[OE-core] [PATCH 16/24] dropbear: add default config file to disable root login
Robert Yang
liezhi.yang at windriver.com
Fri May 25 05:42:53 UTC 2018
On 05/25/2018 11:34 AM, Andre McCurdy wrote:
> On Thu, May 24, 2018 at 7:48 PM, Robert Yang <liezhi.yang at windriver.com> wrote:
>> From: Jackie Huang <jackie.huang at windriver.com>
>>
>> root login is disabled by default for openssh and we can
>> enable it through IMAGE_FEATURES 'debug-tweaks' or
>> 'allow-empty-password', so change to the same default
>> behavior for dropbear.
>>
>> Signed-off-by: Jackie Huang <jackie.huang at windriver.com>
>> ---
>> meta/recipes-core/dropbear/dropbear.inc | 3 +++
>> meta/recipes-core/dropbear/dropbear/dropbear.default | 2 ++
>> 2 files changed, 5 insertions(+)
>> create mode 100644 meta/recipes-core/dropbear/dropbear/dropbear.default
>>
>> diff --git a/meta/recipes-core/dropbear/dropbear.inc b/meta/recipes-core/dropbear/dropbear.inc
>> index 16ac644..3c79be9 100644
>> --- a/meta/recipes-core/dropbear/dropbear.inc
>> +++ b/meta/recipes-core/dropbear/dropbear.inc
>> @@ -20,6 +20,7 @@ SRC_URI = "http://matt.ucc.asn.au/dropbear/releases/dropbear-${PV}.tar.bz2 \
>> file://dropbearkey.service \
>> file://dropbear@.service \
>> file://dropbear.socket \
>> + file://dropbear.default \
>> ${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)} "
>>
>> PAM_SRC_URI = "file://0005-dropbear-enable-pam.patch \
>> @@ -63,6 +64,8 @@ do_install() {
>> ${D}${sbindir} \
>> ${D}${localstatedir}
>>
>> + install -m 0755 ${WORKDIR}/dropbear.default ${D}${sysconfdir}/default/dropbear
>
> Files in /etc/default don't need to be executable.
Thanks, I updated it to 0644 in the repo:
install -m 0644 ${WORKDIR}/dropbear.default ${D}${sysconfdir}/default/dropbear
// Robert
>
>> +
>> install -m 0755 dropbearmulti ${D}${sbindir}/
>> ln -s ${sbindir}/dropbearmulti ${D}${bindir}/dbclient
>>
>> diff --git a/meta/recipes-core/dropbear/dropbear/dropbear.default b/meta/recipes-core/dropbear/dropbear/dropbear.default
>> new file mode 100644
>> index 0000000..522453a
>> --- /dev/null
>> +++ b/meta/recipes-core/dropbear/dropbear/dropbear.default
>> @@ -0,0 +1,2 @@
>> +# Disallow root logins by default
>> +DROPBEAR_EXTRA_ARGS="-w"
>> --
>> 2.7.4
>>
>> --
>> _______________________________________________
>> Openembedded-core mailing list
>> Openembedded-core at lists.openembedded.org
>> http://lists.openembedded.org/mailman/listinfo/openembedded-core
>
More information about the Openembedded-core
mailing list