Bug#751488: initramfs-tools: Shell spawned despite panic=0
Package: initramfs-tools
Version: 0.109.1
Severity: critical
Tags: patch
Hi,
I've set panic=0 as a kernel cmdline argument which should trigger a
reboot instead of spawning a shell. However, the reboot seems to be
uneffective and a shell is spawned nevertheless. This is unpleasing
since spawn=0 is "marketed" as a security feature in
initramfs-tools(8):
panic sets an timeout on panic. panic=<sec> is a documented
security feature: it disables the debug shell.
Output on screen:
Loading, please wait ...
Spawning shell within the initramfs
Rebooting automatically due to panic= boot argument
BusyBox v1.20.2 (Debian 1:1.20.0-7) built-in shell (ash)
Enter 'help' for a list of built-in commands.
/bin/sh: can't access tty; job control turned off
(initramfs) _
The commands halt, reboot, etc. don't work either.
To fix the security impact of an open shell I propose to at least add a
return after the reboot command so that if the reboot is effectively a
NOP still no shell is spawned.
diff --git a/scripts/functions b/scripts/functions
index 5352f1d..de64494 100644
--- a/scripts/functions
+++ b/scripts/functions
@@ -43,6 +43,7 @@ panic()
echo "Rebooting automatically due to panic= boot argument"
sleep ${panic}
reboot
+ return
fi
modprobe -v i8042 || true
modprobe -v atkbd || true
Regards,
Lukas
Reply to: