51 lines
1.5 KiB
Diff
51 lines
1.5 KiB
Diff
|
From da4c9a950f339f2e87a021f7d060bf7ac07f4f00 Mon Sep 17 00:00:00 2001
|
||
|
From: Daniel Molkentin <dmolkentin@suse.com>
|
||
|
Date: Mon, 6 Jul 2020 14:47:28 +0200
|
||
|
Subject: [PATCH] 01fips: modprobe failures during manual module loading is not
|
||
|
fatal
|
||
|
|
||
|
Users might see
|
||
|
|
||
|
"modprobe: FATAL: Module xyz not found in directory"
|
||
|
|
||
|
The output from modprobe is semantically wrong in this case and
|
||
|
confuses users. Keep the warning for debugging purposes, but reduce
|
||
|
the severeness.
|
||
|
|
||
|
It now reads "Module xyz not found in directory"
|
||
|
|
||
|
Reference: bsc#1169997
|
||
|
---
|
||
|
modules.d/01fips/fips.sh | 10 +++++++++-
|
||
|
1 file changed, 9 insertions(+), 1 deletion(-)
|
||
|
|
||
|
diff --git a/modules.d/01fips/fips.sh b/modules.d/01fips/fips.sh
|
||
|
index 8fba135b..37cde0c0 100755
|
||
|
--- a/modules.d/01fips/fips.sh
|
||
|
+++ b/modules.d/01fips/fips.sh
|
||
|
@@ -69,6 +69,14 @@ do_rhevh_check()
|
||
|
return 0
|
||
|
}
|
||
|
|
||
|
+nonfatal_modprobe()
|
||
|
+{
|
||
|
+ modprobe $1 2>&1 > /dev/stdout |
|
||
|
+ while read -r line || [ -n "$line" ]; do
|
||
|
+ echo "${line#modprobe: FATAL: }" >&2
|
||
|
+ done
|
||
|
+}
|
||
|
+
|
||
|
fips_load_crypto()
|
||
|
{
|
||
|
FIPSMODULES=$(cat /etc/fipsmodules)
|
||
|
@@ -77,7 +85,7 @@ fips_load_crypto()
|
||
|
mv /etc/modprobe.d/fips.conf /etc/modprobe.d/fips.conf.bak
|
||
|
for _module in $FIPSMODULES; do
|
||
|
if [ "$_module" != "tcrypt" ]; then
|
||
|
- if ! modprobe "${_module}" 2>/tmp/fips.modprobe_err; then
|
||
|
+ if ! nonfatal_modprobe "${_module}" 2>/tmp/fips.modprobe_err; then
|
||
|
# check if kernel provides generic algo
|
||
|
_found=0
|
||
|
while read _k _s _v || [ -n "$_k" ]; do
|
||
|
|