Message ID | 1516356909-18620-3-git-send-email-romain.naour@smile.fr |
---|---|
State | Accepted |
Headers | show |
Series | Add /etc/shells handling | expand |
Romain, All, On 2018-01-19 11:15 +0100, Romain Naour spake thusly: > When ash (busybox) is selected, /bin/{a,hu}sh is not added to /etc/shells > (see man shells). So, login tools like dropbear reject the ssh > connections for users using {a,hu}sh as shell in /etc/passwd. > > buildroot authpriv.warn dropbear[853]: User 'kubu' has invalid shell, rejected > > Signed-off-by: Romain Naour <romain.naour@smile.fr> Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr> Regards, Yann E. MORIN. > --- > v3: Fix typo (Thomas) > Use TARGET_FINALIZE_HOOKS to avoid issues with the upcoming > top-level parallel build (Arnout) > v2: add double-dollar after /bin/{a,hu}sh (Yann) > add hush handling > msh has been removed from Busybox 1.28 > https://git.busybox.net/busybox/commit/?id=2e989ef232e35750df573898077dd356003705b2 > msh is unlikely used. > --- > package/busybox/busybox.mk | 14 ++++++++++++++ > 1 file changed, 14 insertions(+) > > diff --git a/package/busybox/busybox.mk b/package/busybox/busybox.mk > index d0bbd3f..145bc7c 100644 > --- a/package/busybox/busybox.mk > +++ b/package/busybox/busybox.mk > @@ -258,6 +258,20 @@ define BUSYBOX_INSTALL_TELNET_SCRIPT > fi > endef > > +# Add /bin/{a,hu}sh to /etc/shells otherwise some login tools like dropbear > +# can reject the user connection. See man shells. > +define BUSYBOX_INSTALL_ADD_TO_SHELLS > + if grep -q CONFIG_ASH=y $(@D)/.config; then \ > + grep -qsE '^/bin/ash$$' $(TARGET_DIR)/etc/shells \ > + || echo "/bin/ash" >> $(TARGET_DIR)/etc/shells; \ > + fi > + if grep -q CONFIG_HUSH=y $(@D)/.config; then \ > + grep -qsE '^/bin/hush$$' $(TARGET_DIR)/etc/shells \ > + || echo "/bin/hush" >> $(TARGET_DIR)/etc/shells; \ > + fi > +endef > +BUSYBOX_TARGET_FINALIZE_HOOKS += BUSYBOX_INSTALL_ADD_TO_SHELLS > + > # Enable "noclobber" in install.sh, to prevent BusyBox from overwriting any > # full-blown versions of apps installed by other packages with sym/hard links. > define BUSYBOX_NOCLOBBER_INSTALL > -- > 2.7.4 > > _______________________________________________ > buildroot mailing list > buildroot@busybox.net > http://lists.busybox.net/mailman/listinfo/buildroot
diff --git a/package/busybox/busybox.mk b/package/busybox/busybox.mk index d0bbd3f..145bc7c 100644 --- a/package/busybox/busybox.mk +++ b/package/busybox/busybox.mk @@ -258,6 +258,20 @@ define BUSYBOX_INSTALL_TELNET_SCRIPT fi endef +# Add /bin/{a,hu}sh to /etc/shells otherwise some login tools like dropbear +# can reject the user connection. See man shells. +define BUSYBOX_INSTALL_ADD_TO_SHELLS + if grep -q CONFIG_ASH=y $(@D)/.config; then \ + grep -qsE '^/bin/ash$$' $(TARGET_DIR)/etc/shells \ + || echo "/bin/ash" >> $(TARGET_DIR)/etc/shells; \ + fi + if grep -q CONFIG_HUSH=y $(@D)/.config; then \ + grep -qsE '^/bin/hush$$' $(TARGET_DIR)/etc/shells \ + || echo "/bin/hush" >> $(TARGET_DIR)/etc/shells; \ + fi +endef +BUSYBOX_TARGET_FINALIZE_HOOKS += BUSYBOX_INSTALL_ADD_TO_SHELLS + # Enable "noclobber" in install.sh, to prevent BusyBox from overwriting any # full-blown versions of apps installed by other packages with sym/hard links. define BUSYBOX_NOCLOBBER_INSTALL
When ash (busybox) is selected, /bin/{a,hu}sh is not added to /etc/shells (see man shells). So, login tools like dropbear reject the ssh connections for users using {a,hu}sh as shell in /etc/passwd. buildroot authpriv.warn dropbear[853]: User 'kubu' has invalid shell, rejected Signed-off-by: Romain Naour <romain.naour@smile.fr> --- v3: Fix typo (Thomas) Use TARGET_FINALIZE_HOOKS to avoid issues with the upcoming top-level parallel build (Arnout) v2: add double-dollar after /bin/{a,hu}sh (Yann) add hush handling msh has been removed from Busybox 1.28 https://git.busybox.net/busybox/commit/?id=2e989ef232e35750df573898077dd356003705b2 msh is unlikely used. --- package/busybox/busybox.mk | 14 ++++++++++++++ 1 file changed, 14 insertions(+)