From patchwork Mon Jul 13 14:49:05 2015 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Yann E. MORIN" X-Patchwork-Id: 494604 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from hemlock.osuosl.org (smtp2.osuosl.org [140.211.166.133]) by ozlabs.org (Postfix) with ESMTP id 7F1831402CC for ; Tue, 14 Jul 2015 00:49:18 +1000 (AEST) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b=rd3qf83h; dkim-atps=neutral Received: from localhost (localhost [127.0.0.1]) by hemlock.osuosl.org (Postfix) with ESMTP id A5E24953FC; Mon, 13 Jul 2015 14:49:17 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from hemlock.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TJBeqIbEdMX2; Mon, 13 Jul 2015 14:49:16 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by hemlock.osuosl.org (Postfix) with ESMTP id 227199534E; Mon, 13 Jul 2015 14:49:16 +0000 (UTC) X-Original-To: buildroot@lists.busybox.net Delivered-To: buildroot@osuosl.org Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138]) by ash.osuosl.org (Postfix) with ESMTP id C988D1C264B for ; Mon, 13 Jul 2015 14:49:14 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by whitealder.osuosl.org (Postfix) with ESMTP id C5D90917F3 for ; Mon, 13 Jul 2015 14:49:14 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from whitealder.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fM1qMHfhy00n for ; Mon, 13 Jul 2015 14:49:13 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6 Received: from mail-wg0-f41.google.com (mail-wg0-f41.google.com [74.125.82.41]) by whitealder.osuosl.org (Postfix) with ESMTPS id DA0D58A370 for ; Mon, 13 Jul 2015 14:49:12 +0000 (UTC) Received: by wgxm20 with SMTP id m20so114923894wgx.3 for ; Mon, 13 Jul 2015 07:49:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=sender:from:to:cc:subject:date:message-id; bh=uaTbVZ2CL6KK02v4Ww33Stc0nNXG97HS3jMnKjU6aOE=; b=rd3qf83hNynKyGdUFw6BQ9aeI5k/P0YtZ26Zmw/gp16OrfmeuCqfFtw5cTo55vgQ/6 4d4B3ZWUkHo71JkprPuOPt1/icTJQOja56dWT+61mHhA/hwvlwdyDqb1DKPi3UbPP0vv 8T4FfW6qmG8iiE/b0oAChIPPxRNxD7vMtBq8yk+66i8J/aKAtw4xlHFBXzVBmcSLUznb tfJx4yCeHhGPWxbiq8BZhuGu6hugKvusIk5pxF63F2JemIPu1e9khWKwrQYvudlhOLWv UEf7DPdHFUam5tbfzT5foX8bWU7e9vMfuxksLojMQAsZjx2kEqpu7OAf18hoyPN8viHR odIw== X-Received: by 10.194.23.36 with SMTP id j4mr68202603wjf.105.1436798951500; Mon, 13 Jul 2015 07:49:11 -0700 (PDT) Received: from gourin.home (ns304657.ip-46-105-103.eu. [46.105.103.66]) by smtp.gmail.com with ESMTPSA id u7sm15057362wif.3.2015.07.13.07.49.08 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 13 Jul 2015 07:49:10 -0700 (PDT) From: "Yann E. MORIN" To: buildroot@buildroot.org Date: Mon, 13 Jul 2015 16:49:05 +0200 Message-Id: <1436798945-6869-1-git-send-email-yann.morin.1998@free.fr> X-Mailer: git-send-email 1.9.1 Cc: Thomas Petazzoni , "Yann E. MORIN" Subject: [Buildroot] [PATCH] package/dropbear: fix generatign keys on RO file systems X-BeenThere: buildroot@busybox.net X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Discussion and development of buildroot List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: buildroot-bounces@busybox.net Sender: "buildroot" dropbear generates its keys at the first connection, and wants to save them in /etc/dropbear (not configurable). Currently, our /etc/dropbear is a directory. When the filesystem is read-only, dropbear can't save its keys, so refuses all connections. Fix that with: - at build time, create /etc/dropbear as a symlink to /var/run/dropbear - at runtime, if the filesystem is RW (we can rm /etc/dropbear), we replace the symlink with an actual directory; otherwise, when the filesystem is RO (we can't rm /etc/dropbear), we create /var/run/dropbear so the symlink points to an existing directory Signed-off-by: "Yann E. MORIN" Cc: Thomas Petazzoni Cc: Arnout Vandecappelle Cc: Maxime Hadjinlian --- package/dropbear/S50dropbear | 14 ++++++++++++++ package/dropbear/dropbear.mk | 2 +- 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/package/dropbear/S50dropbear b/package/dropbear/S50dropbear index 2694931..790d95a 100644 --- a/package/dropbear/S50dropbear +++ b/package/dropbear/S50dropbear @@ -11,6 +11,20 @@ start() { echo -n "Starting dropbear sshd: " umask 077 + + # If /etc/dropbear is not a directory, and + # - the filesystem is RO (i.e. we can not rm the symlink), + # create the directory pointed to by the symlink. + # - the filesystem is RW (i.e. we can rm the symlink), + # replace the symlink with an actual directory + if ! [ -d /etc/dropbear ]; then + if ! rm -f /etc/dropbear; then + mkdir -p /etc/dropbear + else + mkdir -p $(readlink -f /etc/dropbear) + fi + fi + start-stop-daemon -S -q -p /var/run/dropbear.pid \ --exec /usr/sbin/dropbear -- $DROPBEAR_ARGS [ $? = 0 ] && echo "OK" || echo "FAIL" diff --git a/package/dropbear/dropbear.mk b/package/dropbear/dropbear.mk index bc65d69..5bbe864 100644 --- a/package/dropbear/dropbear.mk +++ b/package/dropbear/dropbear.mk @@ -93,7 +93,7 @@ define DROPBEAR_INSTALL_TARGET_CMDS for f in $(DROPBEAR_TARGET_BINS); do \ ln -snf ../sbin/dropbear $(TARGET_DIR)/usr/bin/$$f ; \ done - mkdir -p $(TARGET_DIR)/etc/dropbear + ln -snf ../var/run/dropbear $(TARGET_DIR)/etc/dropbear endef $(eval $(autotools-package))