[oe] [PATCH meta-networking v2] proftpd: use /bin/false as the login shell and add home-dir
Rongqing Li
rongqing.li at windriver.com
Mon Dec 2 09:20:50 UTC 2013
Drop it, test shows it does not work since /bin/false is not valid
shell, even if set RequireValidShell to off
On 12/02/2013 12:44 PM, rongqing.li at windriver.com wrote:
> From: Roy Li <rongqing.li at windriver.com>
>
> Use /bin/false as the login shell, just like what Ubuntu does,
> otherwise there might be secure issue; add /var/lib/ftp as user
> ftp home-dir.
>
> Signed-off-by: Roy Li <rongqing.li at windriver.com>
> ---
> meta-networking/recipes-daemons/proftpd/proftpd_1.3.4b.bb | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/meta-networking/recipes-daemons/proftpd/proftpd_1.3.4b.bb b/meta-networking/recipes-daemons/proftpd/proftpd_1.3.4b.bb
> index 6537b77..0006a2a 100644
> --- a/meta-networking/recipes-daemons/proftpd/proftpd_1.3.4b.bb
> +++ b/meta-networking/recipes-daemons/proftpd/proftpd_1.3.4b.bb
> @@ -62,6 +62,7 @@ INITSCRIPT_PARAM = "defaults 85 15"
>
> USERADD_PACKAGES = "${PN}"
> GROUPADD_PARAM_${PN} = "--system ${FTPGROUP}"
> -USERADD_PARAM_${PN} = "--system -g ${FTPGROUP} ${FTPUSER}"
> +USERADD_PARAM_${PN} = "--system -g ${FTPGROUP} --home-dir /var/lib/${FTPUSER} --no-create-home \
> + --shell /bin/false ${FTPUSER}"
>
> FILES_${PN} += "/home/${FTPUSER}"
>
--
Best Reagrds,
Roy | RongQing Li
More information about the Openembedded-devel
mailing list