From: Xiaofeng Yan <[email protected]> I make a patch and some changes in dropbear.inc for supporting pam. - Enable pam in configure - Modify file option.h to open pam supporting
Signed-off-by: Xiaofeng Yan <[email protected]> --- meta/recipes-core/dropbear/dropbear.inc | 78 +++++++++++--------- .../dropbear/dropbear/dropbear-enable-pam.patch | 22 ++++++ meta/recipes-core/dropbear/dropbear_0.52.bb | 2 +- 3 files changed, 65 insertions(+), 37 deletions(-) create mode 100644 meta/recipes-core/dropbear/dropbear/dropbear-enable-pam.patch diff --git a/meta/recipes-core/dropbear/dropbear.inc b/meta/recipes-core/dropbear/dropbear.inc index 1b51e1a..df1c2a0 100644 --- a/meta/recipes-core/dropbear/dropbear.inc +++ b/meta/recipes-core/dropbear/dropbear.inc @@ -9,13 +9,17 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=3a5b0c2f0d0c49dfde9558ae2036683c" DEPENDS = "zlib" RPROVIDES = "ssh sshd" +DEPENDS += "${@base_contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}" SRC_URI = "http://matt.ucc.asn.au/dropbear/releases/dropbear-${PV}.tar.gz \ - file://urandom-xauth-changes-to-options.h.patch \ - file://configure.patch \ - file://fix-2kb-keys.patch \ - file://allow-nopw.patch;apply=no \ - file://init" + file://urandom-xauth-changes-to-options.h.patch \ + file://configure.patch \ + file://fix-2kb-keys.patch \ + file://allow-nopw.patch;apply=no \ + file://init \ + ${@base_contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)} " + +PAM_SRC_URI = "file://dropbear-enable-pam.patch" inherit autotools update-rc.d @@ -28,54 +32,56 @@ LD = "${CC}" SBINCOMMANDS = "dropbear dropbearkey dropbearconvert" BINCOMMANDS = "dbclient ssh scp" EXTRA_OEMAKE = 'MULTI=1 SCPPROGRESS=1 PROGRAMS="${SBINCOMMANDS} ${BINCOMMANDS}"' +EXTRA_OECONF += "\ + ${@base_contains('DISTRO_FEATURES', 'pam', '--enable-pam', '--disable-pam', d)}" DISTRO_TYPE = "${@base_contains("IMAGE_FEATURES", "debug-tweaks", "debug", "",d)}" do_debug_patch() { - if [ "${DISTRO_TYPE}" = "debug" ]; then - bbnote "WARNING: applying allow-nopw.patch which allows password-less logins!" - patch -p1 < ${WORKDIR}/allow-nopw.patch - fi + if [ "${DISTRO_TYPE}" = "debug" ]; then + bbnote "WARNING: applying allow-nopw.patch which allows password-less logins!" + patch -p1 < ${WORKDIR}/allow-nopw.patch + fi } addtask do_debug_patch after do_patch before do_configure do_install() { - install -d ${D}${sysconfdir} \ - ${D}${sysconfdir}/init.d \ - ${D}${sysconfdir}/default \ - ${D}${sysconfdir}/dropbear \ + install -d ${D}${sysconfdir} \ + ${D}${sysconfdir}/init.d \ + ${D}${sysconfdir}/default \ + ${D}${sysconfdir}/dropbear \ ${D}${bindir} \ - ${D}${sbindir} \ - ${D}${localstatedir} + ${D}${sbindir} \ + ${D}${localstatedir} - install -m 0755 dropbearmulti ${D}${sbindir}/ - ln -s ${sbindir}/dropbearmulti ${D}${bindir}/dbclient - - for i in ${SBINCOMMANDS} - do - ln -s ./dropbearmulti ${D}${sbindir}/$i - done - cat ${WORKDIR}/init | sed -e 's,/etc,${sysconfdir},g' \ - -e 's,/usr/sbin,${sbindir},g' \ - -e 's,/var,${localstatedir},g' \ - -e 's,/usr/bin,${bindir},g' \ - -e 's,/usr,${prefix},g' > ${D}${sysconfdir}/init.d/dropbear - chmod 