| Submitter | Lianhao Lu |
|---|---|
| Date | June 12, 2012, 10:10 a.m. |
| Message ID | <de650fb4dbcc6e2539f9325c58dbe5dd1e94f137.1339495723.git.lianhao.lu@intel.com> |
| Download | mbox | patch |
| Permalink | /patch/29693/ |
| State | New |
| Headers | show |
Comments
On Tue, 2012-06-12 at 18:10 +0800, Lianhao Lu wrote: > Allow empty passwords login so that the default root user can login in > through openssh. > > Signed-off-by: Lianhao Lu <lianhao.lu@intel.com> > --- > meta/classes/core-image.bbclass | 2 ++ > meta/classes/image.bbclass | 10 +++++++++- > 2 files changed, 11 insertions(+), 1 deletions(-) > > diff --git a/meta/classes/core-image.bbclass b/meta/classes/core-image.bbclass > index e2ad0fc..25f5c5a 100644 > --- a/meta/classes/core-image.bbclass > +++ b/meta/classes/core-image.bbclass > @@ -69,4 +69,6 @@ ROOTFS_POSTPROCESS_COMMAND += "rootfs_update_timestamp ; " > > # Zap the root password if debug-tweaks feature is not enabled > ROOTFS_POSTPROCESS_COMMAND += '${@base_contains("IMAGE_FEATURES", "debug-tweaks", "", "zap_root_password ; ",d)}' > +# Allow openssh accept empty password login if both debug-tweaks and ssh-server-openssh are enabled > +ROOTFS_POSTPROCESS_COMMAND += '${@base_contains("IMAGE_FEATURES", "debug-tweaks ssh-server-openssh", "openssh_allow_empty_password; ", "",d)}' > > diff --git a/meta/classes/image.bbclass b/meta/classes/image.bbclass > index fb932b9..3f53271 100644 > --- a/meta/classes/image.bbclass > +++ b/meta/classes/image.bbclass > @@ -318,6 +318,14 @@ zap_root_password () { > mv ${IMAGE_ROOTFS}/etc/passwd.new ${IMAGE_ROOTFS}/etc/passwd > } > > +# allow openssh accept login with empty password string > +openssh_allow_empty_password () { > + if [ -e ${IMAGE_ROOTFS}${sysconfdir}/ssh/sshd_config ]; then > + sed 's#.*PermitEmptyPasswords.*#PermitEmptyPasswords yes#' ${IMAGE_ROOTFS}${sysconfdir}/ssh/sshd_config >${IMAGE_ROOTFS}${sysconfdir}/ssh/sshd_config.new > + mv -f ${IMAGE_ROOTFS}${sysconfdir}/ssh/sshd_config.new ${IMAGE_ROOTFS}${sysconfdir}/ssh/sshd_config > + fi > +} Can't we just use the -i option here? > # Turn any symbolic /sbin/init link into a file > remove_init_link () { > if [ -h ${IMAGE_ROOTFS}/sbin/init ]; then > @@ -372,7 +380,7 @@ rootfs_trim_schemas () { > done > } > > -EXPORT_FUNCTIONS zap_root_password remove_init_link do_rootfs make_zimage_symlink_relative set_image_autologin rootfs_update_timestamp rootfs_no_x_startup > +EXPORT_FUNCTIONS zap_root_password remove_init_link do_rootfs make_zimage_symlink_relative set_image_autologin rootfs_update_timestamp rootfs_no_x_startup openssh_allow_empty_password This use of EXPORT_FUNCTIONS looks wrong, you don't need to add this here and in fact that whole line can probably be removed... Cheers, Richard
Patch
diff --git a/meta/classes/core-image.bbclass b/meta/classes/core-image.bbclass index e2ad0fc..25f5c5a 100644 --- a/meta/classes/core-image.bbclass +++ b/meta/classes/core-image.bbclass @@ -69,4 +69,6 @@ ROOTFS_POSTPROCESS_COMMAND += "rootfs_update_timestamp ; " # Zap the root password if debug-tweaks feature is not enabled ROOTFS_POSTPROCESS_COMMAND += '${@base_contains("IMAGE_FEATURES", "debug-tweaks", "", "zap_root_password ; ",d)}' +# Allow openssh accept empty password login if both debug-tweaks and ssh-server-openssh are enabled +ROOTFS_POSTPROCESS_COMMAND += '${@base_contains("IMAGE_FEATURES", "debug-tweaks ssh-server-openssh", "openssh_allow_empty_password; ", "",d)}' diff --git a/meta/classes/image.bbclass b/meta/classes/image.bbclass index fb932b9..3f53271 100644 --- a/meta/classes/image.bbclass +++ b/meta/classes/image.bbclass @@ -318,6 +318,14 @@ zap_root_password () { mv ${IMAGE_ROOTFS}/etc/passwd.new ${IMAGE_ROOTFS}/etc/passwd } +# allow openssh accept login with empty password string +openssh_allow_empty_password () { + if [ -e ${IMAGE_ROOTFS}${sysconfdir}/ssh/sshd_config ]; then + sed 's#.*PermitEmptyPasswords.*#PermitEmptyPasswords yes#' ${IMAGE_ROOTFS}${sysconfdir}/ssh/sshd_config >${IMAGE_ROOTFS}${sysconfdir}/ssh/sshd_config.new + mv -f ${IMAGE_ROOTFS}${sysconfdir}/ssh/sshd_config.new ${IMAGE_ROOTFS}${sysconfdir}/ssh/sshd_config + fi +} + # Turn any symbolic /sbin/init link into a file remove_init_link () { if [ -h ${IMAGE_ROOTFS}/sbin/init ]; then @@ -372,7 +380,7 @@ rootfs_trim_schemas () { done } -EXPORT_FUNCTIONS zap_root_password remove_init_link do_rootfs make_zimage_symlink_relative set_image_autologin rootfs_update_timestamp rootfs_no_x_startup +EXPORT_FUNCTIONS zap_root_password remove_init_link do_rootfs make_zimage_symlink_relative set_image_autologin rootfs_update_timestamp rootfs_no_x_startup openssh_allow_empty_password do_fetch[noexec] = "1" do_unpack[noexec] = "1"
Allow empty passwords login so that the default root user can login in through openssh. Signed-off-by: Lianhao Lu <lianhao.lu@intel.com> --- meta/classes/core-image.bbclass | 2 ++ meta/classes/image.bbclass | 10 +++++++++- 2 files changed, 11 insertions(+), 1 deletions(-)