From patchwork Tue Mar 19 11:41:56 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Esben Haabendal <esben.haabendal@gmail.com>
X-Patchwork-Id: 1058365
Return-Path: <buildroot-bounces@busybox.net>
X-Original-To: incoming-buildroot@patchwork.ozlabs.org
Delivered-To: patchwork-incoming-buildroot@bilbo.ozlabs.org
Authentication-Results: ozlabs.org;
	spf=pass (mailfrom) smtp.mailfrom=busybox.net
	(client-ip=140.211.166.138; helo=whitealder.osuosl.org;
	envelope-from=buildroot-bounces@busybox.net;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org;
	dmarc=fail (p=none dis=none) header.from=gmail.com
Authentication-Results: ozlabs.org;
	dkim=fail reason="signature verification failed" (2048-bit key;
	unprotected) header.d=gmail.com header.i=@gmail.com
	header.b="KhN7BtO1"; dkim-atps=neutral
Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
	bits)) (No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 44NrkS0nl5z9s4Y
	for <incoming-buildroot@patchwork.ozlabs.org>;
	Tue, 19 Mar 2019 22:42:06 +1100 (AEDT)
Received: from localhost (localhost [127.0.0.1])
	by whitealder.osuosl.org (Postfix) with ESMTP id D20B586CB4;
	Tue, 19 Mar 2019 11:42:02 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from whitealder.osuosl.org ([127.0.0.1])
	by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id vx9ItCLOcuFe; Tue, 19 Mar 2019 11:42:01 +0000 (UTC)
Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34])
	by whitealder.osuosl.org (Postfix) with ESMTP id 4A95086802;
	Tue, 19 Mar 2019 11:42:01 +0000 (UTC)
X-Original-To: buildroot@lists.busybox.net
Delivered-To: buildroot@osuosl.org
Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138])
	by ash.osuosl.org (Postfix) with ESMTP id AD6801BF228
	for <buildroot@lists.busybox.net>;
	Tue, 19 Mar 2019 11:42:00 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
	by whitealder.osuosl.org (Postfix) with ESMTP id AA13686802
	for <buildroot@lists.busybox.net>;
	Tue, 19 Mar 2019 11:42:00 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from whitealder.osuosl.org ([127.0.0.1])
	by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id l-b7wJmZVgC0 for <buildroot@lists.busybox.net>;
	Tue, 19 Mar 2019 11:41:59 +0000 (UTC)
X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6
Received: from mail-lj1-f176.google.com (mail-lj1-f176.google.com
	[209.85.208.176])
	by whitealder.osuosl.org (Postfix) with ESMTPS id 833BD86717
	for <buildroot@buildroot.org>; Tue, 19 Mar 2019 11:41:59 +0000 (UTC)
Received: by mail-lj1-f176.google.com with SMTP id n18so15046818ljg.11
	for <buildroot@buildroot.org>; Tue, 19 Mar 2019 04:41:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
	h=sender:from:to:cc:subject:date:message-id:mime-version
	:content-transfer-encoding;
	bh=BnCGKWtIXQdQci+4sX5+ZgkES2a+WRIf+iDgnFNENGM=;
	b=KhN7BtO1FVNpmgtXo8jKLeksIvIbC5rG9CzHAEwNHg/sToqs40ksKFbTbVPoALhnrI
	ytTjLtHrIFejIpj5pd1A+Rk9azs4sir7b4T+58301OVnk6YHU3tgi5h31kPQ6GryXX0e
	rEpYopfVU1K2WUePyozleaeYtmGXD9GJq2EM1uwWhcxDlz2CEwngvLhmHdZueZjtGb69
	dPwdoTQKx1yP569MmHvUXa8OesOejU5kxrtrmkWAoBldHoQVIsrXZGpp+58PFhUxxry9
	T1CojZFB6dr915XGtKxlVbJBrAn/LF54X2tkDx3Q+MY/1qYQI+I/q1NPjyprUMpxi1Gc
	84vQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:sender:from:to:cc:subject:date:message-id
	:mime-version:content-transfer-encoding;
	bh=BnCGKWtIXQdQci+4sX5+ZgkES2a+WRIf+iDgnFNENGM=;
	b=QFAHWdFA1K81hpsezhsbXUraAiHIjoHuMbRHKL7MLJKzZ655xPpD+1GAL/GQ0DGKgW
	6DX77PcxgYIvYyaKlANtc84joJBeL7B7ZI1OIBR8dAWXOkg0XfRg72YepNb6pw338myD
	c1xMtICEP5vrH8FhwdzR4iw6IP2Cc6zsXWZuyMlbZMY4gxrTCd1XU/TQYdMyHwV+ZLhy
	EW18SbK3KScteQ03MLvRVH/eaTw2TOpmxneV83L4vCO0KvllQ6dhtlFDpkH78zzVfSan
	gX+BCT81gxXaVqqd28mnOMDicm6hsoxOW4ZUhl5tN1W/dkdV/2nZYr/IwQxcbInd4Tyx
	Qf4Q==
X-Gm-Message-State: APjAAAUZU9YjEzGRikkbgHrolvVVEwm7lXwNvH34GXMgRT9avnj9So5b
	EzF3jrEUfWgBVZyvOU1TPIvHQimK
X-Google-Smtp-Source: 
 APXvYqyKDvOHyBqFnEZXm65HukpP9drVD5Bq7xPCQmosrcnN/Gt2AkCwAad5mTvc5qD9+UByB2INNg==
X-Received: by 2002:a2e:814d:: with SMTP id
	t13mr13482144ljg.46.1552995717473;
	Tue, 19 Mar 2019 04:41:57 -0700 (PDT)
Received: from localhost ([193.163.1.7]) by smtp.gmail.com with ESMTPSA id
	y16sm875945ljd.63.2019.03.19.04.41.56
	(version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256);
	Tue, 19 Mar 2019 04:41:56 -0700 (PDT)
From: Esben Haabendal <esben.haabendal@gmail.com>
To: buildroot@buildroot.org
Date: Tue, 19 Mar 2019 12:41:56 +0100
Message-Id: <20190319114156.10696-1-esben.haabendal@gmail.com>
X-Mailer: git-send-email 2.21.0
MIME-Version: 1.0
Subject: [Buildroot] [RFC] openssh: add option to allow login as root
X-BeenThere: buildroot@busybox.net
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussion and development of buildroot <buildroot.busybox.net>
List-Unsubscribe: <http://lists.busybox.net/mailman/options/buildroot>,
	<mailto:buildroot-request@busybox.net?subject=unsubscribe>
List-Archive: <http://lists.busybox.net/pipermail/buildroot/>
List-Post: <mailto:buildroot@busybox.net>
List-Help: <mailto:buildroot-request@busybox.net?subject=help>
List-Subscribe: <http://lists.busybox.net/mailman/listinfo/buildroot>,
	<mailto:buildroot-request@busybox.net?subject=subscribe>
Cc: Esben Haabendal <esben@haabendal.dk>
Errors-To: buildroot-bounces@busybox.net
Sender: "buildroot" <buildroot-bounces@busybox.net>

