[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [PATCH mkinitrd 5.4 fips] Dont copy prelink (#505113)



On 06/16/2009 01:54 PM, Hans de Goede wrote:
> 
> In fips mode prelink must be disabled, so we don't need it and on ia64
> there is no prelink causing mkinitrd to fail there. This fixes this
> by simply removing prelink from the initrd.
> diff -up mkinitrd-5.1.19.6/mkinitrd~ mkinitrd-5.1.19.6/mkinitrd
> --- mkinitrd-5.1.19.6/mkinitrd~	2009-06-11 11:36:28.000000000 +0200
> +++ mkinitrd-5.1.19.6/mkinitrd	2009-06-11 11:45:12.973862927 +0200
> @@ -1697,10 +1697,6 @@ if [ "$withfips" -eq 1 ]; then
>  
>      inst /usr/$libdir/hmaccalc/sha512hmac.hmac $MNTIMAGE/usr/$libdir/hmaccalc/sha512hmac.hmac
>  
> -    # sha512hmac needs prelink to unprelink itself for verification
> -    inst /usr/sbin/prelink $MNTIMAGE/sbin/prelink
> -    inst /etc/prelink.conf $MNTIMAGE/etc/prelink.conf
> -
>      # rmmod to rmmod tcrypt when we're done with it. Note rmmod is also
>      # dynmically linked, but sha512hmac already brings in all needed libs
>      inst /sbin/rmmod $MNTIMAGE/bin/rmmod

Okay by me.

-- 
        Peter

I'd like to start a religion. That's where the money is.
		-- L. Ron Hubbard to Lloyd Eshbach, in 1949;
			quoted by Eshbach in _Over My Shoulder_.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]