cryptsetup: only warn on real key files

[elogind.git] / src / cryptsetup / cryptsetup.c

diff --git a/src/cryptsetup/cryptsetup.c b/src/cryptsetup/cryptsetup.c
index 15dea7b65b47b1c25ad2bfbf4bac312b5b51b0aa..26141a01b087b9bfa429386f7b436892f79d9760 100644 (file)
--- a/src/cryptsetup/cryptsetup.c
+++ b/src/cryptsetup/cryptsetup.c
@@ -69,7 +69,7 @@ static int parse_one_option(const char *option) {
         assert(option);
 
         /* Handled outside of this tool */
-        if (streq(option, "noauto") || streq(option, "nofail"))
+        if (STR_IN_SET(option, "noauto", "auto", "nofail", "fail"))
                 return 0;
 
         if (startswith(option, "cipher=")) {
@@ -624,7 +624,7 @@ int main(int argc, char *argv[]) {
 
                         /* Ideally we'd do this on the open fd, but since this is just a
                          * warning it's OK to do this in two steps. */
-                        if (stat(key_file, &st) >= 0 && (st.st_mode & 0005))
+                        if (stat(key_file, &st) >= 0 && S_ISREG(st.st_mode) && (st.st_mode & 0005))
                                 log_warning("Key file %s is world-readable. This is not a good idea!", key_file);
                 }