* [Buildroot] [PATCH] package/bash: add /bin/bash to /etc/shells
@ 2018-01-11 10:27 Romain Naour
2018-01-11 17:13 ` Yann E. MORIN
0 siblings, 1 reply; 9+ messages in thread
From: Romain Naour @ 2018-01-11 10:27 UTC (permalink / raw)
To: buildroot
When bash is selected, /bin/bash is not added to /etc/shells
(see man shells). So, login tools like dropbear reject the ssh
connexions for users using bash as shell in /etc/passwd.
buildroot authpriv.warn dropbear[853]: User 'kubu' has invalid shell, rejected
Reported-by: Jeremy Rosen <jeremy.rosen@smile.fr>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Cc: "Yann E. MORIN" <yann.morin.1998@free.fr>
---
The same issue can happend with other shells.
---
package/bash/bash.mk | 3 +++
1 file changed, 3 insertions(+)
diff --git a/package/bash/bash.mk b/package/bash/bash.mk
index 089d062..eec6559 100644
--- a/package/bash/bash.mk
+++ b/package/bash/bash.mk
@@ -40,10 +40,13 @@ endif
endif
# Make /bin/sh -> bash (no other shell, better than busybox shells)
+# Add /bin/bash to /etc/shells otherwise some login tools like dropbear
+# can reject the user connexion. See man shells.
define BASH_INSTALL_TARGET_CMDS
$(TARGET_MAKE_ENV) $(MAKE) -C $(@D) \
DESTDIR=$(TARGET_DIR) exec_prefix=/ install
rm -f $(TARGET_DIR)/bin/bashbug
+ echo "/bin/bash" >> $(TARGET_DIR)/etc/shells
endef
$(eval $(autotools-package))
--
2.7.4
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [Buildroot] [PATCH] package/bash: add /bin/bash to /etc/shells
2018-01-11 10:27 [Buildroot] [PATCH] package/bash: add /bin/bash to /etc/shells Romain Naour
@ 2018-01-11 17:13 ` Yann E. MORIN
2018-01-12 8:59 ` Thomas Petazzoni
0 siblings, 1 reply; 9+ messages in thread
From: Yann E. MORIN @ 2018-01-11 17:13 UTC (permalink / raw)
To: buildroot
Romain, All,
On 2018-01-11 11:27 +0100, Romain Naour spake thusly:
> When bash is selected, /bin/bash is not added to /etc/shells
> (see man shells). So, login tools like dropbear reject the ssh
> connexions for users using bash as shell in /etc/passwd.
>
> buildroot authpriv.warn dropbear[853]: User 'kubu' has invalid shell, rejected
>
> Reported-by: Jeremy Rosen <jeremy.rosen@smile.fr>
> Signed-off-by: Romain Naour <romain.naour@smile.fr>
> Cc: "Yann E. MORIN" <yann.morin.1998@free.fr>
> ---
> The same issue can happend with other shells.
> ---
> package/bash/bash.mk | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/package/bash/bash.mk b/package/bash/bash.mk
> index 089d062..eec6559 100644
> --- a/package/bash/bash.mk
> +++ b/package/bash/bash.mk
> @@ -40,10 +40,13 @@ endif
> endif
>
> # Make /bin/sh -> bash (no other shell, better than busybox shells)
> +# Add /bin/bash to /etc/shells otherwise some login tools like dropbear
> +# can reject the user connexion. See man shells.
> define BASH_INSTALL_TARGET_CMDS
> $(TARGET_MAKE_ENV) $(MAKE) -C $(@D) \
> DESTDIR=$(TARGET_DIR) exec_prefix=/ install
> rm -f $(TARGET_DIR)/bin/bashbug
> + echo "/bin/bash" >> $(TARGET_DIR)/etc/shells
What if the user uses a custom skeleton and bash is already listed
there?
I would do:
grep -E '^/bin/bash$' $(TARGET_DIR)/etc/shells >/dev/null 2>&1 \
|| echo "/bin/bash" >> $(TARGET_DIR)/etc/shells
That way, we only install it if not already present.
Regards,
Yann E. MORIN.
