39 lines
1.6 KiB
Diff
39 lines
1.6 KiB
Diff
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
|
From: Javier Martinez Canillas <javierm@redhat.com>
|
|
Date: Wed, 21 Nov 2018 15:38:50 +0100
|
|
Subject: [PATCH] blscfg: expand grub_users before passing to
|
|
grub_normal_add_menu_entry()
|
|
|
|
The "grub_users" field from the BLS snippet file is used to specifcy the
|
|
users that are allowed to execute a given menu entry if the "superusers"
|
|
environment variable is set.
|
|
|
|
If the "grub_users" isn't set, the menu entry is unrestricted and it can
|
|
be executed without any authentication and if is set then only the users
|
|
defined in "grub_users" can execute the menu entry after authentication.
|
|
|
|
But this field can contain an environment variable so has to be expanded
|
|
or otherwise grub2 will wrongly assume that the user is "$var", and will
|
|
populate a menu entry that it's resctrited even when "$var" isn't set.
|
|
|
|
Resolves: rhbz#1650706
|
|
|
|
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
|
|
---
|
|
grub-core/commands/blscfg.c | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/grub-core/commands/blscfg.c b/grub-core/commands/blscfg.c
|
|
index 42892cbfd55..c432c6ba27a 100644
|
|
--- a/grub-core/commands/blscfg.c
|
|
+++ b/grub-core/commands/blscfg.c
|
|
@@ -704,7 +704,7 @@ static void create_entry (struct bls_entry *entry)
|
|
initrds = bls_make_list (entry, "initrd", NULL);
|
|
|
|
hotkey = bls_get_val (entry, "grub_hotkey", NULL);
|
|
- users = bls_get_val (entry, "grub_users", NULL);
|
|
+ users = expand_val (bls_get_val (entry, "grub_users", NULL));
|
|
classes = bls_make_list (entry, "grub_class", NULL);
|
|
args = bls_make_list (entry, "grub_arg", &argc);
|
|
|