From patchwork Fri Feb 16 18:10:16 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Chris Lesiak X-Patchwork-Id: 874601 Return-Path: X-Original-To: incoming-buildroot@patchwork.ozlabs.org Delivered-To: patchwork-incoming-buildroot@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=busybox.net (client-ip=140.211.166.133; helo=hemlock.osuosl.org; envelope-from=buildroot-bounces@busybox.net; receiver=) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=licor.onmicrosoft.com header.i=@licor.onmicrosoft.com header.b="0YFQWR5h"; dkim-atps=neutral Received: from hemlock.osuosl.org (smtp2.osuosl.org [140.211.166.133]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3zjh5x09sJz9t1t for ; Sat, 17 Feb 2018 05:11:00 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by hemlock.osuosl.org (Postfix) with ESMTP id DC0968A4F8; Fri, 16 Feb 2018 18:10:56 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from hemlock.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1FvPiKJVokhi; Fri, 16 Feb 2018 18:10:56 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by hemlock.osuosl.org (Postfix) with ESMTP id ED20C8A439; Fri, 16 Feb 2018 18:10:55 +0000 (UTC) X-Original-To: buildroot@lists.busybox.net Delivered-To: buildroot@osuosl.org Received: from hemlock.osuosl.org (smtp2.osuosl.org [140.211.166.133]) by ash.osuosl.org (Postfix) with ESMTP id 6D92D1CEBE9 for ; Fri, 16 Feb 2018 18:10:54 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by hemlock.osuosl.org (Postfix) with ESMTP id 68A9D8A439 for ; Fri, 16 Feb 2018 18:10:54 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from hemlock.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5rP1q5wcQzZm for ; Fri, 16 Feb 2018 18:10:52 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from NAM02-SN1-obe.outbound.protection.outlook.com (mail-sn1nam02on0104.outbound.protection.outlook.com [104.47.36.104]) by hemlock.osuosl.org (Postfix) with ESMTPS id 951078A437 for ; Fri, 16 Feb 2018 18:10:52 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=licor.onmicrosoft.com; s=selector1-licor-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=RY29zkpDNKFZKzVOjTN56ix0tSG/cAgzoJkwcY5M9tY=; b=0YFQWR5hynQmEMnziwss5Mi3SbJbEr5yiUk5BDJdGgBnglFTjMiEO2va+VkYzt7GqGQOP3D+MZUcIfyBJ/ZFvM/0BleGJ9vhnF585/HdePhEIJazqlVuf05AZ6AhqjNuJhpQgjdOb54NhEvsan/wGSuU4lpvgXS3dglW0ajrHjg= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=chris.lesiak@licor.com; Received: from bee.local (208.82.105.200) by BN6PR08MB3393.namprd08.prod.outlook.com (10.161.154.20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.506.18; Fri, 16 Feb 2018 18:10:49 +0000 From: Chris Lesiak To: buildroot@buildroot.org Date: Fri, 16 Feb 2018 12:10:16 -0600 Message-Id: <20180216181016.8747-1-chris.lesiak@licor.com> X-Mailer: git-send-email 2.14.3 In-Reply-To: <20180123232221.6106-1-chris.lesiak@licor.com> References: <20180123232221.6106-1-chris.lesiak@licor.com> MIME-Version: 1.0 X-Originating-IP: [208.82.105.200] X-ClientProxiedBy: DM5PR20CA0048.namprd20.prod.outlook.com (10.171.161.162) To BN6PR08MB3393.namprd08.prod.outlook.com (10.161.154.20) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 273cb9b9-23f4-48cd-c5bf-08d575689bd2 X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(5600026)(4604075)(4534165)(4627221)(201703031133081)(201702281549075)(2017052603307)(7153060)(7193020); SRVR:BN6PR08MB3393; X-Microsoft-Exchange-Diagnostics: 1; BN6PR08MB3393; 3:HTFVVDQwK/8KdG2wmlfp78Y1fyY4NgK8j6SqWDAk5dT1jRpuPMgcJ/kltyvydSpqYvtyvMxjLdHrRLkJYVGsGiGUZOjHl+0TqnCx9fGBlJaiZbtP4Jpl/2mUe6mnHhvF1QLsloc/JUwIozNfRikMb0kOLjyccfAk28tAQmV4qwXy/HMxXrbemEfaAYNep681Eeyschb3z1PZiyvIHWTsibEKzAeAltvvP+ySZQe25lmlM+rHRcpq96wU4KOa8bcI; 25:ZlEHGSxEuF+VEPfFFZjJnazPFuZrxb0qW5GF6As5gKLlXU6wbW4VI4ibQDn24MfTnC4W5sChGSgaOG/LXHJVixjPhFBrHG6/OiryXRkuCnW4i9AtFpArIAcMTfhi1IBlgGf/JuASr+mb0EGLW7ZnQ+s0SooImWXH5tn3xt0msbJB7FN+Bb7I2eQkaizvfBAc0j2RxdsZaC80m6hGoQlFNJeq/CnNcdppEB/C9M9HBas9c9bUDybtePROfMeihccI6MB1J5cvIvJIXO7r224ekCHUT+DLoaOP20YjcMASId7UZv2umhZXLw9h1CQ0NBQF91H5m3rwGJGRV0Ck+lV/Dg==; 31:FXCCiPOQmJI5YJjXxZevGUrugs6NbeCUI8/ASk0SxwXkI6sYNwVqtoenqsww6yP6TYcgE+LLs2GI4gQl2EVoZaE63HRaS06fqLDYdtHc3UqWiQwCKocPwAxmI/PAi3OY1ZfS3lIqnp7QxUp6dUoveggr6J4X1jdY5foOFxf5UIsumv3MGw8ky5bkGcS24VbvbLAcufM+EdklFmei3zTsgHIM0KJU49JMGROlk10kKd0= X-MS-TrafficTypeDiagnostic: BN6PR08MB3393: X-Microsoft-Exchange-Diagnostics: 1; BN6PR08MB3393; 20:llMyrsy3cbLK11NqsjooTMkMB/rMBi1UyuaKzip/+AYpjw2q98ZwZ4bIgyv9lM8sI9LjwolEQ83cUJM8YpcsaAHpMg989tMtZnWBUelcuT2VcrWTMx4YseF/ryx3fz9kKX7i0qgScGVhqKToAxdtJ2u7Du5zFZ+4csj0J776d1aRh/UA1PIiaS1UsXt6JHRMOucQgxj2+oO9SwM0cUn5039CHJ9GayhgpfvWzJlKt3K+6thmcNVXTsv9CaWELtYFpZ+2J71tk+qYPsYkBnhtKKN/cI7Ht1ryrR7weHxlccDzvleNiJruSit7i15vT1IUblhkRwuUrgM9OEgCYTqMUgTA9ayMdRQnLuycjedJS0gFnEWG5SD5EXDyj1qTSa88Ph1bjhLSLDzFse4CHhCazy7PJtG3JoI/BOrg7saSVv8NgXvEmlZoUS9av5+N0LYMZeYZPYfbNBHHpe01RIq3mBkYfmavoLpxCfQOKcMvDWryfOKvIF3SPvU+iSD7Xtic; 4:fXGSghmzrRjisI2mYJ6ll4FJOKOlIAJw0IVCWwyDx2v/UhdLlQtwC6XmGkbIQO46EsKXaexXd6JrlCsPzyBfKzlQlsUVsb7aoRYcF4aPqPu8Zdih3sX1ej6j21aikHLiDpCMW6vKVpOue4W5e2xLbyXuLhlUZ709pORb/8SoC1Qg6RKjPlzld+SI5iTOkilyM948BBDAISHf76iX5llcfClQ0DibdFw7j3BsKTzSVOruvCmgwXO+TyvQC1HOm3144lypJeLC4ig4DhXJRReceQ== X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:; X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(6040501)(2401047)(5005006)(8121501046)(3002001)(93006095)(93001095)(10201501046)(3231101)(944501161)(6041288)(20161123558120)(20161123564045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123560045)(20161123562045)(6072148)(201708071742011); SRVR:BN6PR08MB3393; BCL:0; PCL:0; RULEID:; SRVR:BN6PR08MB3393; X-Forefront-PRVS: 