summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJackie Huang <jackie.huang@windriver.com>2017-06-29 11:31:47 +0800
committerRichard Purdie <richard.purdie@linuxfoundation.org>2018-07-07 10:59:16 +0100
commitd3e69fa2fef83015658aa5fa1442bab5a8c3edaa (patch)
tree6c32f365ce3848caee11289b92ec56df34739a98
parent1ab494f06a12548a902298afabd0a842161ef10d (diff)
downloadopenembedded-core-contrib-d3e69fa2fef83015658aa5fa1442bab5a8c3edaa.tar.gz
openembedded-core-contrib-d3e69fa2fef83015658aa5fa1442bab5a8c3edaa.tar.bz2
openembedded-core-contrib-d3e69fa2fef83015658aa5fa1442bab5a8c3edaa.zip
dropbear: add default config file to disable root login
root login is disabled by default for openssh and we can enable it through IMAGE_FEATURES 'debug-tweaks' or 'allow-empty-password', so change to the same default behavior for dropbear. Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r--meta/recipes-core/dropbear/dropbear.inc3
-rw-r--r--meta/recipes-core/dropbear/dropbear/dropbear.default2
2 files changed, 5 insertions, 0 deletions
diff --git a/meta/recipes-core/dropbear/dropbear.inc b/meta/recipes-core/dropbear/dropbear.inc
index a5dcab882b..2e2fbc15af 100644
--- a/meta/recipes-core/dropbear/dropbear.inc
+++ b/meta/recipes-core/dropbear/dropbear.inc
@@ -19,6 +19,7 @@ SRC_URI = "http://matt.ucc.asn.au/dropbear/releases/dropbear-${PV}.tar.bz2 \
file://dropbearkey.service \
file://dropbear@.service \
file://dropbear.socket \
+ file://dropbear.default \
${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)} "
PAM_SRC_URI = "file://0005-dropbear-enable-pam.patch \
@@ -62,6 +63,8 @@ do_install() {
${D}${sbindir} \
${D}${localstatedir}
+ install -m 0644 ${WORKDIR}/dropbear.default ${D}${sysconfdir}/default/dropbear
+
install -m 0755 dropbearmulti ${D}${sbindir}/
ln -s ${sbindir}/dropbearmulti ${D}${bindir}/dbclient
diff --git a/meta/recipes-core/dropbear/dropbear/dropbear.default b/meta/recipes-core/dropbear/dropbear/dropbear.default
new file mode 100644
index 0000000000..522453a86c
--- /dev/null
+++ b/meta/recipes-core/dropbear/dropbear/dropbear.default
@@ -0,0 +1,2 @@
+# Disallow root logins by default
+DROPBEAR_EXTRA_ARGS="-w"