[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
Re: [PATCH mkinitrd 5.4 fips] Dont copy prelink (#505113)
- From: Peter Jones <pjones redhat com>
- To: Hans de Goede <hdegoede redhat com>
- Cc: Discussion of Development and Customization of the Red Hat Linux Installer <anaconda-devel-list redhat com>
- Subject: Re: [PATCH mkinitrd 5.4 fips] Dont copy prelink (#505113)
- Date: Wed, 17 Jun 2009 11:03:17 -0400
On 06/16/2009 01:54 PM, Hans de Goede wrote:
>
> In fips mode prelink must be disabled, so we don't need it and on ia64
> there is no prelink causing mkinitrd to fail there. This fixes this
> by simply removing prelink from the initrd.
> diff -up mkinitrd-5.1.19.6/mkinitrd~ mkinitrd-5.1.19.6/mkinitrd
> --- mkinitrd-5.1.19.6/mkinitrd~ 2009-06-11 11:36:28.000000000 +0200
> +++ mkinitrd-5.1.19.6/mkinitrd 2009-06-11 11:45:12.973862927 +0200
> @@ -1697,10 +1697,6 @@ if [ "$withfips" -eq 1 ]; then
>
> inst /usr/$libdir/hmaccalc/sha512hmac.hmac $MNTIMAGE/usr/$libdir/hmaccalc/sha512hmac.hmac
>
> - # sha512hmac needs prelink to unprelink itself for verification
> - inst /usr/sbin/prelink $MNTIMAGE/sbin/prelink
> - inst /etc/prelink.conf $MNTIMAGE/etc/prelink.conf
> -
> # rmmod to rmmod tcrypt when we're done with it. Note rmmod is also
> # dynmically linked, but sha512hmac already brings in all needed libs
> inst /sbin/rmmod $MNTIMAGE/bin/rmmod
Okay by me.
--
Peter
I'd like to start a religion. That's where the money is.
-- L. Ron Hubbard to Lloyd Eshbach, in 1949;
quoted by Eshbach in _Over My Shoulder_.
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]