0585417D7B X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10019020)(396003)(39850400004)(39380400002)(346002)(366004)(376002)(199004)(189003)(6512007)(106356001)(86362001)(107886003)(53936002)(2351001)(316002)(16586007)(105586002)(66066001)(47776003)(25786009)(4326008)(2361001)(7736002)(97736004)(2950100002)(6916009)(1076002)(81156014)(5660300001)(81166006)(48376002)(8676002)(36756003)(50226002)(2906002)(186003)(50466002)(8936002)(16526019)(6486002)(52116002)(478600001)(6116002)(51416003)(386003)(26005)(6506007)(68736007)(6666003)(3846002)(305945005)(76176011); DIR:OUT; SFP:1102; SCL:1; SRVR:BN6PR08MB3393; H:bee.local; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en; Received-SPF: None (protection.outlook.com: licor.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; BN6PR08MB3393; 23:WSb42VqevX1024Z9h/Fu9QKfPu2VZtDEXHimuX99F?= gFvN3GX3+X3Xt1Z7KognmWy2a9Cdqaf48VLt/MEsnasb7F2gIu+cXT7/43A0TEfNOgOr8W6719VztNb2NUkA8/y39vnjEDkq1U32LwW4rGu74kY5v6vITLL21+QCLHyeBZdeeaYpBw458zr8k3BLIvtbuUFo1TTqt7DRUuPfdZFafgTNTd2Wt3fk+KeQw1VMLCqmh7xI/jK6aNgolE4V6HBnOiTM+PjI9ssBbVbwEkWkEs3CNeeSqlK/IqehEquPeY0jHUErB7AxEn1C6qtSIc4GCaPAIXgbuWDitGyOnbxPabOsCqj2rryHteRyC1R8CQJenaS+bAsEuTSg6/NqwbJZ3ydnO1M621TZHqtYeK5lQ37FN+BlPMXSbZGv5pQVTCoaaTZ8/aB3kF8SiM7tC+isFwWYej9p7IwJHV9l9iOKvLvxbr70Rl4MJxDBus5tTeay+iZG0Po9cydLS1W6YGy1T2iiL1UJe1wlPAO51lMFwaxrihIKjtO1wX48qOzDCxI7ZAZowblg45D6yMqvRZkQPpPn1meI0EMAare2bZmcoHD3G0bqR2k0zt3mqw2zaM7JQ3td/Cit6n6oetUsRwaM1X6KCWdQMmEJn8/GH0tO7B4mnI2566nFEEgiYwvs1xb6E+FB+m0BSlciLkA2L/ciGrwawolREtrWxY6/mr+7PtXG9PkZnAo3tjSjtO3XM5IX4+f//BCqHByx6smGwu1mVnua+8g9KDuvuCOjKB/gzzHY9y24roEse9UACG6DiSfKyezXhXbJWmnJtT7zHdoaEkihqOZIqC12t4URSgNSHh0bu2tSFVGGs1snGoiDz5Eq6I5ewwurusV9rkM2fh8DAL+TjnkGVaDMMpHzT30Q6dnETxfnKrAtnuDehrq6n5QojeQfjzpchfeIE6NycNMGofya/vKJot09fCkctog9rzfXEHeToIoOvvmB+fbPavGg6H6I2zQV0htfCvBStUxogjnDcIED0qZXlez8dZ2O8TlR1c0kRKOqemkIrT3vu2+c+et9ZACewG/J4FkDihYs+hpEHhNV2QtB3ib54MmP+bpf+Fq88WOu+ZH1/nws4y896SJnbHBI4LUKlz/JFW55hg7iieY053sDdroPwPMteaTbiWhZ9pldEQ/hA/UPzQ= X-Microsoft-Exchange-Diagnostics: 1; BN6PR08MB3393; 6:puaL1Td8Hc9P1BviiqLH7p/au9IJJaKFKQBrKUxWn+xroskz+O81fmVN2AKgZyo+7ugz7mm+loCWVcIvaU1meKZOVTVWUmNr8FeV5iBt0HMGsr3VAhb6yqdao863oXWYpQ64cschJSJcyyleYVLWYWpmnl+xiFrIfd9CCUzsjRMqle8fA+v6ph4UiucpMDO+0DZTKAMFcSPYvBWovcdgOG360/9PTqnO5pucpE2x8B4jYIvSLqKIswCCRbRPU8a6HT7Y6etJz5P4VaHxSfqCbh/IhYKvEJ2f6NNtH14TKR/GmChE8UTUbW7jSr8Ir4aKZSB2NILdREmc7wrfYHqBcAvacMo4zGwOEUa0/i5SLoE=; 5:j63qOw5EqQA9T9Gwzib5BKHZbhLttqkAVSPV6IiI7WOc1MW10tjt/vdTBGzhSluhlozz3qdpqVbEtMUfpslTWg0Q9a0vu2XCy9fATzfUqUycGTg+i5Kty2tPHLGIx2nSByrduQ9hFhHpDuiaGWccUREFpxlQF4/+8n4xag+IX44=; 