dracut.sh: create the initramfs non-world readable also if early cpio is used

author Andreas Stieger <astieger@suse.com>

Mon, 7 Nov 2016 09:37:22 +0000 (10:37 +0100)

committer Harald Hoyer <harald@redhat.com>

Mon, 7 Nov 2016 09:41:38 +0000 (10:41 +0100)
author Andreas Stieger <astieger@suse.com>
Mon, 7 Nov 2016 09:37:22 +0000 (10:37 +0100)
committer Harald Hoyer <harald@redhat.com>
Mon, 7 Nov 2016 09:41:38 +0000 (10:41 +0100)
diff --git a/dracut.sh b/dracut.sh

index 40ca08f659f2289a608ac8e333d4cd818f8d7e76..2d79bbcc1e19ad69f01205767931110918e867c8 100755 (executable)
--- a/dracut.sh
+++ b/dracut.sh
@@ -1700,7 +1700,7 @@ if [[ $create_early_cpio = yes ]]; then
  
      # The microcode blob is _before_ the initramfs blob, not after
      if ! (
-            cd "$early_cpio_dir/d"
+            umask 077; cd "$early_cpio_dir/d"
              find . -print0 | sort -z \
                  | cpio ${CPIO_REPRODUCIBLE:+--reproducible} --null $cpio_owner_root -H newc -o --quiet > "${DRACUT_TMPDIR}/initramfs.img"
          ); then
author	Andreas Stieger <astieger@suse.com>
	Mon, 7 Nov 2016 09:37:22 +0000 (10:37 +0100)
committer	Harald Hoyer <harald@redhat.com>
	Mon, 7 Nov 2016 09:41:38 +0000 (10:41 +0100)