From: Harald Hoyer <harald@redhat.com>
Date: Tue, 6 Aug 2013 09:43:58 +0000 (+0200)
Subject: dracut.sh: do not strip in FIPS mode
X-Git-Tag: 032~49
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=5ae33613ab3145db12f21bca491d97832160cc1a;p=thirdparty%2Fdracut.git

dracut.sh: do not strip in FIPS mode
---

diff --git a/dracut.sh b/dracut.sh
index e119bd2ed..4ef71f34f 100755
--- a/dracut.sh
+++ b/dracut.sh
@@ -1209,25 +1209,11 @@ if [[ $do_strip = yes ]] ; then
     done
 fi
 
-if [[ $do_strip = yes ]] ; then
+if [[ $do_strip = yes ]] && ! [[ $DRACUT_FIPS_MODE ]]; then
     dinfo "*** Stripping files ***"
-    if [[ $DRACUT_FIPS_MODE ]]; then
-        find "$initdir" -type f \
-            -executable -not -path '*/lib/modules/*.ko' -print0 \
-            | while read -r -d $'\0' f; do
-            if ! [[ -e "${f%/*}/.${f##*/}.hmac" ]] \
-                && ! [[ -e "/lib/hmaccalc/${f##*/}.hmac" ]] \
-                && ! [[ -e "/lib64/hmaccalc/${f##*/}.hmac" ]] \
-                && ! [[ -e "/lib/fipscheck/${f##*/}.hmac" ]] \
-                && ! [[ -e "/lib64/fipscheck/${f##*/}.hmac" ]]; then
-                printf "%s\000" "$f";
-            fi
-        done | xargs -r -0 strip -g 2>/dev/null
-    else
-        find "$initdir" -type f \
-            -executable -not -path '*/lib/modules/*.ko' -print0 \
-            | xargs -r -0 strip -g 2>/dev/null
-    fi
+    find "$initdir" -type f \
+        -executable -not -path '*/lib/modules/*.ko' -print0 \
+        | xargs -r -0 strip -g 2>/dev/null
 
     # strip kernel modules, but do not touch signed modules
     find "$initdir" -type f -path '*/lib/modules/*.ko' -print0 \