Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12:Update
ecryptfs-utils.6434
CVE-2015-8946.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2015-8946.patch of Package ecryptfs-utils.6434
Index: src/utils/ecryptfs-setup-swap =================================================================== --- src/utils/ecryptfs-setup-swap.orig +++ src/utils/ecryptfs-setup-swap @@ -158,6 +158,24 @@ for swap in $swaps; do i=$((i+1)) [ -e "/dev/mapper/cryptswap$i" ] || break done + + # If this is a GPT partition, mark it as no-auto mounting, to avoid + # auto-activating it on boot + if [ "$(blkid -p -s PART_ENTRY_SCHEME -o value "$swap")" = "gpt" ]; then + drive="${swap%[0-9]*}" + partno="${swap#$drive}" + if [ -b "$drive" ]; then + if printf "x\np\n" | fdisk "$drive" | grep -q "^$swap .* GUID:.*\b63\b"; then + echo "$swap is already marked as no-auto" + else + # toggle flag 63 ("no auto") + echo "marking GPT swap partition $swap as no-auto..." + # unfortunately fdisk fails on "cannot re-read part table" and is very verbose + printf "x\nS\n$partno\n63\nr\nw\n" | fdisk "$drive" >/dev/null 2>&1 || true + fi + fi + fi + # Add crypttab entry echo "cryptswap$i $swap /dev/urandom swap,cipher=aes-cbc-essiv:sha256" >> /etc/crypttab
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor