[oe] [PATCH] proftpd: use /bin/false as the login shell
rongqing.li at windriver.com
rongqing.li at windriver.com
Mon Dec 2 02:27:36 UTC 2013
From: Roy Li <rongqing.li at windriver.com>
Use /bin/false as the login shell, just like what Ubuntu does,
otherwise there might be secure issue.
Signed-off-by: Roy Li <rongqing.li at windriver.com>
---
meta-networking/recipes-daemons/proftpd/proftpd_1.3.4b.bb | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/meta-networking/recipes-daemons/proftpd/proftpd_1.3.4b.bb b/meta-networking/recipes-daemons/proftpd/proftpd_1.3.4b.bb
index 6537b77..0006a2a 100644
--- a/meta-networking/recipes-daemons/proftpd/proftpd_1.3.4b.bb
+++ b/meta-networking/recipes-daemons/proftpd/proftpd_1.3.4b.bb
@@ -62,6 +62,7 @@ INITSCRIPT_PARAM = "defaults 85 15"
USERADD_PACKAGES = "${PN}"
GROUPADD_PARAM_${PN} = "--system ${FTPGROUP}"
-USERADD_PARAM_${PN} = "--system -g ${FTPGROUP} ${FTPUSER}"
+USERADD_PARAM_${PN} = "--system -g ${FTPGROUP} --home-dir /var/lib/ftp --no-create-home \
+ --shell /bin/false ${FTPUSER}"
FILES_${PN} += "/home/${FTPUSER}"
--
1.7.10.4
More information about the Openembedded-devel
mailing list