mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-06-02 13:29:49 +00:00
Code Issues Projects Releases Wiki Activity

ref-manual: Edits to the "Making Images More Secure" section.

Browse Source 
Fixes [YOCTO #5482]

I added some key references to the section on considerations
specific to the OpenEmbedded build system.  In particular, I
provided some cross-linking back to the extrausers.bbclass
section to reference an example of adding a user account.  I
also split out the topics of adding an extra user and setting
a password on the image in the bulleted list.

(From yocto-docs rev: 19dcd70b9b5aba1bd5e7ce090d5449afcef726bf)

Signed-off-by: Scott Rifenbark <scott.m.rifenbark@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Scott Rifenbark
2014-05-29 10:36:42 +03:00
committed by Richard Purdie
parent bd5973e787
commit 57bd61eabb
1 changed files with 16 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files
documentation/dev-manual/dev-manual-common-tasks.xml
+16 -6
View File
@@ -3967,16 +3967,26 @@
producing your final image. producing your final image.
Among other things, leaving this in place sets the Among other things, leaving this in place sets the
root password as blank. root password as blank.
</para></listitem> </para></listitem>
<listitem><para> <listitem><para>
It is possible to set a root password or to add It is possible to set a root password for the image.
some additional user account for later administrative For information on how to do that, see the
or service access using the <ulink url='https://wiki.yoctoproject.org/wiki/FAQ:How_do_I_set_or_change_the_root_password'>How do I set or change the root password</ulink>
Wiki page.
</para></listitem>
<listitem><para>
It is possible to add an additional user account
for later administrative or service access using the
<ulink url='&YOCTO_DOCS_REF_URL;#ref-classes-extrausers'><filename>extrausers</filename></ulink> <ulink url='&YOCTO_DOCS_REF_URL;#ref-classes-extrausers'><filename>extrausers</filename></ulink>
class or the class or the
<ulink url='&YOCTO_DOCS_REF_URL;#var-ROOTFS_POSTPROCESS_COMMAND'><filename>ROOTFS_POSTPROCESS_COMMAND</filename></ulink> <ulink url='&YOCTO_DOCS_REF_URL;#var-ROOTFS_POSTPROCESS_COMMAND'><filename>ROOTFS_POSTPROCESS_COMMAND</filename></ulink>
variable. variable.
If you do this, be cautious about setting For an example on how to add users, see the
"<ulink url='&YOCTO_DOCS_REF_URL;#ref-classes-extrausers'><filename>extrausers.bbclass</filename></ulink>"
section.
</para>
<para>If you do add extra user accounts,
be cautious about setting
the same password for every device. the same password for every device.
If you want the device to remain secure If you want the device to remain secure
from unauthorized access, and the password set on from unauthorized access, and the password set on
@@ -3985,7 +3995,7 @@
If you need this access but want to ensure security, If you need this access but want to ensure security,
consider setting a different, random password for each consider setting a different, random password for each
device. device.
</para></listitem> </para></listitem>
</itemizedlist> </itemizedlist>
</para> </para>
</section> </section>