> endef
>
> $(eval $(autotools-package))
> --
> 2.7.4
>
--
.-----------------.--------------------.------------------.--------------------.
| Yann E. MORIN | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
| +33 662 376 056 | Software Designer | \ / CAMPAIGN | ___ |
| +33 223 225 172 `------------.-------: X AGAINST | \e/ There is no |
| http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL | v conspiracy. |
'------------------------------^-------^------------------^--------------------'
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Buildroot] [PATCH] package/bash: add /bin/bash to /etc/shells
2018-01-11 17:13 ` Yann E. MORIN
@ 2018-01-12 8:59 ` Thomas Petazzoni
2018-01-12 9:06 ` Romain Naour
2018-01-12 17:35 ` Yann E. MORIN
0 siblings, 2 replies; 9+ messages in thread
From: Thomas Petazzoni @ 2018-01-12 8:59 UTC (permalink / raw)
To: buildroot
Hello,
On Thu, 11 Jan 2018 18:13:57 +0100, Yann E. MORIN wrote:
> I would do:
>
> grep -E '^/bin/bash$' $(TARGET_DIR)/etc/shells >/dev/null 2>&1 \
grep -q ?
> || echo "/bin/bash" >> $(TARGET_DIR)/etc/shells
>
> That way, we only install it if not already present.
Otherwise, yes, agreed.
Thomas
--
Thomas Petazzoni, CTO, Free Electrons
Embedded Linux and Kernel engineering
http://free-electrons.com
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Buildroot] [PATCH] package/bash: add /bin/bash to /etc/shells
2018-01-12 8:59 ` Thomas Petazzoni
@ 2018-01-12 9:06 ` Romain Naour
2018-01-12 17:36 ` Yann E. MORIN
2018-01-12 17:35 ` Yann E. MORIN
1 sibling, 1 reply; 9+ messages in thread
From: Romain Naour @ 2018-01-12 9:06 UTC (permalink / raw)
To: buildroot
Hi Yann, Thomas,
Le 12/01/2018 ? 09:59, Thomas Petazzoni a ?crit?:
> Hello,
>
> On Thu, 11 Jan 2018 18:13:57 +0100, Yann E. MORIN wrote:
>
>> I would do:
>>
>> grep -E '^/bin/bash$' $(TARGET_DIR)/etc/shells >/dev/null 2>&1 \
>
> grep -q ?
>
>> || echo "/bin/bash" >> $(TARGET_DIR)/etc/shells
>>
>> That way, we only install it if not already present.
>
> Otherwise, yes, agreed.
Ok, I'll fix this.
But the same issue should happen with other shell (not tested though).
For example, it ash (busybox) is not the default shell and a user use it to
login, it will be rejected.
So busybox should also add /bin/ash in /etc/shells.
Thoughts?
Best regards,
Romain
>
> Thomas
>
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Buildroot] [PATCH] package/bash: add /bin/bash to /etc/shells
2018-01-12 8:59 ` Thomas Petazzoni
2018-01-12 9:06 ` Romain Naour
@ 2018-01-12 17:35 ` Yann E. MORIN
2018-01-12 20:21 ` Thomas Petazzoni
1 sibling, 1 reply; 9+ messages in thread
From: Yann E. MORIN @ 2018-01-12 17:35 UTC (permalink / raw)
To: buildroot
Thomas, All,
On 2018-01-12 09:59 +0100, Thomas Petazzoni spake thusly:
> On Thu, 11 Jan 2018 18:13:57 +0100, Yann E. MORIN wrote:
> > grep -E '^/bin/bash$' $(TARGET_DIR)/etc/shells >/dev/null 2>&1 \
> grep -q ?
-q is not POSIX. Redirecting is guaranteed to always work.
Regards,
Yann E. MORIN.
--
.-----------------.--------------------.------------------.--------------------.
| Yann E. MORIN | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
| +33 662 376 056 | Software Designer | \ / CAMPAIGN | ___ |
| +33 223 225 172 `------------.-------: X AGAINST | \e/ There is no |
| http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL | v conspiracy. |
'------------------------------^-------^------------------^--------------------'
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Buildroot] [PATCH] package/bash: add /bin/bash to /etc/shells
2018-01-12 9:06 ` Romain Naour
@ 2018-01-12 17:36 ` Yann E. MORIN
0 siblings, 0 replies; 9+ messages in thread
From: Yann E. MORIN @ 2018-01-12 17:36 UTC (permalink / raw)
To: buildroot
Romain, All,
On 2018-01-12 10:06 +0100, Romain Naour spake thusly:
> Le 12/01/2018 ? 09:59, Thomas Petazzoni a ?crit?:
> > On Thu, 11 Jan 2018 18:13:57 +0100, Yann E. MORIN wrote:
> >> I would do:
> >> grep -E '^/bin/bash$' $(TARGET_DIR)/etc/shells >/dev/null 2>&1 \
> Ok, I'll fix this.