From: Esben Haabendal <esben@haabendal.dk>

What do you think. Is this kind of micro-management of a configuration
file something that I should keep out of tree?

/Esben
---
 package/openssh/Config.in  | 10 ++++++++++
 package/openssh/openssh.mk |  7 +++++++
 2 files changed, 17 insertions(+)

diff --git a/package/openssh/Config.in b/package/openssh/Config.in
index 683a9c0e5191..bc4f40efa3de 100644
--- a/package/openssh/Config.in
+++ b/package/openssh/Config.in
@@ -9,3 +9,13 @@ config BR2_PACKAGE_OPENSSH
 	  friends.
 
 	  http://www.openssh.com/
+
+if BR2_PACKAGE_OPENSSH
+
+config BR2_PACKAGE_OPENSSH_PERMIT_ROOT_LOGIN
+	bool "Allow SSH root login"
+	help
+	  Modify SSH server configuration to allow login as root.
+	  Warning: This might not be a good idea.  Use at own risk!
+
+endif
diff --git a/package/openssh/openssh.mk b/package/openssh/openssh.mk
index 4fef5caedb01..8d1c153a8752 100644
--- a/package/openssh/openssh.mk
+++ b/package/openssh/openssh.mk
@@ -88,4 +88,11 @@ endef
 
 OPENSSH_POST_INSTALL_TARGET_HOOKS += OPENSSH_INSTALL_SSH_COPY_ID
 
+ifeq ($(BR2_PACKAGE_OPENSSH_PERMIT_ROOT_LOGIN),y)
+define OPENSSH_INSTALL_PERMIT_ROOT_LOGIN
+	$(SED) 's/\#PermitRootLogin prohibit-password/PermitRootLogin yes/' $(TARGET_DIR)/etc/ssh/sshd_config
+endef
+OPENSSH_POST_INSTALL_TARGET_HOOKS += OPENSSH_INSTALL_PERMIT_ROOT_LOGIN
+endif
+
 $(eval $(autotools-package))