61f585cdc1
for install guest on tapdisk very very slow. - bnc#542525 - VUL-1: xen pygrub vulnerability 20099-pygrub-security.patch 20107-pygrub-security.patch 20146-pygrub-security.patch 20174-pygrub-security.patch 20201-pygrub-security.patch OBS-URL: https://build.opensuse.org/package/show/Virtualization/xen?expand=0&rev=22
96 lines
4.7 KiB
Diff
96 lines
4.7 KiB
Diff
# HG changeset patch
|
|
# User Keir Fraser <keir.fraser@citrix.com>
|
|
# Date 1251887904 -3600
|
|
# Node ID e513d565c8f1298d26bc614eabd1b7111693a940
|
|
# Parent 8fc92779847680fe40a1ee9c2a01b3effc7cd056
|
|
pygrub: Match bare-metal GRUB behavior for passwords
|
|
|
|
The password support patch already merged didn't match the bare-metal
|
|
GRUB behavior so I created a patch to match it. If password is entered
|
|
in grub.conf file, pressing `p` is required exactly like when using
|
|
"real" (bare-metal) GRUB. New options are available after the correct
|
|
password is entered.
|
|
|
|
Signed-off-by: Michal Novotny <minovotn@redhat.com>
|
|
|
|
Index: xen-3.4.1-testing/tools/pygrub/src/pygrub
|
|
===================================================================
|
|
--- xen-3.4.1-testing.orig/tools/pygrub/src/pygrub
|
|
+++ xen-3.4.1-testing/tools/pygrub/src/pygrub
|
|
@@ -415,16 +415,17 @@ class Grub:
|
|
def draw():
|
|
# set up the screen
|
|
self.draw_main_windows()
|
|
- self.text_win.addstr(0, 0, "Use the U and D keys to select which entry is highlighted.")
|
|
- self.text_win.addstr(1, 0, "Press enter to boot the selected OS. 'e' to edit the")
|
|
- self.text_win.addstr(2, 0, "commands before booting, 'a' to modify the kernel arguments ")
|
|
|
|
- # if grub has password defined we allow option to enter password
|
|
- if not self.cf.hasPassword():
|
|
+ if not self.cf.hasPassword() or self.cf.hasPasswordAccess():
|
|
+ self.text_win.addstr(0, 0, "Use the U and D keys to select which entry is highlighted.")
|
|
+ self.text_win.addstr(1, 0, "Press enter to boot the selected OS, 'e' to edit the")
|
|
+ self.text_win.addstr(2, 0, "commands before booting, 'a' to modify the kernel arguments ")
|
|
self.text_win.addstr(3, 0, "before booting, or 'c' for a command line.")
|
|
+
|
|
else:
|
|
- self.text_win.addstr(3, 0, "before booting, or 'c' for a command line. You can also")
|
|
- self.text_win.addstr(4, 0, "press 'p' to enter password for modifications...")
|
|
+ self.text_win.addstr(0, 0, "Use the U and D keys to select which entry is highlighted.")
|
|
+ self.text_win.addstr(1, 0, "Press enter to boot the selected OS or `p` to enter a")
|
|
+ self.text_win.addstr(2, 0, "password to unlock the next set of features.")
|
|
|
|
self.text_win.addch(0, 8, curses.ACS_UARROW)
|
|
self.text_win.addch(0, 14, curses.ACS_DARROW)
|
|
@@ -463,20 +464,10 @@ class Grub:
|
|
self.screen.timeout(-1)
|
|
|
|
# handle keypresses
|
|
- if c == ord('c'):
|
|
- # we disallow access without password specified
|
|
- if not self.cf.hasPasswordAccess():
|
|
- self.text_win.addstr(6, 8, "You have to enter GRUB password first")
|
|
- break
|
|
-
|
|
+ if c == ord('c') and self.cf.hasPasswordAccess():
|
|
self.command_line_mode()
|
|
break
|
|
- elif c == ord('a'):
|
|
- # we disallow access without password specified
|
|
- if not self.cf.hasPasswordAccess():
|
|
- self.text_win.addstr(6, 8, "You have to enter GRUB password first")
|
|
- break
|
|
-
|
|
+ elif c == ord('a') and self.cf.hasPasswordAccess():
|
|
# find the kernel line, edit it and then boot
|
|
img = self.cf.images[self.selected_image]
|
|
for line in img.lines:
|
|
@@ -487,23 +478,18 @@ class Grub:
|
|
self.isdone = True
|
|
break
|
|
break
|
|
- elif c == ord('e'):
|
|
- # we disallow access without password specified
|
|
- if not self.cf.hasPasswordAccess():
|
|
- self.text_win.addstr(6, 8, "You have to enter GRUB password first")
|
|
- break
|
|
-
|
|
+ elif c == ord('e') and self.cf.hasPasswordAccess():
|
|
img = self.cf.images[self.selected_image]
|
|
self.edit_entry(img)
|
|
break
|
|
elif c == ord('p') and self.cf.hasPassword():
|
|
- self.text_win.addstr(6, 8, "Enter password: ")
|
|
+ self.text_win.addstr(6, 1, "Password: ")
|
|
pwd = self.text_win.getstr(6, 8)
|
|
if not self.cf.checkPassword(pwd):
|
|
- self.text_win.addstr(6, 8, "Incorrect password!")
|
|
+ self.text_win.addstr(6, 1, "Password: ")
|
|
+ self.text_win.addstr(7, 0, "Failed!")
|
|
self.cf.setPasswordAccess( False )
|
|
else:
|
|
- self.text_win.addstr(6, 8, "Access granted ")
|
|
self.cf.setPasswordAccess( True )
|
|
break
|
|
elif c in (curses.KEY_ENTER, ord('\n'), ord('\r')):
|