On Wed, Aug 15, 2018 at 4:59 AM, Martin Hundebøll <[email protected]> wrote: > When the read-only-rootfs image feature is enabled, and openssh is > installed into an image, the ssh daemon is reconfigured to use > /var/run/ssh when generating host keys. > > Fix up the creation of the volatile dir to actually match what sshd is > configured to. > > Signed-off-by: Martin Hundebøll <[email protected]> > --- > meta/recipes-connectivity/openssh/openssh/volatiles.99_sshd | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/meta/recipes-connectivity/openssh/openssh/volatiles.99_sshd > b/meta/recipes-connectivity/openssh/openssh/volatiles.99_sshd > index a0d2af3c65..fcbc5ae9d5 100644 > --- a/meta/recipes-connectivity/openssh/openssh/volatiles.99_sshd > +++ b/meta/recipes-connectivity/openssh/openssh/volatiles.99_sshd > @@ -1,2 +1,2 @@ > -d root root 0755 /var/run/sshd none > +d root root 0755 /var/run/ssh none
This doesn't look right. /var/run/sshd is the directory used for privilege separation (grep for --with-privsep-path ), so it's not correct to remove it. Note that sshd_check_keys script runs "mkdir -p $SYSCONFDIR" (ie /var/run/ssh in the read-only rootfs case) at run time before creating any keys. What exactly was the problem that this patch tries to fix? > f root root 0644 /var/log/lastlog none > -- > 2.18.0 > > -- > _______________________________________________ > Openembedded-core mailing list > [email protected] > http://lists.openembedded.org/mailman/listinfo/openembedded-core -- _______________________________________________ Openembedded-core mailing list [email protected] http://lists.openembedded.org/mailman/listinfo/openembedded-core
