(This is my first post to OE list, hopefully I am posting to the right mailing list.)
Background: During the process of trying to configure SSH keys for root user login via dropbear, we realized the permission for /home/root directory is set too loose for group and other members [1]. As a result, dropbears fails when we try to put the key under /home/root/.ssh --------- In the image, /home/root directory is set to 0755: $ stat /home/root File: /home/root Size: 4096 Blocks: 8 IO Block: 4096 directory Device: b302h/45826d Inode: 13268 Links: 4 Access: (0755/drwxr-xr-x) Uid: ( 0/ root) Gid: ( 0/ root) Access: 2016-04-05 22:21:13.000000000 Modify: 2016-04-05 22:08:57.000000000 Change: 2016-04-05 22:08:57.000000000 After some debugging, we believe the permission (0755) is initialized in base-files_3.0.14.bb (in line 35) [2]. A few questions: 1. I tried looking at the git log for the history, but wasn't able to find any background on why the permission was set this way. eg. on a desktop Linux (Ubuntu), /root is set to 0700: $ sudo stat /root File: `/root' Size: 4096 Blocks: 8 IO Block: 4096 directory Device: 801h/2049d Inode: 1441793 Links: 3 Access: (0700/drwx------) Uid: ( 0/ root) Gid: ( 0/ root) Access: 2016-04-05 21:29:17.389725228 -0700 Modify: 2016-03-22 17:11:54.912479000 -0700 Change: 2016-03-22 17:11:54.912479000 -0700 Birth: - 2. If we would like to override the directory permission for /home/root in our image, what is the best way to do it? I am not an expert with bitbake, should I be patching the base-files_3.0.14.bb? using *_append? or I should be looking at some other recipe altogether? Sorry for the long email. Thanks in advance. Charles [1] https://wiki.openwrt.org/doc/howto/dropbear.public-key.auth#troubleshooting [2] http://cgit.openembedded.org/cgit.cgi/openembedded-core/tree/meta/recipes-core/base-files/base-files_3.0.14.bb?h=master#n35
-- _______________________________________________ Openembedded-core mailing list [email protected] http://lists.openembedded.org/mailman/listinfo/openembedded-core
