Remove '--no-absolute-filenames' from cpio invocations

Since cpio 2.13, this option strips '/' and '../' from symbolic and
hard links during extraction of a cpio archive like our initramfs.
This is implemented as a fix for CVE-2015-1197 but breaks the initrd.
And leaving out this option does not have the adverse effect
I always thought it would have... archive extraction is still done
into the current directory and not in the filesystem root.

3 files changed, 3 insertions, 3 deletions

diff --git a/iso2usb.sh b/iso2usb.sh
index 21248cb..ed9be53 100644
--- a/iso2usb.sh
+++ b/iso2usb.sh
@@ -247,7 +247,7 @@ update_initrd() {
   echo "--- Extracting Slackware initrd and adding rootdelay for USB..."
   cd ${IMGDIR}
     uncompressfs ${IMGFILE} \
-      | cpio -i -d -H newc --no-absolute-filenames
+      | cpio -i -d -m -H newc
     
     if [ $REFRESH -eq 1 ]; then
       echo "--- Refreshing Slackware initrd..."
diff --git a/make_slackware_live.sh b/make_slackware_live.sh
index ce0e7dd..a4c133d 100755
--- a/make_slackware_live.sh
+++ b/make_slackware_live.sh
@@ -1587,7 +1587,7 @@ if ls ${LIVE_ROOTDIR}/boot/vmlinuz-huge-* 1>/dev/null 2>/dev/null; then
   # and move them to a single directory in the ISO:
   mkdir -p  ${LIVE_ROOTDIR}/usr/share/${LIVEMAIN}
   cd  ${LIVE_ROOTDIR}/usr/share/${LIVEMAIN}
-    uncompressfs ${DEF_SL_PKGROOT}/../isolinux/initrd.img | cpio -i -d -H newc --no-absolute-filenames usr/lib/setup/* sbin/probe sbin/fixdate
+    uncompressfs ${DEF_SL_PKGROOT}/../isolinux/initrd.img | cpio -i -d -m -H newc usr/lib/setup/* sbin/probe sbin/fixdate
     mv -i usr/lib/setup/* sbin/probe sbin/fixdate .
     rm -r usr sbin
     rm -f setup
diff --git a/upslak.sh b/upslak.sh
index c1559df..4af5ae5 100644
--- a/upslak.sh
+++ b/upslak.sh
@@ -411,7 +411,7 @@ extract_initrd() {
 
   cd ${IMGDIR}
     uncompressfs ${IMGFILE} \
-      | cpio -i -d -H newc --no-absolute-filenames
+      | cpio -i -d -m -H newc
 } # End of extract_initrd()
     
 # Modify the extracted initrd and re-pack it: