shaba/systemd-stable
1
1
Fork 0
mirror of https://github.com/systemd/systemd-stable.git synced 2025-11-06 20:25:05 +03:00
Code Activity

dissect-image: do not enable "verification" when trying to acquire metadata

Browse Source 
The whole point of acquiring metadata is quite often to figure out why the
image does not pass verification. Refusing to provide metadata is just being
hostile to the user.

When called from other places (e.g. image_read_metadata()), verification is
still performed.
This commit is contained in:
Zbigniew Jędrzejewski-Szmek
2021-11-24 13:03:25 +01:00
parent 03ae68f419
commit 2284750820
4 changed files with 10 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/shared/dissect-image.h
View File

@@ -208,7 +208,7 @@ int dissected_image_decrypt_interactively(DissectedImage *m, const char *passphr
int dissected_image_mount(DissectedImage *m, const char *dest, uid_t uid_shift, uid_t uid_range, DissectImageFlags flags);
int dissected_image_mount_and_warn(DissectedImage *m, const char *where, uid_t uid_shift, uid_t uid_range, DissectImageFlags flags);
int dissected_image_acquire_metadata(DissectedImage *m);
int dissected_image_acquire_metadata(DissectedImage *m, DissectImageFlags extra_flags);
DecryptedImage* decrypted_image_unref(DecryptedImage *p);
DEFINE_TRIVIAL_CLEANUP_FUNC(DecryptedImage*, decrypted_image_unref);