You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
37 lines
1.3 KiB
37 lines
1.3 KiB
2 months ago
|
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||
|
From: Solar Designer <solar@openwall.com>
|
||
|
Date: Tue, 6 Feb 2024 22:05:45 +0100
|
||
|
Subject: [PATCH] grub-set-bootflag: Exit calmly when not running as root
|
||
|
|
||
|
Exit calmly when not installed SUID root and invoked by non-root. This
|
||
|
allows installing user/grub-boot-success.service unconditionally while
|
||
|
supporting non-SUID installation of the program for some limited usage.
|
||
|
|
||
|
Signed-off-by: Solar Designer <solar@openwall.com>
|
||
|
---
|
||
|
util/grub-set-bootflag.c | 11 +++++++++++
|
||
|
1 file changed, 11 insertions(+)
|
||
|
|
||
|
diff --git a/util/grub-set-bootflag.c b/util/grub-set-bootflag.c
|
||
|
index 514c4f9091ac..31a868aeca8a 100644
|
||
|
--- a/util/grub-set-bootflag.c
|
||
|
+++ b/util/grub-set-bootflag.c
|
||
|
@@ -98,6 +98,17 @@ int main(int argc, char *argv[])
|
||
|
bootflag = bootflags[i];
|
||
|
len = strlen (bootflag);
|
||
|
|
||
|
+ /*
|
||
|
+ * Exit calmly when not installed SUID root and invoked by non-root. This
|
||
|
+ * allows installing user/grub-boot-success.service unconditionally while
|
||
|
+ * supporting non-SUID installation of the program for some limited usage.
|
||
|
+ */
|
||
|
+ if (geteuid())
|
||
|
+ {
|
||
|
+ printf ("grub-set-bootflag not running as root, no action taken\n");
|
||
|
+ return 0;
|
||
|
+ }
|
||
|
+
|
||
|
/*
|
||
|
* setegid avoids the new grubenv's gid being that of the user.
|
||
|
*/
|