package/openssh: Add sysusers.d snippet

Message ID	20180123232221.6106-1-chris.lesiak@licor.com
State	Superseded
Headers	show Return-Path: <buildroot-bounces@busybox.net> From: Chris Lesiak <chris.lesiak@licor.com> To: buildroot@buildroot.org Date: Tue, 23 Jan 2018 17:22:21 -0600 Message-Id: <20180123232221.6106-1-chris.lesiak@licor.com> MIME-Version: 1.0 Received-SPF: None (protection.outlook.com: licor.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; DM5PR08MB3404; 23:VyQdb3h8G4hrpWjlet3CYDM6oEAnfMJDqjog+ls7p?= feQVESDZfyhIAhVqvVeYN4rSLsOa3FI2LCgHGQ/BpC5HC0pDybQyEXxzr3uqvu/pkDw/X4EheiQG1R3CiwazFtU7P1dFo2VA+yv7cnm7u43KCuwS11Al00Wnq6R7+jqq4i1hZsYcwxNRJKV0oe7zzYa//GUN43bqdSXha4Gnx72sCBs/hEfSMKsyD9iWYB+5x7AUs7ky5NWU3JjMMw+7x7r97XSv82OFLGMCkMpYzzKcseA2l7QdJu4tJIFf3C77aOCDpbs9OLHavL/dAFKnSvrv5nLGFNxoz/kRrRthLJg1vFQSKwypIHu85wWJXRCzprpJ/8vE/pjFvUzoczCpvznOwSqg9z+LZTvPK2X7S2f6IBSpEr3EmTQkoIVKKg0eFTugS18gSnKYmtyaW47dgMSgK1sOWZkZrSmEsuUAZ5a1r6rrCM3qBMBHO3BiH82z9ez4FmdSuLJplpbjTNk4CReZzhYMJ8gqEBzjVTG3khw0QyYrqDMkqC0rCjBK425BR3ZtkkzpZyLFfq00ls+2a9BVhpzB6M71fqUz/m3lzAWhtRkxJ1Ki+1r4A/m8WsLNhYi3s+j+RLHdwCC5+5y05nyEKRTDLAKm4VlbN8i8ThNMctFdcqyJIShfka03FFkfeSh+umTjC1NoDg2HDA40Lh37xB4qwzPCuzXzqyA6cYYu4FJY645GtxQIjevY6UVm4IxjJld48ao7v42/t9Fcv45BEtBtwLUg1HnL97jU8AdU/JN/BiSi5LY4g6xDNbikw26NXSV3ziTwJye7qJsCFFmGswHwGGHHX1hSFwJ+VqTIij3w3GKqFn5v2hJbWSyQMN6ozFEluOWwuu6D0s7XZOT1b6CypMguhxXsRaxphQxrCS8hlt2do5uiSigB/hBSHG5Zpp+myexmzjcI0KPfR738Eq22a57Qm3AxYlvloabAZmWCWM0rB6TRpS9F8/OofhGnA/8q/m7V2GSXHsGxDqTAzLCFeEWJzWdtIK4dki31XIR07nC+ebQI2q7n+3TwAHXUD2zP+L/xdsyEOw7nv3TMdPOJXqiK+Dy+lLtyIZP9uJhBCmjn6JSPL/idBuzz8LHP8SPDQjVKJmB9wmyfroDUva7y/t8iJVlBQ/IEBXslu6mcYaVUSrFCd8ATA/znQs= X-Microsoft-Antispam-Message-Info: 5iuCKpBarBaOs0HBtWDG8/130GtzwHDsK4gOWkrJkF6bYIyPetUed5msaLpsCnaPoolEVTb18zH+xPf8YIRzn/KalvQfmb4hEXMS7hAw21O7FCq2IEOqbFyJjZXJXlVPLOMsPASulqnMhpy8pU+99pIjorqp6gfR6sNVX8b/rUblwAzsmQAkAPgUQnXqnyHn//OxW87JvdhwQoPVraL79w== X-Microsoft-Exchange-Diagnostics: 1; DM5PR08MB3404; 6:/RiB9OwLoOzlJnZIKMJIT2brPQwnX+fEsst1YhhLpkzb9cOAnfh+0rfuJxf6g4V3nXxsOBv3IYbypRqaUffBkgj17OkOnY/wKDAM8lf2Y/XPC7e+vzIstvBGAzrcsMVao2Pt5bvfOARmL82g+n1XaNI/LZ1cHxieV/a9xfZA2isyNfOylJ4B8H6xKASSRk5cJu8ltquTmOVvpB67D9E+/S+jM4m4UG/9c3F34X4LiOa9WKFsDM4ay2G4wEVHJvecOeeyD3tCS/+uKkghmR6OAVOP+CRFMa20jQWlVCQhqp6xuBXYgc8H0TR9UH16q+VrjfcQJIC/pIu2vYK1galAvk4i+PKouDzJldr0/+YAzkXJDZEB9UKimkAPg4aTcUfY; 5:Z8OnforIxOyMUS3SMWM9ThJqQoT7TOJJL154NuddQbPM9fnTD8DmgXVq1fIW1UWmvCUiBz+kw5sLV8vCvPu6LoNZOAm6AuUT7/OC6g/8Mmt1kd0gGHo3QFmVl7pdKDDscTCnlysVGCs8JRxk53qZnoz7pYp0gKAT3x2pQlgw8UY=; 24:OVv0PWDKmbfZlPW1B28FPtqpMsjWBeBdk9bmE7qvDdguFMxyEoUb75xJh7sUsiLCuhaTRoXoRATtMrIi5vaWvQ==; 7:oowIwjehajpdxTI0gDEUyI0nOD1bMuBNZw4XNcSlGSDda5ePq4Y4gOflXyffb7Qefx+Tj27uCPhEvpu0dIxS4sKEIlDGEVTuhggGR2KlzoXy1+a5YmyFi10wr3wYRIjeWdufatThsthmkiY3yrUjXEk+MfJ33Wj4SbL12UhgczOqDfpozws0Vfu8mAO1yoA3XK49XR+z2wEux89V+z9xAH8g2jPp2bwrV2XWptdlS8FAho+F0TqlJ8brHOxjyL8l SpamDiagnosticOutput: 1:22 Subject: [Buildroot] [PATCH] package/openssh: Add sysusers.d snippet Precedence: list Cc: Chris Lesiak <chris.lesiak@licor.com> Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: buildroot-bounces@busybox.net Sender: "buildroot" <buildroot-bounces@busybox.net>
Series	package/openssh: Add sysusers.d snippet \| expand package/openssh: Add sysusers.d snippet