24:+tJA7o0NaWeLpwelM00j+kqH1ydnv7EqN3wsB06v/UWodL4zAGtlMjsunPmG/J7Pof3nzYIM5v4GY+LwzcBl5m06za5MD26HTH5zNJg182o=; 7:zMmBrhZEXcdaIHeyLwCKp0bmQgbtXrL+UELJVo/oCHJGIy9EE1Z7xOCEvJS8DZoxzRbHaO/DjfLq1BZ8ZXZ0J/jwmyPCH35PZtDH3GfpuKRgvNHqi8TL9LLfWl06Wm7XYjP7nRt0Z8B4W17X/xnf3d7ltJbGUb+9kVwxJpou+wsk/ZphgNf3GXhYSbmLkqvN7cMZ+Te+rqQY3A+bZjQ5RR57/QUkN1URxaaTOenNGKchdRef24segCtElQW2neEa SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-OriginatorOrg: licor.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Feb 2018 18:10:49.1310 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 273cb9b9-23f4-48cd-c5bf-08d575689bd2 X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 48c70abd-da5a-4c6c-86cb-5e003ca01574 X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR08MB3393 Subject: [Buildroot] [PATCH v2] package/openssh: Add sysusers.d snippet X-BeenThere: buildroot@busybox.net X-Mailman-Version: 2.1.24 Precedence: list List-Id: Discussion and development of buildroot List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Chris Lesiak Errors-To: buildroot-bounces@busybox.net Sender: "buildroot" Signed-off-by: Chris Lesiak --- Changes v1 --> v2 - Rename the snippet file to sshd_sysusers.conf to make the use more apparent. --- package/openssh/openssh.mk | 8 ++++++++ package/openssh/sshd_sysusers.conf | 5 +++++ 2 files changed, 13 insertions(+) create mode 100644 package/openssh/sshd_sysusers.conf diff --git a/package/openssh/openssh.mk b/package/openssh/openssh.mk index 6b7ac22c19..5d099ceb13 100644 --- a/package/openssh/openssh.mk +++ b/package/openssh/openssh.mk @@ -60,12 +60,20 @@ else OPENSSH_CONF_OPTS += --without-selinux endif +ifeq ($(BR2_PACKAGE_SYSTEMD_SYSUSERS),y) +define OPENSSH_INSTALL_SYSTEMD_SYSUSERS + $(INSTALL) -m 0644 -D package/openssh/sshd_sysusers.conf \ + $(TARGET_DIR)/usr/lib/sysusers.d/sshd.conf +endef +endif + define OPENSSH_INSTALL_INIT_SYSTEMD $(INSTALL) -D -m 644 package/openssh/sshd.service \ $(TARGET_DIR)/usr/lib/systemd/system/sshd.service mkdir -p $(TARGET_DIR)/etc/systemd/system/multi-user.target.wants ln -fs ../../../../usr/lib/systemd/system/sshd.service \ $(TARGET_DIR)/etc/systemd/system/multi-user.target.wants/sshd.service + $(OPENSSH_INSTALL_SYSTEMD_SYSUSERS) endef define OPENSSH_INSTALL_INIT_SYSV diff --git a/package/openssh/sshd_sysusers.conf b/package/openssh/sshd_sysusers.conf new file mode 100644 index 0000000000..3ea46f65c6 --- /dev/null +++ b/package/openssh/sshd_sysusers.conf @@ -0,0 +1,5 @@ +# sysusers.d snippet for creating the sshd system user automatically +# at boot on systemd-based systems that ship with an unpopulated +# /etc. See sysusers.d(5) for details. + +u sshd - "Privilege-separated SSH"