Skip to content

Commit

Permalink
fix(dracut-functions): avoid calling grep with PCRE (-P)
Browse files Browse the repository at this point in the history 
Invoking grep in Perl mode requires JIT'ing the Perl regex.
This can run into issues with SELinix policy which will generally try to
limit use of execmem in general purpose scripts. This occurs since the
JIT'd code will live in executable  memory.

The PCRE only '\K' command in the Perl REGEX can be replaced by a call
to awk instead.
  • Loading branch information
@dmcilvaney @LaszloGombos
dmcilvaney authored and LaszloGombos committed May 8, 2023
1 parent 260883d commit 67591e8
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion dracut-functions.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -244,7 +244,7 @@ get_maj_min() {
local _out
if [[ $get_maj_min_cache_file ]]; then
_out="$(grep -m1 -oP "^$1 \K\S+$" "$get_maj_min_cache_file")"
_out="$(grep -m1 -oE "^$1 \S+$" "$get_maj_min_cache_file" | awk '{print $NF}')"
fi
if ! [[ "$_out" ]]; then
Expand Down

0 comments on commit 67591e8

Please sign in to comment.