Message ID

20180123232221.6106-1-chris.lesiak@licor.com

State

Superseded

Headers

From: Chris Lesiak <chris.lesiak@licor.com>
To: buildroot@buildroot.org
Date: Tue, 23 Jan 2018 17:22:21 -0600
Message-Id: <20180123232221.6106-1-chris.lesiak@licor.com>
MIME-Version: 1.0
Received-SPF: None (protection.outlook.com: licor.com does not designate
	permitted sender hosts)
SpamDiagnosticOutput: 1:22
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Jan 2018 23:23:02.8800
	(UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: ae263857-2eda-47b2-51e2-08d562b84026
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 48c70abd-da5a-4c6c-86cb-5e003ca01574
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR08MB3404
Subject: [Buildroot] [PATCH] package/openssh: Add sysusers.d snippet
X-BeenThere: buildroot@busybox.net
X-Mailman-Version: 2.1.24
Precedence: list
List-Id: Discussion and development of buildroot <buildroot.busybox.net>
List-Unsubscribe: <http://lists.busybox.net/mailman/options/buildroot>,
	<mailto:buildroot-request@busybox.net?subject=unsubscribe>
List-Archive: <http://lists.busybox.net/pipermail/buildroot/>
List-Post: <mailto:buildroot@busybox.net>
List-Help: <mailto:buildroot-request@busybox.net?subject=help>
List-Subscribe: <http://lists.busybox.net/mailman/listinfo/buildroot>,
	<mailto:buildroot-request@busybox.net?subject=subscribe>
Cc: Chris Lesiak <chris.lesiak@licor.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: buildroot-bounces@busybox.net
Sender: "buildroot" <buildroot-bounces@busybox.net>

Series

package/openssh: Add sysusers.d snippet | expand

Signed-off-by: Chris Lesiak <chris.lesiak@licor.com> --- package/openssh/openssh.mk | 8 ++++++++ package/openssh/sshd.conf | 5 +++++ 2 files changed, 13 insertions(+) create mode 100644 package/openssh/sshd.conf

