All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH] openssh: enable PAM at runtime based on DISTRO_FEATURES
@ 2014-02-19  8:45 Koen Kooi
  2014-02-19 20:20 ` Bernhard Reutner-Fischer
  2014-02-19 22:01 ` Andreas Oberritter
  0 siblings, 2 replies; 4+ messages in thread
From: Koen Kooi @ 2014-02-19  8:45 UTC (permalink / raw)
  To: openembedded-core; +Cc: Koen Kooi

Everything is setup to use PAM except for the server config. If 'pam' is
in DISTRO_FEATURES the configs will be changed to enable it.

Syslog will now show:

	Feb 19 09:28:36 beast sshd[2980]: pam_unix(sshd:session): session opened for user koen by (uid=0)

And more importantly:

	koen@beast:~$ loginctl
	   SESSION        UID USER             SEAT
	        c1       1000 koen             seat0
	        c3       1000 koen             seat0
	       c13       1000 koen

	3 sessions listed.

Systemd now registers the session properly so it won't kill things like 'screen'
and 'tmux' when disconnecting the ssh session.

Signed-off-by: Koen Kooi <koen.kooi@linaro.org>
---
 meta/recipes-connectivity/openssh/openssh_6.4p1.bb | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/meta/recipes-connectivity/openssh/openssh_6.4p1.bb b/meta/recipes-connectivity/openssh/openssh_6.4p1.bb
index 9c0bb48..5b9ec10 100644
--- a/meta/recipes-connectivity/openssh/openssh_6.4p1.bb
+++ b/meta/recipes-connectivity/openssh/openssh_6.4p1.bb
@@ -82,6 +82,8 @@ do_install_append () {
 	if [ "${@base_contains('DISTRO_FEATURES', 'pam', 'pam', '', d)}" = "pam" ]; then
 		install -d ${D}${sysconfdir}/pam.d
 		install -m 0755 ${WORKDIR}/sshd ${D}${sysconfdir}/pam.d/sshd
+		sed -i -e 's:#UsePAM no:UsePAM yes:' ${WORKDIR}/sshd_config
+		sed -i -e 's:#UsePAM no:UsePAM yes:' ${D}${sysconfdir}/ssh/sshd_config
 	fi
 
 	install -d ${D}${sysconfdir}/init.d
-- 
1.8.4.2



^ permalink raw reply related	[flat|nested] 4+ messages in thread
* Re: [PATCH] openssh: enable PAM at runtime based on DISTRO_FEATURES
  2014-02-19  8:45 [PATCH] openssh: enable PAM at runtime based on DISTRO_FEATURES Koen Kooi
@ 2014-02-19 20:20 ` Bernhard Reutner-Fischer
  2014-02-19 22:01 ` Andreas Oberritter
  1 sibling, 0 replies; 4+ messages in thread
From: Bernhard Reutner-Fischer @ 2014-02-19 20:20 UTC (permalink / raw)
  To: Koen Kooi, openembedded-core

On 19 February 2014 09:46:12 Koen Kooi <koen.kooi@linaro.org> wrote:


> +++ b/meta/recipes-connectivity/openssh/openssh_6.4p1.bb
> @@ -82,6 +82,8 @@ do_install_append () {
>  	if [ "${@base_contains('DISTRO_FEATURES', 'pam', 'pam', '', d)}" = "pam" 
>  ]; then
>  		install -d ${D}${sysconfdir}/pam.d
>  		install -m 0755 ${WORKDIR}/sshd ${D}${sysconfdir}/pam.d/sshd

I'd rephrase the above to use one install -D and pass both files below to 
just one sed.

thanks,

> +		sed -i -e 's:#UsePAM no:UsePAM yes:' ${WORKDIR}/sshd_config
> +		sed -i -e 's:#UsePAM no:UsePAM yes:' ${D}${sysconfdir}/ssh/sshd_config
>  	fi
>
>  	install -d ${D}${sysconfdir}/init.d
> --
> 1.8.4.2
>
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core@lists.openembedded.org
> http://lists.openembedded.org/mailman/listinfo/openembedded-core



