Control: reassign -1 cpio 2.13+dfsg-1 On Mon, 09 Dec 2019 15:58:54 +0000 Jen Bowen <debianfang...@gmail.com> wrote: > Package: initramfs-tools-core > Version: 0.135 > Severity: normal > > Dear Maintainer, > > When unmkinitramfs is used on prepended initramfs images, such as the > initrd.img-5.3.0-2-amd64 generated by the linux-image-5.3.0-2-amd64 package, > the symlink at main/lib64/ld-linux-x86-64.so.2 is broken. This seems to be a > result of the use of the "--no-absolute-filenames" flag with cpio.
I think we need to use this option, so that it's safe to unpack an untrusted initramfs image. > If I remove this flag and run unmkinitramfs again, the symlink to the linker > is > intact, and it's possible to chroot into the extracted initramfs image and run > binaries in main/bin . > > I don't know if it's the intention of unmkinitramfs to create functional > binaries in the extracted images, but it's very helpful in my use case! It's not a specific goal, but the symlinks should not be broken. This seems to be a regression in cpio: the filename restrictions requested by this option are being applied to symlink targets, whereas they should only be applied to destination filenames and hard link targets. Ben. -- Ben Hutchings Humans are not rational beings; they are rationalising beings.
signature.asc
Description: This is a digitally signed message part
