Update runtime error message thrown for grsec/hardened kernels (#236)
* Update runtime error message thrown for grsec/hardened kernels, saying that they are not supported right now, #107 * Remove unnecessary check for grsec enable/disable status - the build will not work in either case
This commit is contained in:
parent
2afe205243
commit
b687ca70d5
|
@ -17,24 +17,24 @@ You should have received a copy of the GNU General Public License
|
||||||
along with pmbootstrap. If not, see <http://www.gnu.org/licenses/>.
|
along with pmbootstrap. If not, see <http://www.gnu.org/licenses/>.
|
||||||
"""
|
"""
|
||||||
import os
|
import os
|
||||||
import pmb.helpers.run
|
|
||||||
|
|
||||||
|
|
||||||
def check_grsec(args):
|
def check_grsec(args):
|
||||||
"""
|
"""
|
||||||
Check if the current kernel is based on the grsec patchset, and if
|
Check if the current kernel is based on the grsec patchset, and if
|
||||||
the chroot_deny_chmod option is enabled. Raise an exception in that
|
the chroot_deny_chmod option is enabled. Raise an exception in that
|
||||||
case, with a link to a wiki page. Otherwise, do nothing.
|
case, with a link to the issue. Otherwise, do nothing.
|
||||||
"""
|
"""
|
||||||
path = "/proc/sys/kernel/grsecurity/chroot_deny_chmod"
|
path = "/proc/sys/kernel/grsecurity/chroot_deny_chmod"
|
||||||
if not os.path.exists(path):
|
if not os.path.exists(path):
|
||||||
return
|
return
|
||||||
|
|
||||||
status = pmb.helpers.run.root(
|
link = "https://github.com/postmarketOS/pmbootstrap/issues/107"
|
||||||
args, ["cat", path], return_stdout=True).rstrip()
|
raise RuntimeError("You're running a kernel based on the grsec"
|
||||||
if status != "0":
|
" patchset. At the moment, pmbootstrap is not"
|
||||||
link = "https://github.com/postmarketOS/pmbootstrap/wiki/Troubleshooting:grsec"
|
" compatible with grsec or a hardened kernel, sorry!"
|
||||||
raise RuntimeError("You're running a kernel based on the grsec"
|
" To get pmbootstrap working, you will need to switch"
|
||||||
" patchset. To get pmbootstrap working, you"
|
" to a vanilla kernel (i.e. non-hardened and without grsec)."
|
||||||
" will need to disable some options with"
|
" Alternatively, it would be awesome if you want to add"
|
||||||
" sysctl: <" + link + ">")
|
" support for hardened/grsec kernels, please see this for"
|
||||||
|
" more details: <" + link + ">")
|
||||||
|
|
Loading…
Reference in New Issue