From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: Javier Martinez Canillas Date: Wed, 21 Nov 2018 15:38:50 +0100 Subject: [PATCH] blscfg: expand grub_users before passing to grub_normal_add_menu_entry() The "grub_users" field from the BLS snippet file is used to specifcy the users that are allowed to execute a given menu entry if the "superusers" environment variable is set. If the "grub_users" isn't set, the menu entry is unrestricted and it can be executed without any authentication and if is set then only the users defined in "grub_users" can execute the menu entry after authentication. But this field can contain an environment variable so has to be expanded or otherwise grub2 will wrongly assume that the user is "$var", and will populate a menu entry that it's resctrited even when "$var" isn't set. Resolves: rhbz#1650706 Signed-off-by: Javier Martinez Canillas --- grub-core/commands/blscfg.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/grub-core/commands/blscfg.c b/grub-core/commands/blscfg.c index 42892cbfd..c432c6ba2 100644 --- a/grub-core/commands/blscfg.c +++ b/grub-core/commands/blscfg.c @@ -704,7 +704,7 @@ static void create_entry (struct bls_entry *entry) initrds = bls_make_list (entry, "initrd", NULL); hotkey = bls_get_val (entry, "grub_hotkey", NULL); - users = bls_get_val (entry, "grub_users", NULL); + users = expand_val (bls_get_val (entry, "grub_users", NULL)); classes = bls_make_list (entry, "grub_class", NULL); args = bls_make_list (entry, "grub_arg", &argc);