main/postmarketos-initramfs: add some sane mount options to /boot (MR 5089)
We won't want executables, suid executables, devices. We neither want symbolic links in fat partitions. These have been taken from systemd (Ref #2782)
This commit is contained in:
Pablo Correa Gómez
parent
2db5ff27fc
commit
efc7ad99e4
2 changed files with 6 additions and 6 deletions
|
|
@ -1,7 +1,7 @@
|
|||
# Maintainer: Oliver Smith <ollieparanoid@postmarketos.org>
|
||||
# Co-Maintainer: Clayton Craft <clayton@craftyguy.net>
|
||||
pkgname=postmarketos-initramfs
|
||||
pkgver=2.6.0
|
||||
pkgver=2.6.1
|
||||
pkgrel=0
|
||||
pkgdesc="Base files for the postmarketOS initramfs / initramfs-extra"
|
||||
url="https://postmarketos.org"
|
||||
|
|
@ -89,7 +89,7 @@ sha512sums="
|
|||
ab41b45b0613f25a61114ed8c8b92bc53c60838f6e2e0ba18c76e5369b2984e6023a0661887692673aca3f647f268c468a468f6b1ac424cfee609017a89481dd 00-initramfs-base.files
|
||||
8a4adad3785af474b36a09a05f6a3b2c4b4f43aac331a53b903abfa51ea12be1e3d1d807b7a6e66a1346815f3b0044daf8cd62e21e2dc75d2db13ee265a72985 00-initramfs-extra-base.files
|
||||
b1462989633c65a102e7ae7ced9c41a00673b4c7434cd3fe16c229c39bb870d7e850b0d317487191b7d7ca32c75b2eed1561b1facf405bd4d876d32c71badcf3 init.sh
|
||||
fe9fd7ae5bedf393e96a9fa771396a1aa8b17ba97155070789186cd2e2fa32ab8bf7d003cb88bbe620b4c7713f4086affbede816afdc1b47881d31448bad0862 init_functions.sh
|
||||
3fd2efbc6fc375bbba67b313b0a9e41805b95fb7d9b06959d0b08fb626ba425d31f748df961ac92c1fb4454be796a95a8bc68d28964f4a3c1ba6a1d85de0ca1b init_functions.sh
|
||||
ba3275a9af788c7c782322a22a0f144d5e50e3498ea6886486a29331f23ae89cd32d500a3635cfa7cab369afba92edc18aeca64ccbf0cd589061cce23d15b46c unudhcpd.conf
|
||||
675e7d5bee39b2df7d322117f8dcaccc274d61beaf4d50ead19bbf2109446d64b1c0aa0c5b4f9846eb6c1c403418f28f6364eff4537ba41120fbfcbc484b7da7 mdev.conf
|
||||
"
|
||||
|
|
|
|||
|
|
@ -321,7 +321,8 @@ get_partition_type() {
|
|||
# /sysroot/boot (rw), after root has been mounted at /sysroot, so we can
|
||||
# switch_root to /sysroot and have the boot partition properly mounted.
|
||||
mount_boot_partition() {
|
||||
partition=$(find_boot_partition)
|
||||
partition="$(find_boot_partition)"
|
||||
local mount_opts="-o nodev,nosuid,noexec"
|
||||
|
||||
# We dont need to do this when using stowaways
|
||||
if grep -q "pmos.stowaway" /proc/cmdline; then
|
||||
|
|
@ -329,10 +330,9 @@ mount_boot_partition() {
|
|||
fi
|
||||
|
||||
if [ "$2" = "rw" ]; then
|
||||
mount_opts=""
|
||||
echo "Mount boot partition ($partition) to $1 (read-write)"
|
||||
else
|
||||
mount_opts="-o ro"
|
||||
mount_opts="$mount_opts,ro"
|
||||
echo "Mount boot partition ($partition) to $1 (read-only)"
|
||||
fi
|
||||
|
||||
|
|
@ -347,7 +347,7 @@ mount_boot_partition() {
|
|||
vfat)
|
||||
echo "Detected vfat filesystem"
|
||||
modprobe vfat
|
||||
mount_opts="-t vfat $mount_opts"
|
||||
mount_opts="-t vfat $mount_opts,umask=0077,nosymfollow"
|
||||
;;
|
||||
*) echo "WARNING: Detected unsupported '$type' filesystem ($partition)." ;;
|
||||
esac
|
||||
|
|
|
|||
Loading…
Reference in a new issue