* [PATCH] openssh: enable PAM at runtime based on DISTRO_FEATURES
@ 2014-02-19 8:45 Koen Kooi
2014-02-19 20:20 ` Bernhard Reutner-Fischer
2014-02-19 22:01 ` Andreas Oberritter
0 siblings, 2 replies; 4+ messages in thread
From: Koen Kooi @ 2014-02-19 8:45 UTC (permalink / raw)
To: openembedded-core; +Cc: Koen Kooi
Everything is setup to use PAM except for the server config. If 'pam' is
in DISTRO_FEATURES the configs will be changed to enable it.
Syslog will now show:
Feb 19 09:28:36 beast sshd[2980]: pam_unix(sshd:session): session opened for user koen by (uid=0)
And more importantly:
koen@beast:~$ loginctl
SESSION UID USER SEAT
c1 1000 koen seat0
c3 1000 koen seat0
c13 1000 koen
3 sessions listed.
Systemd now registers the session properly so it won't kill things like 'screen'
and 'tmux' when disconnecting the ssh session.
Signed-off-by: Koen Kooi <koen.kooi@linaro.org>
---
meta/recipes-connectivity/openssh/openssh_6.4p1.bb | 2 ++
1 file changed, 2 insertions(+)
diff --git a/meta/recipes-connectivity/openssh/openssh_6.4p1.bb b/meta/recipes-connectivity/openssh/openssh_6.4p1.bb
index 9c0bb48..5b9ec10 100644
--- a/meta/recipes-connectivity/openssh/openssh_6.4p1.bb
+++ b/meta/recipes-connectivity/openssh/openssh_6.4p1.bb
@@ -82,6 +82,8 @@ do_install_append () {
if [ "${@base_contains('DISTRO_FEATURES', 'pam', 'pam', '', d)}" = "pam" ]; then
install -d ${D}${sysconfdir}/pam.d
install -m 0755 ${WORKDIR}/sshd ${D}${sysconfdir}/pam.d/sshd
+ sed -i -e 's:#UsePAM no:UsePAM yes:' ${WORKDIR}/sshd_config
+ sed -i -e 's:#UsePAM no:UsePAM yes:' ${D}${sysconfdir}/ssh/sshd_config
fi
install -d ${D}${sysconfdir}/init.d
--
1.8.4.2
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH] openssh: enable PAM at runtime based on DISTRO_FEATURES
2014-02-19 8:45 [PATCH] openssh: enable PAM at runtime based on DISTRO_FEATURES Koen Kooi
@ 2014-02-19 20:20 ` Bernhard Reutner-Fischer
2014-02-19 22:01 ` Andreas Oberritter
1 sibling, 0 replies; 4+ messages in thread
From: Bernhard Reutner-Fischer @ 2014-02-19 20:20 UTC (permalink / raw)
To: Koen Kooi, openembedded-core
On 19 February 2014 09:46:12 Koen Kooi <koen.kooi@linaro.org> wrote:
> +++ b/meta/recipes-connectivity/openssh/openssh_6.4p1.bb
> @@ -82,6 +82,8 @@ do_install_append () {
> if [ "${@base_contains('DISTRO_FEATURES', 'pam', 'pam', '', d)}" = "pam"
> ]; then
> install -d ${D}${sysconfdir}/pam.d
> install -m 0755 ${WORKDIR}/sshd ${D}${sysconfdir}/pam.d/sshd
I'd rephrase the above to use one install -D and pass both files below to
just one sed.
