Adds back sed command for grub

Adding the old style sed command instead of the perl command. This makes sure that we have only one value within double quotes in the correct location in /etc/default/grub.
freedomofpress · Feb 24, 2021 · 1f68980 · 1f68980
1 parent 5620ecc
commit 1f68980
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/install_files/securedrop-grsec-focal/DEBIAN/postinst.j2 b/install_files/securedrop-grsec-focal/DEBIAN/postinst.j2
@@ -28,7 +28,7 @@ set_grub_default() {
     # When using CONFIG_PAX_KERNEXEC, the grsecurity team recommends the kernel
     # is booted with "noefi" on the kernel command line if "CONFIG_EFI" is
     # enabled, as EFI runtime services are necessarily mapped as RWX.
-    perl -pi -e 's|^GRUB_CMDLINE_LINUX_DEFAULT=|GRUB_CMDLINE_LINUX_DEFAULT="noefi ipv6.disable=1"|' /etc/default/grub
+    sed -i '/^GRUB_CMDLINE_LINUX_DEFAULT=/s/=.*/=\"noefi ipv6\.disable=1 quiet\"/' /etc/default/grub
     update-grub
 }