synit
/
pmbootstrap
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Fix #107: Grsec check: read file in /proc as root

This commit is contained in:
Oliver Smith 2017-07-11 18:50:40 +02:00
parent d0ffe4879d
commit 34622368d9
No known key found for this signature in database
GPG Key ID: 5AE7F5513E0885CB
2 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
pmb/helpers/other.py
View File

@ -17,9 +17,10 @@ You should have received a copy of the GNU General Public License
along with pmbootstrap. If not, see <http://www.gnu.org/licenses/>. along with pmbootstrap. If not, see <http://www.gnu.org/licenses/>.
""" """
import os import os
import pmb.helpers.run
def check_grsec(): def check_grsec(args):
""" """
Check if the current kernel is based on the grsec patchset, and if Check if the current kernel is based on the grsec patchset, and if
the chroot_deny_chmod option is enabled. Raise an exception in that the chroot_deny_chmod option is enabled. Raise an exception in that
@ -29,9 +30,8 @@ def check_grsec():
if not os.path.exists(path): if not os.path.exists(path):
return return
with open(path, "r") as handle: status = pmb.helpers.run.root(
status = handle.readlines()[0].rstrip() args, ["cat", path], return_stdout=True).rstrip()
if status != "0": if status != "0":
link = "https://github.com/postmarketOS/pmbootstrap/wiki/Troubleshooting:grsec" link = "https://github.com/postmarketOS/pmbootstrap/wiki/Troubleshooting:grsec"
raise RuntimeError("You're running a kernel based on the grsec" raise RuntimeError("You're running a kernel based on the grsec"

2
pmbootstrap.py
View File

@ -48,7 +48,7 @@ def main():
# Wrap everything to display nice error messages # Wrap everything to display nice error messages
try: try:
# Sanity check # Sanity check
pmb.helpers.other.check_grsec() pmb.helpers.other.check_grsec(args)
# Initialize or require config # Initialize or require config
if args.action == "init": if args.action == "init":