|
 |
a909a54 |
From: Cole Robinson <crobinso@redhat.com>
|
|
|
a909a54 |
Date: Wed, 3 Apr 2019 18:07:12 -0400
|
|
|
a909a54 |
Subject: [PATCH virt-manager] initrdinject: Force added files to be owned as
|
|
|
a909a54 |
root (bz 1686464)
|
|
|
a909a54 |
|
|
|
a909a54 |
systemd in fedora30 has some new security restriction about non-root
|
|
|
a909a54 |
owned directories. Initrd inject would tickle this because the cpio
|
|
|
a909a54 |
archive would cause the root dir in the initrd to be owned by the
|
|
|
a909a54 |
uid that launched virt-install.
|
|
|
a909a54 |
|
|
|
a909a54 |
Pass --owner=+0:+0 to cpio to force root ownership
|
|
|
a909a54 |
|
|
|
a909a54 |
Suggested-by: James Szinger <jszinger@gmail.com>
|
|
|
a909a54 |
|
|
|
a909a54 |
https://bugzilla.redhat.com/show_bug.cgi?id=1686464
|
|
|
a909a54 |
(cherry picked from commit c6b5f22fa61d87557b5fab23be080073d2f7906e)
|
|
|
a909a54 |
---
|
|
|
a909a54 |
virtinst/initrdinject.py | 2 +-
|
|
|
a909a54 |
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
a909a54 |
|
|
|
a909a54 |
diff --git a/virtinst/initrdinject.py b/virtinst/initrdinject.py
|
|
|
a909a54 |
index 9a09f20c..4032f9ba 100644
|
|
|
a909a54 |
--- a/virtinst/initrdinject.py
|
|
|
a909a54 |
+++ b/virtinst/initrdinject.py
|
|
|
a909a54 |
@@ -31,7 +31,7 @@ def perform_initrd_injections(initrd, injections, scratchdir):
|
|
|
a909a54 |
stderr=subprocess.PIPE,
|
|
|
a909a54 |
cwd=tempdir)
|
|
|
a909a54 |
cpio_proc = subprocess.Popen(['cpio', '--create', '--null', '--quiet',
|
|
|
a909a54 |
- '--format=newc'],
|
|
|
a909a54 |
+ '--format=newc', '--owner=+0:+0'],
|
|
|
a909a54 |
stdin=find_proc.stdout,
|
|
|
a909a54 |
stdout=subprocess.PIPE,
|
|
|
a909a54 |
stderr=subprocess.PIPE,
|