X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=blobdiff_plain;f=src%2Fcryptsetup%2Fcryptsetup-generator.c;h=7eae1c8c6721f07353a9603fab575c98c37a8ad0;hp=228039d91f0ea2bd2560fc2ce0e12718551fb765;hb=8973790ee6f62132b1b57de15c4edaef2c097004;hpb=5954c07433b134694256b9989f2ad3f85a643976

diff --git a/src/cryptsetup/cryptsetup-generator.c b/src/cryptsetup/cryptsetup-generator.c
index 228039d91..7eae1c8c6 100644
--- a/src/cryptsetup/cryptsetup-generator.c
+++ b/src/cryptsetup/cryptsetup-generator.c
@@ -328,13 +328,13 @@ static int parse_proc_cmdline(char ***arg_proc_cmdline_disks, char **arg_proc_cm
 }
 
 int main(int argc, char *argv[]) {
+        _cleanup_strv_free_ char **arg_proc_cmdline_disks_done = NULL;
+        _cleanup_strv_free_ char **arg_proc_cmdline_disks = NULL;
+        _cleanup_free_ char *arg_proc_cmdline_keyfile = NULL;
         _cleanup_fclose_ FILE *f = NULL;
         unsigned n = 0;
         int r = EXIT_SUCCESS;
         char **i;
-        _cleanup_strv_free_ char **arg_proc_cmdline_disks_done = NULL;
-        _cleanup_strv_free_ char **arg_proc_cmdline_disks = NULL;
-        _cleanup_free_ char *arg_proc_cmdline_keyfile = NULL;
 
         if (argc > 1 && argc != 4) {
                 log_error("This program takes three or no arguments.");
@@ -357,8 +357,9 @@ int main(int argc, char *argv[]) {
                 return EXIT_SUCCESS;
 
         if (arg_read_crypttab) {
-                f = fopen("/etc/crypttab", "re");
+                struct stat st;
 
+                f = fopen("/etc/crypttab", "re");
                 if (!f) {
                         if (errno == ENOENT)
                                 r = EXIT_SUCCESS;
@@ -366,7 +367,20 @@ int main(int argc, char *argv[]) {
                                 r = EXIT_FAILURE;
                                 log_error("Failed to open /etc/crypttab: %m");
                         }
-                } else for (;;) {
+
+                        goto next;
+                }
+
+                if (fstat(fileno(f), &st) < 0) {
+                        log_error("Failed to stat /etc/crypttab: %m");
+                        r = EXIT_FAILURE;
+                        goto next;
+                }
+
+                if (st.st_mode & 0005)
+                        log_warning("/etc/crypttab is world-readable. This is usually not a good idea.");
+
+                for (;;) {
                         char line[LINE_MAX], *l;
                         _cleanup_free_ char *name = NULL, *device = NULL, *password = NULL, *options = NULL;
                         int k;
@@ -420,6 +434,7 @@ int main(int argc, char *argv[]) {
                 }
         }
 
+next:
         STRV_FOREACH(i, arg_proc_cmdline_disks) {
                 /*
                   Generate units for those UUIDs, which were specified