| Submitter | Yann E. MORIN |
|---|---|
| Date | Jan. 1, 2013, 8:10 p.m. |
| Message ID | <cover.1357070939.git.yann.morin.1998@free.fr> |
| Download | mbox |
| Permalink | /patch/208958/ |
| State | Not Applicable |
| Headers | show
Return-Path: <buildroot-bounces@busybox.net> X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from whitealder.osuosl.org (whitealder.osuosl.org [140.211.166.138]) by ozlabs.org (Postfix) with ESMTP id 585EA2C0094 for <incoming@patchwork.ozlabs.org>; Wed, 2 Jan 2013 07:10:30 +1100 (EST) Received: from localhost (localhost [127.0.0.1]) by whitealder.osuosl.org (Postfix) with ESMTP id D647884598; Tue, 1 Jan 2013 20:10:27 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from whitealder.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AAqyVAYnws2S; Tue, 1 Jan 2013 20:10:24 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by whitealder.osuosl.org (Postfix) with ESMTP id B31AD8459C; Tue, 1 Jan 2013 20:10:23 +0000 (UTC) X-Original-To: buildroot@lists.busybox.net Delivered-To: buildroot@osuosl.org Received: from whitealder.osuosl.org (whitealder.osuosl.org [140.211.166.138]) by ash.osuosl.org (Postfix) with ESMTP id 971C08F74B for <buildroot@lists.busybox.net>; Tue, 1 Jan 2013 20:10:28 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by whitealder.osuosl.org (Postfix) with ESMTP id 9752A8459E for <buildroot@lists.busybox.net>; Tue, 1 Jan 2013 20:10:22 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from whitealder.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WtGOR1dqjanQ for <buildroot@lists.busybox.net>; Tue, 1 Jan 2013 20:10:21 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6 Received: from mail-wg0-f67.google.com (mail-wg0-f67.google.com [74.125.82.67]) by whitealder.osuosl.org (Postfix) with ESMTPS id E94C884599 for <buildroot@busybox.net>; Tue, 1 Jan 2013 20:10:20 +0000 (UTC) Received: by mail-wg0-f67.google.com with SMTP id dq11so3286745wgb.2 for <buildroot@busybox.net>; Tue, 01 Jan 2013 12:10:19 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=x-received:sender:from:to:cc:subject:date:message-id:x-mailer; bh=OEuZEiYkXisTJrakcIXOkiXa+I5RgP4dqZOPHd/AVv8=; b=rL9g0xbXtrtkECkbf/1j5SFuJGAXfvraGsRPgLbT85mx4UIGkYReVNctq0CMrwE0Jf Bzyd5fZsoMrhULBiXYzrDcGqZz6EnCR2uGj7OlrYgYMNG6nzVu6Rb5vGLSdTrd/r8YaI D+BDcKo5iztoDqmHWDWI67hkl1aCYvyYbOhOXBpSQtVUxXLIzIauICGWQi8fyKKf4/Yb E7Rg09AmjyQ4gmoosEFAFQTPS3K2FFCsSrI3IuO/xmZ58oiB3AJ1/zHtJlalSzB5mPWL ONBmiDGO0bUPTm5fWpkjddMVqHjc7NwhNNbNrKxpyS11GX32y5Nc6UZprT/Tn6+56GZV 4Paw== X-Received: by 10.180.84.131 with SMTP id z3mr59739115wiy.25.1357071019126; Tue, 01 Jan 2013 12:10:19 -0800 (PST) Received: from localhost.localdomain (ARennes-256-1-70-176.w90-32.abo.wanadoo.fr. [90.32.149.176]) by mx.google.com with ESMTPS id s10sm76782874wiw.4.2013.01.01.12.10.17 (version=TLSv1/SSLv3 cipher=OTHER); Tue, 01 Jan 2013 12:10:18 -0800 (PST) From: "Yann E. MORIN" <yann.morin.1998@free.fr> To: buildroot@busybox.net Date: Tue, 1 Jan 2013 21:10:10 +0100 Message-Id: <cover.1357070939.git.yann.morin.1998@free.fr> X-Mailer: git-send-email 1.7.2.5 Cc: "Yann E. MORIN" <yann.morin.1998@free.fr> Subject: [Buildroot] [pull request] Pull request for branch yem-package-create-user X-BeenThere: buildroot@busybox.net X-Mailman-Version: 2.1.14 Precedence: list List-Id: Discussion and development of buildroot <buildroot.busybox.net> List-Unsubscribe: <http://lists.busybox.net/mailman/options/buildroot>, <mailto:buildroot-request@busybox.net?subject=unsubscribe> List-Archive: <http://lists.busybox.net/pipermail/buildroot> List-Post: <mailto:buildroot@busybox.net> List-Help: <mailto:buildroot-request@busybox.net?subject=help> List-Subscribe: <http://lists.busybox.net/mailman/listinfo/buildroot>, <mailto:buildroot-request@busybox.net?subject=subscribe> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: buildroot-bounces@busybox.net Sender: buildroot-bounces@busybox.net |
Hello All! Here is a series that allows packages to create users. Packages that install daemons may well want to run those daemons as non-root users to avoid security issues. Currently, there are two users of choice to run 'generic' daemons: root or daemon (although there are a few dedicated users to run a few services: mail, sshd, ftp...). This series builds upon both the package infrastrucutre to define the user(s) a package may want to create, and the filesystem infrastructure to actually generate these users, and chown their ${HOME}s. Documentation is updated accordingly. Note: for now, users' passwords are md5-encrypted. Once the pending change to introduce alternative password-encryption schemes is applied, we can use that to encode users' passwords, too. As a proof of concept, the package tvheadend has been updated to use a dedicated user to run its daemon as (call me stubborn! ;-] ). Changes v1 -. v2: - drop the gshadow patch (Thomas) - tvheadend user is now part of the video secondary group The following changes since commit 560e7db37433fc82760f71557dbc3e495f05f909: efl/libecore: fix build with gcrypt (2013-01-01 15:34:40 +0100) are available in the git repository at: git://gitorious.org/buildroot/buildroot.git yem-package-create-user Yann E. MORIN (2): packages: add ability for packages to create users package/tvheadend: use a non-root user to run the daemon docs/manual/adding-packages-generic.txt | 16 ++- docs/manual/makedev-syntax.txt | 65 ++++++ fs/common.mk | 5 +- package/pkg-generic.mk | 1 + package/tvheadend/etc.default.tvheadend | 5 +- package/tvheadend/tvheadend.mk | 10 +- support/scripts/mkusers | 348 +++++++++++++++++++++++++++++++ 7 files changed, 442 insertions(+), 8 deletions(-) create mode 100755 support/scripts/mkusers Regards, Yann E. MORIN