From 120528e1a2fb30ae5826d3a1c0f6fa5d658dd336 Mon Sep 17 00:00:00 2001
From: Chris Lamb <chris@chris-lamb.co.uk>
Date: Sun, 23 Mar 2008 04:27:21 +0000
Subject: lh_chroot_hacks: Ensure initrds are group- and world- readable

The loop-aes-utils sets a umask in its update-initramfs configuration,
causing initrds to have "0600" permissions which causes boot failures
when offering the files over netboot or similar.

The justification given by loop-aes is that, as it supports encrypting
against embedded GPG keyrings, the keys would be compromised if the files
were group- or world- readable. However, as live-helper does not support
this feature, it is safe to simply correct the permissions.
---
 helpers/lh_chroot_hacks | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/helpers/lh_chroot_hacks b/helpers/lh_chroot_hacks
index 753fcb6..7a90d36 100755
--- a/helpers/lh_chroot_hacks
+++ b/helpers/lh_chroot_hacks
@@ -82,6 +82,10 @@ fi
 # Update initramfs
 Chroot "update-initramfs -k all -t -u"
 
+# Ensure readable permissions on initramfs. loop-aes-utils sets umask to
+# protect GPG keys, which live-helper does not support.
+chmod go+r chroot/boot/initrd*
+
 # Remove build systems clock drift
 echo "0.0 0 0.0" > chroot/etc/adjtime
 
-- 
cgit v1.0