Sent with AquaMail for Android
http://www.aqua-mail.com




^ permalink raw reply	[flat|nested] 4+ messages in thread
* Re: [PATCH] openssh: enable PAM at runtime based on DISTRO_FEATURES
  2014-02-19  8:45 [PATCH] openssh: enable PAM at runtime based on DISTRO_FEATURES Koen Kooi
  2014-02-19 20:20 ` Bernhard Reutner-Fischer
@ 2014-02-19 22:01 ` Andreas Oberritter
  2014-02-20  6:51   ` Koen Kooi
  1 sibling, 1 reply; 4+ messages in thread
From: Andreas Oberritter @ 2014-02-19 22:01 UTC (permalink / raw)
  To: openembedded-core

Hello Koen,

On 19.02.2014 09:45, Koen Kooi wrote:
> diff --git a/meta/recipes-connectivity/openssh/openssh_6.4p1.bb b/meta/recipes-connectivity/openssh/openssh_6.4p1.bb
> index 9c0bb48..5b9ec10 100644
> --- a/meta/recipes-connectivity/openssh/openssh_6.4p1.bb
> +++ b/meta/recipes-connectivity/openssh/openssh_6.4p1.bb
> @@ -82,6 +82,8 @@ do_install_append () {
>  	if [ "${@base_contains('DISTRO_FEATURES', 'pam', 'pam', '', d)}" = "pam" ]; then
>  		install -d ${D}${sysconfdir}/pam.d
>  		install -m 0755 ${WORKDIR}/sshd ${D}${sysconfdir}/pam.d/sshd
> +		sed -i -e 's:#UsePAM no:UsePAM yes:' ${WORKDIR}/sshd_config
> +		sed -i -e 's:#UsePAM no:UsePAM yes:' ${D}${sysconfdir}/ssh/sshd_config

is the first of the two new lines really necessary?

Regards,
Andreas


^ permalink raw reply	[flat|nested] 4+ messages in thread
* Re: [PATCH] openssh: enable PAM at runtime based on DISTRO_FEATURES
  2014-02-19 22:01 ` Andreas Oberritter
@ 2014-02-20  6:51   ` Koen Kooi
  0 siblings, 0 replies; 4+ messages in thread
From: Koen Kooi @ 2014-02-20  6:51 UTC (permalink / raw)
  To: Andreas Oberritter; +Cc: openembedded-core


Op 19 feb. 2014, om 23:01 heeft Andreas Oberritter <obi@opendreambox.org> het volgende geschreven:

> Hello Koen,
> 
> On 19.02.2014 09:45, Koen Kooi wrote:
>> diff --git a/meta/recipes-connectivity/openssh/openssh_6.4p1.bb b/meta/recipes-connectivity/openssh/openssh_6.4p1.bb
>> index 9c0bb48..5b9ec10 100644
>> --- a/meta/recipes-connectivity/openssh/openssh_6.4p1.bb
>> +++ b/meta/recipes-connectivity/openssh/openssh_6.4p1.bb
>> @@ -82,6 +82,8 @@ do_install_append () {
>> 	if [ "${@base_contains('DISTRO_FEATURES', 'pam', 'pam', '', d)}" = "pam" ]; then
>> 		install -d ${D}${sysconfdir}/pam.d
>> 		install -m 0755 ${WORKDIR}/sshd ${D}${sysconfdir}/pam.d/sshd
>> +		sed -i -e 's:#UsePAM no:UsePAM yes:' ${WORKDIR}/sshd_config
>> +		sed -i -e 's:#UsePAM no:UsePAM yes:' ${D}${sysconfdir}/ssh/sshd_config
> 
> is the first of the two new lines really necessary?

Yes, the recipe installs /etc/ssh/sshd_config in do_compile_append and  /etc/ssh/sshd_config_readonly in do_install_append.

regards,

Koen

> 
> Regards,
> Andreas
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core@lists.openembedded.org
> http://lists.openembedded.org/mailman/listinfo/openembedded-core
> 



^ permalink raw reply	[flat|nested] 4+ messages in thread
end of thread, other threads:[~2014-02-20  6:51 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2014-02-19  8:45 [PATCH] openssh: enable PAM at runtime based on DISTRO_FEATURES Koen Kooi
2014-02-19 20:20 ` Bernhard Reutner-Fischer
2014-02-19 22:01 ` Andreas Oberritter
2014-02-20  6:51   ` Koen Kooi

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.