mirror of
				https://github.com/kata-containers/kata-containers.git
				synced 2025-10-25 14:23:11 +00:00 
			
		
		
		
	initramfs: Enforce --panic-on-corruption for veritysetup
Let's enforce an error on veritysetup in case there's any tampering with the rootfs. Signed-off-by: Fabiano Fidêncio <fidencio@northflank.com>
This commit is contained in:
		
				
					committed by
					
						 Fabiano Fidêncio
						Fabiano Fidêncio
					
				
			
			
				
	
			
			
			
						parent
						
							bc75f6a158
						
					
				
				
					commit
					d056fb20fe
				
			| @@ -48,7 +48,7 @@ then | ||||
| 		exit 1 | ||||
| 	fi | ||||
|  | ||||
| 	veritysetup open "${root_device}" root "${hash_device}" "${rootfs_hash}" | ||||
| 	veritysetup open --panic-on-corruption "${root_device}" root "${hash_device}" "${rootfs_hash}" | ||||
| 	mount /dev/mapper/root /mnt | ||||
| else | ||||
| 	echo "No LUKS device found" | ||||
|   | ||||
		Reference in New Issue
	
	Block a user