thanks,
> + sed -i -e 's:#UsePAM no:UsePAM yes:' ${WORKDIR}/sshd_config
> + sed -i -e 's:#UsePAM no:UsePAM yes:' ${D}${sysconfdir}/ssh/sshd_config
> fi
>
> install -d ${D}${sysconfdir}/init.d
> --
> 1.8.4.2
>
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core@lists.openembedded.org
> http://lists.openembedded.org/mailman/listinfo/openembedded-core
Sent with AquaMail for Android
http://www.aqua-mail.com
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] openssh: enable PAM at runtime based on DISTRO_FEATURES
2014-02-19 8:45 [PATCH] openssh: enable PAM at runtime based on DISTRO_FEATURES Koen Kooi
2014-02-19 20:20 ` Bernhard Reutner-Fischer
@ 2014-02-19 22:01 ` Andreas Oberritter
2014-02-20 6:51 ` Koen Kooi
1 sibling, 1 reply; 4+ messages in thread
From: Andreas Oberritter @ 2014-02-19 22:01 UTC (permalink / raw)
To: openembedded-core
Hello Koen,
On 19.02.2014 09:45, Koen Kooi wrote:
> diff --git a/meta/recipes-connectivity/openssh/openssh_6.4p1.bb b/meta/recipes-connectivity/openssh/openssh_6.4p1.bb
> index 9c0bb48..5b9ec10 100644
> --- a/meta/recipes-connectivity/openssh/openssh_6.4p1.bb
> +++ b/meta/recipes-connectivity/openssh/openssh_6.4p1.bb
> @@ -82,6 +82,8 @@ do_install_append () {
> if [ "${@base_contains('DISTRO_FEATURES', 'pam', 'pam', '', d)}" = "pam" ]; then
> install -d ${D}${sysconfdir}/pam.d
> install -m 0755 ${WORKDIR}/sshd ${D}${sysconfdir}/pam.d/sshd
> + sed -i -e 's:#UsePAM no:UsePAM yes:' ${WORKDIR}/sshd_config
> + sed -i -e 's:#UsePAM no:UsePAM yes:' ${D}${sysconfdir}/ssh/sshd_config
is the first of the two new lines really necessary?
Regards,
Andreas
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] openssh: enable PAM at runtime based on DISTRO_FEATURES
2014-02-19 22:01 ` Andreas Oberritter
@ 2014-02-20 6:51 ` Koen Kooi
0 siblings, 0 replies; 4+ messages in thread
From: Koen Kooi @ 2014-02-20 6:51 UTC (permalink / raw)
To: Andreas Oberritter; +Cc: openembedded-core
Op 19 feb. 2014, om 23:01 heeft Andreas Oberritter <obi@opendreambox.org> het volgende geschreven:
> Hello Koen,
>
> On 19.02.2014 09:45, Koen Kooi wrote:
>> diff --git a/meta/recipes-connectivity/openssh/openssh_6.4p1.bb b/meta/recipes-connectivity/openssh/openssh_6.4p1.bb
>> index 9c0bb48..5b9ec10 100644
>> --- a/meta/recipes-connectivity/openssh/openssh_6.4p1.bb
>> +++ b/meta/recipes-connectivity/openssh/openssh_6.4p1.bb
>> @@ -82,6 +82,8 @@ do_install_append () {
>> if [ "${@base_contains('DISTRO_FEATURES', 'pam', 'pam', '', d)}" = "pam" ]; then
>> install -d ${D}${sysconfdir}/pam.d
>> install -m 0755 ${WORKDIR}/sshd ${D}${sysconfdir}/pam.d/sshd
>> + sed -i -e 's:#UsePAM no:UsePAM yes:' ${WORKDIR}/sshd_config
>> + sed -i -e 's:#UsePAM no:UsePAM yes:' ${D}${sysconfdir}/ssh/sshd_config
>
> is the first of the two new lines really necessary?
Yes, the recipe installs /etc/ssh/sshd_config in do_compile_append and /etc/ssh/sshd_config_readonly in do_install_append.
regards,
Koen
>
> Regards,
> Andreas
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core@lists.openembedded.org
> http://lists.openembedded.org/mailman/listinfo/openembedded-core
>
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2014-02-20 6:51 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2014-02-19 8:45 [PATCH] openssh: enable PAM at runtime based on DISTRO_FEATURES Koen Kooi
2014-02-19 20:20 ` Bernhard Reutner-Fischer
2014-02-19 22:01 ` Andreas Oberritter
2014-02-20 6:51 ` Koen Kooi
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.