diff options
| author | Michael Niewöhner <[email protected]> | 2019-02-28 21:05:55 +0100 |
|---|---|---|
| committer | Brian Behlendorf <[email protected]> | 2019-02-28 12:05:55 -0800 |
| commit | 46164122c0f365f14073266a695334f9de2073cf (patch) | |
| tree | 960d5a01e37e05fa76d5854eebff95f45efac45c /contrib/initramfs | |
| parent | d6838ae649d7a369b5064f7ab1c016b39c26af68 (diff) | |
initramfs/debian: use panic() instead of directly calling /bin/sh
Debian has a panic() function which makes it possible to disable shell
access in initramfs by setting the panic kernel parameter. Use it.
Reviewed-by: Brian Behlendorf <[email protected]>
Reviewed-by: Kash Pande <[email protected]>
Signed-off-by: Michael Niewöhner <[email protected]>
Closes #8448
Diffstat (limited to 'contrib/initramfs')
| -rw-r--r-- | contrib/initramfs/scripts/zfs.in | 30 |
1 files changed, 22 insertions, 8 deletions
diff --git a/contrib/initramfs/scripts/zfs.in b/contrib/initramfs/scripts/zfs.in index 602d4c306..36b7f436c 100644 --- a/contrib/initramfs/scripts/zfs.in +++ b/contrib/initramfs/scripts/zfs.in @@ -16,6 +16,20 @@ ZPOOL="@sbindir@/zpool" ZPOOL_CACHE="@sysconfdir@/zfs/zpool.cache" export ZFS ZPOOL ZPOOL_CACHE + +# Start interactive shell. +# Use debian's panic() if defined, because it allows to prevent shell access +# by setting panic in cmdline (e.g. panic=0 or panic=15). +# See "4.5 Disable root prompt on the initramfs" of Securing Debian Manual: +# https://www.debian.org/doc/manuals/securing-debian-howto/ch4.en.html +shell() { + if type panic > /dev/null 2>&1; then + panic $@ + else + /bin/sh + fi +} + # This runs any scripts that should run before we start importing # pools and mounting any filesystems. pre_mountroot() @@ -256,7 +270,7 @@ import_pool() echo "" echo "Failed to import pool '$pool'." echo "Manually import the pool and exit." - /bin/sh + shell fi fi @@ -379,7 +393,7 @@ mount_fs() echo "" echo "Failed to mount ${fs} on ${rootmnt}/${mountpoint}." echo "Manually mount the filesystem and exit." - /bin/sh + shell else [ "$quiet" != "y" ] && zfs_log_end_msg fi @@ -451,7 +465,7 @@ destroy_fs() echo "Failed to destroy '$fs'. Please make sure that '$fs' is not available." echo "Hint: Try: zfs destroy -Rfn $fs" echo "If this dryrun looks good, then remove the 'n' from '-Rfn' and try again." - /bin/sh + shell else [ "$quiet" != "y" ] && zfs_log_end_msg fi @@ -494,7 +508,7 @@ clone_snap() echo "Failed to clone snapshot." echo "Make sure that the any problems are corrected and then make sure" echo "that the dataset '$destfs' exists and is bootable." - /bin/sh + shell else [ "$quiet" != "y" ] && zfs_log_end_msg fi @@ -523,7 +537,7 @@ rollback_snap() echo "Error: $ZFS_ERROR" echo "" echo "Failed to rollback snapshot." - /bin/sh + shell else [ "$quiet" != "y" ] && zfs_log_end_msg fi @@ -684,7 +698,7 @@ mountroot() echo "" echo "Failed to load ZFS modules." echo "Manually load the modules and exit." - /bin/sh + shell fi # ------------ @@ -857,7 +871,7 @@ mountroot() echo "No pool imported. Manually import the root pool" echo "at the command prompt and then exit." echo "Hint: Try: zpool import -R ${rootmnt} -N ${ZFS_RPOOL}" - /bin/sh + shell fi # In case the pool was specified as guid, resolve guid to name @@ -908,7 +922,7 @@ mountroot() echo "" echo "Manually mount the root filesystem on $rootmnt and then exit." echo "Hint: Try: mount -o zfsutil -t zfs ${ZFS_RPOOL-rpool}/ROOT/system $rootmnt" - /bin/sh + shell fi # ---------------------------------------------------------------- |