755 ${D}${sysconfdir}/init.d/dropbear + install -m 0755 dropbearmulti ${D}${sbindir}/ + ln -s ${sbindir}/dropbearmulti ${D}${bindir}/dbclient + + for i in ${SBINCOMMANDS} + do + ln -s ./dropbearmulti ${D}${sbindir}/$i + done + cat ${WORKDIR}/init | sed -e 's,/etc,${sysconfdir},g' \ + -e 's,/usr/sbin,${sbindir},g' \ + -e 's,/var,${localstatedir},g' \ + -e 's,/usr/bin,${bindir},g' \ + -e 's,/usr,${prefix},g' > ${D}${sysconfdir}/init.d/dropbear + chmod 755 ${D}${sysconfdir}/init.d/dropbear } pkg_postinst_${PN} () { - update-alternatives --install ${bindir}/scp scp ${sbindir}/dropbearmulti 20 - update-alternatives --install ${bindir}/ssh ssh ${sbindir}/dropbearmulti 20 + update-alternatives --install ${bindir}/scp scp ${sbindir}/dropbearmulti 20 + update-alternatives --install ${bindir}/ssh ssh ${sbindir}/dropbearmulti 20 } pkg_postrm_append_${PN} () { - if [ -f "${sysconfdir}/dropbear/dropbear_rsa_host_key" ]; then + if [ -f "${sysconfdir}/dropbear/dropbear_rsa_host_key" ]; then rm ${sysconfdir}/dropbear/dropbear_rsa_host_key - fi - if [ -f "${sysconfdir}/dropbear/dropbear_dss_host_key" ]; then + fi + if [ -f "${sysconfdir}/dropbear/dropbear_dss_host_key" ]; then rm ${sysconfdir}/dropbear/dropbear_dss_host_key - fi - update-alternatives --remove ssh ${bindir}/dropbearmulti - update-alternatives --remove scp ${bindir}/dropbearmulti + fi + update-alternatives --remove ssh ${bindir}/dropbearmulti + update-alternatives --remove scp ${bindir}/dropbearmulti } diff --git a/meta/recipes-core/dropbear/dropbear/dropbear-enable-pam.patch b/meta/recipes-core/dropbear/dropbear/dropbear-enable-pam.patch new file mode 100644 index 0000000..004d773 --- /dev/null +++ b/meta/recipes-core/dropbear/dropbear/dropbear-enable-pam.patch @@ -0,0 +1,22 @@ +dropbear: We need modify file option.h besides enabling pam in \ +configure if we want dropbear to support pam. + +Upstream-Status: Pending + +Signed-off-by: Xiaofeng Yan <[email protected]> + +--- a/options.h 2011-07-12 13:27:39.008819183 +0800 ++++ b/options.h.new 2011-07-12 13:37:37.780819308 +0800 +@@ -149,9 +149,9 @@ + * but there's an interface via a PAM module - don't bother using it otherwise. + * You can't enable both PASSWORD and PAM. */ + +-#define ENABLE_SVR_PASSWORD_AUTH ++//#define ENABLE_SVR_PASSWORD_AUTH + /* PAM requires ./configure --enable-pam */ +-/*#define ENABLE_SVR_PAM_AUTH*/ ++#define ENABLE_SVR_PAM_AUTH + #define ENABLE_SVR_PUBKEY_AUTH + + /* Wether to ake public key options in authorized_keys file into account */ + diff --git a/meta/recipes-core/dropbear/dropbear_0.52.bb b/meta/recipes-core/dropbear/dropbear_0.52.bb index 78d6cf1..4013c65 100644 --- a/meta/recipes-core/dropbear/dropbear_0.52.bb +++ b/meta/recipes-core/dropbear/dropbear_0.52.bb @@ -3,4 +3,4 @@ require dropbear.inc SRC_URI[md5sum] = "1c69ec674481d7745452f68f2ea5597e" SRC_URI[sha256sum] = "e3a2ca49ed85ce562240c0ac06e2f72826d7e52a83e80d91c067c8b97bf5c108" -PR = "r2" +PR = "r3" -- 1.7.0.4 _______________________________________________ Openembedded-core mailing list [email protected] http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core
