diff options
Diffstat (limited to 'system/openrc/0006-mount-efivars-read-only.patch')
| -rw-r--r-- | system/openrc/0006-mount-efivars-read-only.patch | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/system/openrc/0006-mount-efivars-read-only.patch b/system/openrc/0006-mount-efivars-read-only.patch new file mode 100644 index 000000000..ec2321dd2 --- /dev/null +++ b/system/openrc/0006-mount-efivars-read-only.patch @@ -0,0 +1,27 @@ +From 37feb4b716525f0c5c5469f21686ab4efcf06fab Mon Sep 17 00:00:00 2001 +From: Natanael Copa <ncopa@alpinelinux.org> +Date: Wed, 1 Feb 2017 04:18:53 +0000 +Subject: [PATCH 6/7] mount efivars read-only + +unintentional writes to efivars may result in bricked hardware. mount it +read-only to play safe. +--- + init.d/sysfs.in | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/init.d/sysfs.in b/init.d/sysfs.in +index e493f584..bfd0d438 100644 +--- a/init.d/sysfs.in ++++ b/init.d/sysfs.in +@@ -101,7 +101,7 @@ mount_misc() + if [ -d /sys/firmware/efi/efivars ] && + ! mountinfo -q /sys/firmware/efi/efivars; then + ebegin "Mounting efivarfs filesystem" +- mount -n -t efivarfs -o ${sysfs_opts} \ ++ mount -n -t efivarfs -o ro,${sysfs_opts} \ + efivarfs /sys/firmware/efi/efivars 2> /dev/null + eend 0 + fi +-- +2.11.1 + |