[systemd-devel] [PATCH 1/2] kernel-install: avoid using 'cp --preserve'
Sébastien Luttringer
seblu at seblu.net
Wed Sep 25 16:13:14 PDT 2013
On Thu, Sep 26, 2013 at 12:56 AM, Kay Sievers <kay at vrfy.org> wrote:
> On Thu, Sep 26, 2013 at 12:38 AM, Tom Gundersen <teg at jklm.no> wrote:
>> Force 0600 and root:root instead, to avoid problems with fat filesystems.
>
> Sounds fine to me, to enforce root permissions.
Boot kernel was world readable, and it makes sense. Why making them
root only readable is a good idea?
If your /boot is a FAT filesystem, the world readable rights are
handled by your mount options.
On non UEFI systems, world readable rights set by kernel-install matter.
> If people want special permissions, they can always drop-in their own
> install.d/ callout to mangle them.
This means maintain it's own generator, it's a bit boring for just
being able to check the size of your installed kernel.
The opposite logic seems more appropriate.
Cheers,
--
Sébastien "Seblu" Luttringer
https://www.seblu.net
GPG: 0x2072D77A
More information about the systemd-devel
mailing list