCH] cryptsetup-generator: remove warning about crypttab access
 mode
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This file contains no privileged data — just names of devices to decrypt
and files containing keys. On a running system most of this can be inferred from
the device tree anyway.

(cherry picked from commit 71e4e1258436e7e81d772aed52a02bb5d9c87cb8)
---
 src/cryptsetup/cryptsetup-generator.c | 7 -------
 1 file changed, 7 deletions(-)

diff --git a/src/cryptsetup/cryptsetup-generator.c b/src/cryptsetup/cryptsetup-generator.c
index dfbca87..d191def 100644
--- a/src/cryptsetup/cryptsetup-generator.c
+++ b/src/cryptsetup/cryptsetup-generator.c
@@ -377,13 +377,6 @@ static int add_crypttab_devices(void) {
                 return 0;
         }
 
-        /* If we readd support for specifying passphrases
-         * directly in crypttab we should upgrade the warning
-         * below, though possibly only if a passphrase is
-         * specified directly. */
-        if (st.st_mode & 0005)
-                log_debug("/etc/crypttab is world-readable. This is usually not a good idea.");
-
         for (;;) {
                 int r, k;
                 char line[LINE_MAX], *l, *uuid;