[PATCH 2/3] [V5] Disable shell access when lockdown is active
Murilo Opsfelder Araújo
muriloo at linux.vnet.ibm.com
Wed Aug 17 06:33:11 AEST 2016
On 08/12/2016 11:36 PM, Timothy Pearson wrote:
[...]
> diff --git a/ui/ncurses/nc-cui.c b/ui/ncurses/nc-cui.c
> index 09b63b0..96ebd1e 100644
> --- a/ui/ncurses/nc-cui.c
> +++ b/ui/ncurses/nc-cui.c
> @@ -25,6 +25,7 @@
> #include <stdlib.h>
> #include <string.h>
> #include <sys/ioctl.h>
> +#include <sys/reboot.h>
>
> #include "log/log.h"
> #include "pb-protocol/pb-protocol.h"
> @@ -94,6 +95,15 @@ static void cui_atexit(void)
> clear();
> refresh();
> endwin();
> +
> + bool lockdown = false;
> + if (access(LOCKDOWN_FILE, F_OK) != -1)
> + lockdown = true;
I see this "if" block more than once. Wouldn't it make sense to
encapsulate this in a function that returns true if lockdown is present?
> +
> + while (lockdown) {
> + sync();
> + reboot(RB_AUTOBOOT);
> + }
> }
>
> /**
> @@ -826,6 +836,9 @@ static struct pmenu *main_menu_init(struct cui *cui)
> struct pmenu_item *i;
> struct pmenu *m;
> int result;
> + bool lockdown = false;
> + if (access(LOCKDOWN_FILE, F_OK) != -1)
> + lockdown = true;
Same here.
--
Murilo
More information about the Petitboot
mailing list