[OE-core] [PATCH] openssh: fix wrong volatile dir for sshd host keys on read-only rootfs
Andre McCurdy
armccurdy at gmail.com
Wed Aug 15 19:47:34 UTC 2018
On Wed, Aug 15, 2018 at 4:59 AM, Martin Hundebøll <martin at geanix.com> wrote:
> When the read-only-rootfs image feature is enabled, and openssh is
> installed into an image, the ssh daemon is reconfigured to use
> /var/run/ssh when generating host keys.
>
> Fix up the creation of the volatile dir to actually match what sshd is
> configured to.
>
> Signed-off-by: Martin Hundebøll <martin at geanix.com>
> ---
> meta/recipes-connectivity/openssh/openssh/volatiles.99_sshd | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/meta/recipes-connectivity/openssh/openssh/volatiles.99_sshd b/meta/recipes-connectivity/openssh/openssh/volatiles.99_sshd
> index a0d2af3c65..fcbc5ae9d5 100644
> --- a/meta/recipes-connectivity/openssh/openssh/volatiles.99_sshd
> +++ b/meta/recipes-connectivity/openssh/openssh/volatiles.99_sshd
> @@ -1,2 +1,2 @@
> -d root root 0755 /var/run/sshd none
> +d root root 0755 /var/run/ssh none
This doesn't look right.
/var/run/sshd is the directory used for privilege separation (grep for
--with-privsep-path ), so it's not correct to remove it.
Note that sshd_check_keys script runs "mkdir -p $SYSCONFDIR" (ie
/var/run/ssh in the read-only rootfs case) at run time before creating
any keys.
What exactly was the problem that this patch tries to fix?
> f root root 0644 /var/log/lastlog none
> --
> 2.18.0
>
> --
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core at lists.openembedded.org
> http://lists.openembedded.org/mailman/listinfo/openembedded-core
More information about the Openembedded-core
mailing list