On Wednesday 16 January 2013 17:40:38 Martin Jansa wrote: > On Wed, Jan 16, 2013 at 03:38:13PM +0000, Paul Eggleton wrote: > > Create a single postprocessing function that enables no-password logins > > for both openssh and dropbear when debug-tweaks is in IMAGE_FEATURES, > > changing its behaviour slightly: > > * Run it regardless of whether ssh-server-* are in IMAGE_FEATURES so > > > > that it still takes effect if these are installed by adding > > dropbear/openssh to IMAGE_INSTALL. > > > > * Enable it to be run from image.bbclass rather than core-image.bbclass > > > > so that it works for images that are using the former. > > > > Second half of the fix for [YOCTO #2578]. > > > > Signed-off-by: Paul Eggleton <paul.eggle...@linux.intel.com> > > --- > > > > meta/classes/core-image.bbclass | 3 --- > > meta/classes/image.bbclass | 10 ++++++++-- > > 2 files changed, 8 insertions(+), 5 deletions(-) > > > > diff --git a/meta/classes/core-image.bbclass > > b/meta/classes/core-image.bbclass index 2e67018..e0f6dbb 100644 > > --- a/meta/classes/core-image.bbclass > > +++ b/meta/classes/core-image.bbclass > > @@ -76,6 +76,3 @@ ROOTFS_POSTPROCESS_COMMAND += "rootfs_update_timestamp ; > > "> > > # Zap the root password if debug-tweaks feature is not enabled > > ROOTFS_POSTPROCESS_COMMAND += '${@base_contains("IMAGE_FEATURES", > > "debug-tweaks", "", "zap_root_password ; ",d)}'> > > -# Allow openssh accept empty password login if both debug-tweaks and > > ssh-server-openssh are enabled -ROOTFS_POSTPROCESS_COMMAND += > > '${@base_contains("IMAGE_FEATURES", "debug-tweaks ssh-server-openssh", > > "openssh_allow_empty_password; ", "",d)}' - > > diff --git a/meta/classes/image.bbclass b/meta/classes/image.bbclass > > index e494689..131958d 100644 > > --- a/meta/classes/image.bbclass > > +++ b/meta/classes/image.bbclass > > @@ -167,6 +167,8 @@ inherit ${IMAGE_CLASSES} > > > > IMAGE_POSTPROCESS_COMMAND ?= "" > > MACHINE_POSTPROCESS_COMMAND ?= "" > > ROOTFS_POSTPROCESS_COMMAND_prepend = "run_intercept_scriptlets; " > > > > +# Allow dropbear/openssh to accept logins from accounts with an empty > > password string if debug-tweaks is enabled +ROOTFS_POSTPROCESS_COMMAND += > > '${@base_contains("IMAGE_FEATURES", "debug-tweaks", > > "ssh_allow_empty_password; ", "",d)}'> > > # some default locales > > IMAGE_LINGUAS ?= "de-de fr-fr en-gb" > > > > @@ -396,12 +398,16 @@ zap_root_password () { > > > > mv ${IMAGE_ROOTFS}/etc/passwd.new ${IMAGE_ROOTFS}/etc/passwd > > > > } > > > > -# allow openssh accept login with empty password string > > -openssh_allow_empty_password () { > > +# allow dropbear/openssh to accept root logins and logins from accounts > > with an empty password string +ssh_allow_empty_password () { > > > > if [ -e ${IMAGE_ROOTFS}${sysconfdir}/ssh/sshd_config ]; then > > > > sed -i 's#.*PermitRootLogin.*#PermitRootLogin yes#' > > ${IMAGE_ROOTFS}${sysconfdir}/ssh/sshd_config sed -i > > 's#.*PermitEmptyPasswords.*#PermitEmptyPasswords yes#' > > ${IMAGE_ROOTFS}${sysconfdir}/ssh/sshd_config> > > fi > > > > + > > + if [ -e ${IMAGE_ROOTFS}${sbindir}/dropbear ] ; then > > + echo 'DROPBEAR_EXTRA_ARGS="-B"' > > > ${IMAGE_ROOTFS}${sysconfdir}/default/dropbear + fi > > Can we use >> here? In case some distro layer provides own > default/dropbear already? > > Or grep + >> if you fear of duplication of that line, probably > should be using sed to add -B if DROPBEAR_EXTRA_ARGS line is already > there without -B.
Slightly ahead of you :) see discussion with Chris. Cheers, Paul -- Paul Eggleton Intel Open Source Technology Centre _______________________________________________ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core