[pve-devel] [PATCH container] fix #2655: don't forget to setup securetty for centos >= 7
Thomas Lamprecht
t.lamprecht at proxmox.com
Mon May 25 14:24:34 CEST 2020
On 5/25/20 2:15 PM, Oguz Bektas wrote:
> in template_fixup we only call this method for version < 7, but greater
> versions also need to allow lxc/tty[N] as secure.
>
> Signed-off-by: Oguz Bektas <o.bektas at proxmox.com>
> ---
> src/PVE/LXC/Setup/CentOS.pm | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/src/PVE/LXC/Setup/CentOS.pm b/src/PVE/LXC/Setup/CentOS.pm
> index 1e6894b..757bc63 100644
> --- a/src/PVE/LXC/Setup/CentOS.pm
> +++ b/src/PVE/LXC/Setup/CentOS.pm
> @@ -109,9 +109,10 @@ sub template_fixup {
> my $data = $self->ct_file_get_contents($filename);
> $data =~ s!^(/sbin/start_udev.*)$!#$1!gm;
> $self->ct_file_set_contents($filename, $data);
> -
> # edit /etc/securetty (enable login on console)
> $self->setup_securetty($conf);
> + } else {
> + $self->setup_securetty($conf);
> }
so a if-else both ending in the same statement.. Why not move it out and
do that unconditionally after the if?
And it doesn't regresses for other CentOS versions and un/privileged combos?
> }
>
>
More information about the pve-devel
mailing list