Comments

Samuel Martin Feb. 6, 2018, 3:10 p.m. UTC | #1

Chris, all,

On Wed, Jan 24, 2018 at 12:22 AM, Chris Lesiak <chris.lesiak@licor.com> wrote:
> Signed-off-by: Chris Lesiak <chris.lesiak@licor.com>
> ---
>  package/openssh/openssh.mk | 8 ++++++++
>  package/openssh/sshd.conf  | 5 +++++
>  2 files changed, 13 insertions(+)
>  create mode 100644 package/openssh/sshd.conf
>
> diff --git a/package/openssh/openssh.mk b/package/openssh/openssh.mk
> index 6b7ac22c19..fc82300ab7 100644
> --- a/package/openssh/openssh.mk
> +++ b/package/openssh/openssh.mk
> @@ -60,12 +60,20 @@ else
>  OPENSSH_CONF_OPTS += --without-selinux
>  endif
>
> +ifeq ($(BR2_PACKAGE_SYSTEMD_SYSUSERS),y)
> +define OPENSSH_INSTALL_SYSTEMD_SYSUSERS
> +       $(INSTALL) -m 0644 -D package/openssh/sshd.conf \
> +               $(TARGET_DIR)/usr/lib/sysusers.d/sshd.conf
> +endef
> +endif
> +
>  define OPENSSH_INSTALL_INIT_SYSTEMD
>         $(INSTALL) -D -m 644 package/openssh/sshd.service \
>                 $(TARGET_DIR)/usr/lib/systemd/system/sshd.service
>         mkdir -p $(TARGET_DIR)/etc/systemd/system/multi-user.target.wants
>         ln -fs ../../../../usr/lib/systemd/system/sshd.service \
>                 $(TARGET_DIR)/etc/systemd/system/multi-user.target.wants/sshd.service
> +       $(OPENSSH_INSTALL_SYSTEMD_SYSUSERS)
>  endef
>
>  define OPENSSH_INSTALL_INIT_SYSV
> diff --git a/package/openssh/sshd.conf b/package/openssh/sshd.conf
> new file mode 100644
> index 0000000000..3ea46f65c6
> --- /dev/null
> +++ b/package/openssh/sshd.conf
> @@ -0,0 +1,5 @@
> +# sysusers.d snippet for creating the sshd system user automatically
> +# at boot on systemd-based systems that ship with an unpopulated
> +# /etc. See sysusers.d(5) for details.
> +
> +u sshd - "Privilege-separated SSH"

Reviewed-by: Samuel Martin <s.martin49@gmail.com>

Regards,

diff --git a/package/openssh/openssh.mk b/package/openssh/openssh.mk
index 6b7ac22c19..fc82300ab7 100644
--- a/package/openssh/openssh.mk
+++ b/package/openssh/openssh.mk
@@ -60,12 +60,20 @@  else
 OPENSSH_CONF_OPTS += --without-selinux
 endif
 
+ifeq ($(BR2_PACKAGE_SYSTEMD_SYSUSERS),y)
+define OPENSSH_INSTALL_SYSTEMD_SYSUSERS
+	$(INSTALL) -m 0644 -D package/openssh/sshd.conf \
+		$(TARGET_DIR)/usr/lib/sysusers.d/sshd.conf
+endef
+endif
+
 define OPENSSH_INSTALL_INIT_SYSTEMD
 	$(INSTALL) -D -m 644 package/openssh/sshd.service \
 		$(TARGET_DIR)/usr/lib/systemd/system/sshd.service
 	mkdir -p $(TARGET_DIR)/etc/systemd/system/multi-user.target.wants
 	ln -fs ../../../../usr/lib/systemd/system/sshd.service \
 		$(TARGET_DIR)/etc/systemd/system/multi-user.target.wants/sshd.service
+	$(OPENSSH_INSTALL_SYSTEMD_SYSUSERS)
 endef
 
 define OPENSSH_INSTALL_INIT_SYSV
diff --git a/package/openssh/sshd.conf b/package/openssh/sshd.conf
new file mode 100644
index 0000000000..3ea46f65c6
--- /dev/null
+++ b/package/openssh/sshd.conf
@@ -0,0 +1,5 @@ 
+# sysusers.d snippet for creating the sshd system user automatically
+# at boot on systemd-based systems that ship with an unpopulated
+# /etc. See sysusers.d(5) for details.
+
+u sshd - "Privilege-separated SSH"

package/openssh: Add sysusers.d snippet

Commit Message

Comments

Patch