From 71e4e1258436e7e81d772aed52a02bb5d9c87cb8 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Sat, 14 Mar 2015 22:35:30 -0400 Subject: [PATCH] cryptsetup-generator: remove warning about crypttab access mode MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit This file contains no privileged data — just names of devices to decrypt and files containing keys. On a running system most of this can be inferred from the device tree anyway. --- src/cryptsetup/cryptsetup-generator.c | 7 ------- 1 file changed, 7 deletions(-) diff --git a/src/cryptsetup/cryptsetup-generator.c b/src/cryptsetup/cryptsetup-generator.c index 5a0611a..5d234e6 100644 --- a/src/cryptsetup/cryptsetup-generator.c +++ b/src/cryptsetup/cryptsetup-generator.c @@ -374,13 +374,6 @@ static int add_crypttab_devices(void) { return 0; } - /* If we readd support for specifying passphrases - * directly in crypttab we should upgrade the warning - * below, though possibly only if a passphrase is - * specified directly. */ - if (st.st_mode & 0005) - log_debug("/etc/crypttab is world-readable. This is usually not a good idea."); - for (;;) { int r, k; char line[LINE_MAX], *l, *uuid; -- 2.7.4