mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-06-02 13:29:49 +00:00
Code Issues Projects Releases Wiki Activity

classes/image: improve debug-tweaks ssh server configuration

Browse Source 
Create a single postprocessing function that enables no-password logins
for both openssh and dropbear when debug-tweaks is in IMAGE_FEATURES,
changing its behaviour slightly:
* Run it regardless of whether ssh-server-* are in IMAGE_FEATURES so
  that it still takes effect if these are installed by adding
  dropbear/openssh to IMAGE_INSTALL.
* Enable it to be run from image.bbclass rather than core-image.bbclass
  so that it works for images that are using the former.

Second half of the fix for [YOCTO #2578].

(From OE-Core rev: 0937054e6e3e02565f57e60a8bdc14b0ad62e249)

Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Paul Eggleton
2013-01-16 17:00:12 +00:00
committed by Richard Purdie
parent 955568ddfa
commit 411413aa28
2 changed files with 14 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files
meta/classes/core-image.bbclass
-3
View File
@@ -76,6 +76,3 @@ ROOTFS_POSTPROCESS_COMMAND += "rootfs_update_timestamp ; "
# Zap the root password if debug-tweaks feature is not enabled # Zap the root password if debug-tweaks feature is not enabled
ROOTFS_POSTPROCESS_COMMAND += '${@base_contains("IMAGE_FEATURES", "debug-tweaks", "", "zap_root_password ; ",d)}' ROOTFS_POSTPROCESS_COMMAND += '${@base_contains("IMAGE_FEATURES", "debug-tweaks", "", "zap_root_password ; ",d)}'
# Allow openssh accept empty password login if both debug-tweaks and ssh-server-openssh are enabled
ROOTFS_POSTPROCESS_COMMAND += '${@base_contains("IMAGE_FEATURES", "debug-tweaks ssh-server-openssh", "openssh_allow_empty_password; ", "",d)}'
meta/classes/image.bbclass
+14 -2
View File
@@ -167,6 +167,8 @@ inherit ${IMAGE_CLASSES}
IMAGE_POSTPROCESS_COMMAND ?= "" IMAGE_POSTPROCESS_COMMAND ?= ""
MACHINE_POSTPROCESS_COMMAND ?= "" MACHINE_POSTPROCESS_COMMAND ?= ""
ROOTFS_POSTPROCESS_COMMAND_prepend = "run_intercept_scriptlets; " ROOTFS_POSTPROCESS_COMMAND_prepend = "run_intercept_scriptlets; "
# Allow dropbear/openssh to accept logins from accounts with an empty password string if debug-tweaks is enabled
ROOTFS_POSTPROCESS_COMMAND += '${@base_contains("IMAGE_FEATURES", "debug-tweaks", "ssh_allow_empty_password; ", "",d)}'
# some default locales # some default locales
IMAGE_LINGUAS ?= "de-de fr-fr en-gb" IMAGE_LINGUAS ?= "de-de fr-fr en-gb"
@@ -396,12 +398,22 @@ zap_root_password () {
mv ${IMAGE_ROOTFS}/etc/passwd.new ${IMAGE_ROOTFS}/etc/passwd mv ${IMAGE_ROOTFS}/etc/passwd.new ${IMAGE_ROOTFS}/etc/passwd
} }
# allow openssh accept login with empty password string # allow dropbear/openssh to accept root logins and logins from accounts with an empty password string
openssh_allow_empty_password () { ssh_allow_empty_password () {
if [ -e ${IMAGE_ROOTFS}${sysconfdir}/ssh/sshd_config ]; then if [ -e ${IMAGE_ROOTFS}${sysconfdir}/ssh/sshd_config ]; then
sed -i 's#.*PermitRootLogin.*#PermitRootLogin yes#' ${IMAGE_ROOTFS}${sysconfdir}/ssh/sshd_config sed -i 's#.*PermitRootLogin.*#PermitRootLogin yes#' ${IMAGE_ROOTFS}${sysconfdir}/ssh/sshd_config
sed -i 's#.*PermitEmptyPasswords.*#PermitEmptyPasswords yes#' ${IMAGE_ROOTFS}${sysconfdir}/ssh/sshd_config sed -i 's#.*PermitEmptyPasswords.*#PermitEmptyPasswords yes#' ${IMAGE_ROOTFS}${sysconfdir}/ssh/sshd_config
fi fi
if [ -e ${IMAGE_ROOTFS}${sbindir}/dropbear ] ; then
if grep -q DROPBEAR_EXTRA_ARGS ${IMAGE_ROOTFS}${sysconfdir}/default/dropbear 2>/dev/null ; then
if ! grep -q "DROPBEAR_EXTRA_ARGS=.*-B" ${IMAGE_ROOTFS}${sysconfdir}/default/dropbear ; then
sed -i 's/^DROPBEAR_EXTRA_ARGS="*\([^"]*\)"*/DROPBEAR_EXTRA_ARGS="\1 -B"/' ${IMAGE_ROOTFS}${sysconfdir}/default/dropbear
fi
else
printf '\nDROPBEAR_EXTRA_ARGS="-B"\n' >> ${IMAGE_ROOTFS}${sysconfdir}/default/dropbear
fi
fi
} }
# Turn any symbolic /sbin/init link into a file # Turn any symbolic /sbin/init link into a file