aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGravatar Chris Lesiak <chris.lesiak@licor.com>2019-02-06 16:36:39 +0000
committerGravatar Peter Korsgaard <peter@korsgaard.com>2019-02-19 08:31:01 +0100
commit8df0a10c51ed855ccda68a17594f5cedd3aa654c (patch)
treeff1920f3dd772b93aef24a7f94f5f1e9c427934b
parentdc80a84aa5fd679cb0f9ae6b9ae53b0809a8fb1a (diff)
downloadbuildroot-8df0a10c51ed855ccda68a17594f5cedd3aa654c.tar.gz
buildroot-8df0a10c51ed855ccda68a17594f5cedd3aa654c.tar.bz2
package/openssh: Add sysusers.d snippet
Whether using the new sysusers.d snippet, or adding an entry to /etc/password, set the service's home directory to /var/empty. See README.privsep included as part of the openssh distribution. Signed-off-by: Chris Lesiak <chris.lesiak@licor.com> Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be> (cherry picked from commit 9acbf811cd7028dba17a26ee23e8494b083b8cab) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
-rw-r--r--package/openssh/openssh.mk16
-rw-r--r--package/openssh/sshd-sysusers.conf1
2 files changed, 13 insertions, 4 deletions
diff --git a/package/openssh/openssh.mk b/package/openssh/openssh.mk
index 9175f9589d..cbf2e92920 100644
--- a/package/openssh/openssh.mk
+++ b/package/openssh/openssh.mk
@@ -18,10 +18,6 @@ OPENSSH_CONF_OPTS = \
--disable-wtmpx \
--disable-strip
-define OPENSSH_USERS
- sshd -1 sshd -1 * - - - SSH drop priv user
-endef
-
define OPENSSH_PERMISSIONS
/var/empty d 755 root root - - - - -
endef
@@ -60,12 +56,24 @@ else
OPENSSH_CONF_OPTS += --without-selinux
endif
+ifeq ($(BR2_PACKAGE_SYSTEMD_SYSUSERS),y)
+define OPENSSH_INSTALL_SYSTEMD_SYSUSERS
+ $(INSTALL) -m 0644 -D package/openssh/sshd-sysusers.conf \
+ $(TARGET_DIR)/usr/lib/sysusers.d/sshd.conf
+endef
+else
+define OPENSSH_USERS
+ sshd -1 sshd -1 * /var/empty - - SSH drop priv user
+endef
+endif
+
define OPENSSH_INSTALL_INIT_SYSTEMD
$(INSTALL) -D -m 644 package/openssh/sshd.service \
$(TARGET_DIR)/usr/lib/systemd/system/sshd.service
mkdir -p $(TARGET_DIR)/etc/systemd/system/multi-user.target.wants
ln -fs ../../../../usr/lib/systemd/system/sshd.service \
$(TARGET_DIR)/etc/systemd/system/multi-user.target.wants/sshd.service
+ $(OPENSSH_INSTALL_SYSTEMD_SYSUSERS)
endef
define OPENSSH_INSTALL_INIT_SYSV
diff --git a/package/openssh/sshd-sysusers.conf b/package/openssh/sshd-sysusers.conf
new file mode 100644
index 0000000000..ac77aec065
--- /dev/null
+++ b/package/openssh/sshd-sysusers.conf
@@ -0,0 +1 @@
+u sshd - "SSH drop priv user" /var/empty