Skip to content

Commit

Permalink
mxgrub: set umask to 022
Browse files Browse the repository at this point in the history 
I see to many

    buczek@sigusr2:~$ mxgrub
    /boot/grub/grub.cfg: Permission denied

or

    buczek@aros:~$ mxgrub --list
    cat: /boot/grub/i386-pc/acpi.mod: Permission denied
    cat: /boot/grub/i386-pc/adler32.mod: Permission denied
    cat: /boot/grub/i386-pc/affs.mod: Permission denied
    cat: /boot/grub/i386-pc/afs.mod: Permission denied
    [...]
    cat: /boot/grub/i386-pc/bufio.mod: Permission denied

    Note: GRUB version installed in /usr differs from GRUB version
    used to boot.

    Consider updating the boot-loader with:

    grub-install --boot-directory=/boot /dev/sda

lately. Set umask to get this into a more defined state. I don't see a
problem to make the files world readable. grub.cfg contains a hash for
the password needed to change the boot command line, but

1. so does this script
2. I don't think, the password can be recovered from the hash
3. if you have physical access to the system, you can boot what you want
anyway.
  • Loading branch information
@donald
donald committed Sep 14, 2018
1 parent 38fb40b commit edd781f
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions mxgrub/mxgrub
View file
Original file line number Diff line number Diff line change
Expand Up @@ -352,6 +352,7 @@ sub cmd_initramfs {
sys('bash','-c','cd /project/admin/initramfs;find .|cpio -H newc -o | gzip > /boot/grub/initramfs.igz');
}

umask 022;
check_grub_installation();
check_grub_menu_and_boot_dir();

Expand Down

0 comments on commit edd781f

Please sign in to comment.