summaryrefslogtreecommitdiffstats
path: root/config
diff options
context:
space:
mode:
authorintrigeri <intrigeri@boum.org>2020-01-28 12:26:55 +0000
committerintrigeri <intrigeri@boum.org>2020-01-28 12:31:14 +0000
commitee6ff8d1dce58b5447c6f939c4158a1d86a76a09 (patch)
treeefe65b250d46086c6d9bad41f14f59c004426f04 /config
parentf68885ee3f1dfd93330b288e5b3697856f6a9a43 (diff)
live-persist: don't backup empty configuration files (refs: #17112)
In some cases, the previous code would overwrite a non-empty backup file with an empty one, making it harder to recover from the already painful #10976. For example, if the permissions get wrong and we run disable_and_create_empty_persistence_conf_file(), but the user does _not_ immediately fix the problem, then next time they unlock their persistence, the (non-empty) backup gets overwritten by live-persist which replaces it with the new, empty config file it created during last boot.
Diffstat (limited to 'config')
-rwxr-xr-xconfig/chroot_local-includes/usr/local/sbin/live-persist10
1 files changed, 8 insertions, 2 deletions
diff --git a/config/chroot_local-includes/usr/local/sbin/live-persist b/config/chroot_local-includes/usr/local/sbin/live-persist
index 656a18c..ce0c6d9 100755
--- a/config/chroot_local-includes/usr/local/sbin/live-persist
+++ b/config/chroot_local-includes/usr/local/sbin/live-persist
@@ -259,14 +259,20 @@ disable_and_create_empty_persistence_conf_file ()
{
local conf="$1"
local mode="$2"
+ local dest="${conf}.insecure_disabled"
if [ -z "$mode" ]
then
mode=0600
fi
- mv "$conf" "${conf}.insecure_disabled" \
- || error "Failed to disable '$conf': $?"
+ if [ -s "$conf" ]
+ then
+ mv "$conf" "$dest" || error "Failed to disable '$conf': $?"
+ else
+ rm "$conf" || error "Failed to delete '$conf': $?"
+ fi
+
create_empty_persistence_conf_file "$conf" "$mode"
}