> But the same issue should happen with other shell (not tested though).
You are fixing bash with thispatch. Other patches could fix the other
shells. ;-)
Regards,
Yann E. MORIN.
--
.-----------------.--------------------.------------------.--------------------.
| Yann E. MORIN | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
| +33 662 376 056 | Software Designer | \ / CAMPAIGN | ___ |
| +33 223 225 172 `------------.-------: X AGAINST | \e/ There is no |
| http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL | v conspiracy. |
'------------------------------^-------^------------------^--------------------'
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Buildroot] [PATCH] package/bash: add /bin/bash to /etc/shells
2018-01-12 17:35 ` Yann E. MORIN
@ 2018-01-12 20:21 ` Thomas Petazzoni
2018-01-13 11:25 ` Yann E. MORIN
0 siblings, 1 reply; 9+ messages in thread
From: Thomas Petazzoni @ 2018-01-12 20:21 UTC (permalink / raw)
To: buildroot
Hello,
On Fri, 12 Jan 2018 18:35:10 +0100, Yann E. MORIN wrote:
> On 2018-01-12 09:59 +0100, Thomas Petazzoni spake thusly:
> > On Thu, 11 Jan 2018 18:13:57 +0100, Yann E. MORIN wrote:
> > > grep -E '^/bin/bash$' $(TARGET_DIR)/etc/shells >/dev/null 2>&1 \
> > grep -q ?
>
> -q is not POSIX. Redirecting is guaranteed to always work.
Knowing that Buildroot only supports Linux hosts, do we care about -q
not being POSIX ?
Thomas
--
Thomas Petazzoni, CTO, Free Electrons
Embedded Linux and Kernel engineering
http://free-electrons.com
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Buildroot] [PATCH] package/bash: add /bin/bash to /etc/shells
2018-01-12 20:21 ` Thomas Petazzoni
@ 2018-01-13 11:25 ` Yann E. MORIN
2018-01-14 21:39 ` Peter Korsgaard
0 siblings, 1 reply; 9+ messages in thread
From: Yann E. MORIN @ 2018-01-13 11:25 UTC (permalink / raw)
To: buildroot
Thomas, All,
On 2018-01-12 21:21 +0100, Thomas Petazzoni spake thusly:
> On Fri, 12 Jan 2018 18:35:10 +0100, Yann E. MORIN wrote:
> > On 2018-01-12 09:59 +0100, Thomas Petazzoni spake thusly:
> > > On Thu, 11 Jan 2018 18:13:57 +0100, Yann E. MORIN wrote:
> > > > grep -E '^/bin/bash$' $(TARGET_DIR)/etc/shells >/dev/null 2>&1 \
> > > grep -q ?
> >
> > -q is not POSIX. Redirecting is guaranteed to always work.
>
> Knowing that Buildroot only supports Linux hosts, do we care about -q
> not being POSIX ?
Linux host does not mean GNU extensions. For example, Alpine is using
busybox, so not GNU grep...
But I back-pedal on this, it seems that -q has been added to POSIX now:
http://pubs.opengroup.org/onlinepubs/9699919799/utilities/grep.html
Regards,
Yann E. MORIN.
--
.-----------------.--------------------.------------------.--------------------.
| Yann E. MORIN | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
| +33 662 376 056 | Software Designer | \ / CAMPAIGN | ___ |
| +33 223 225 172 `------------.-------: X AGAINST | \e/ There is no |
| http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL | v conspiracy. |
'------------------------------^-------^------------------^--------------------'
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Buildroot] [PATCH] package/bash: add /bin/bash to /etc/shells
2018-01-13 11:25 ` Yann E. MORIN
@ 2018-01-14 21:39 ` Peter Korsgaard
0 siblings, 0 replies; 9+ messages in thread
From: Peter Korsgaard @ 2018-01-14 21:39 UTC (permalink / raw)
To: buildroot
>>>>> "Yann" == Yann E MORIN <yann.morin.1998@free.fr> writes:
> Thomas, All,
> On 2018-01-12 21:21 +0100, Thomas Petazzoni spake thusly:
>> On Fri, 12 Jan 2018 18:35:10 +0100, Yann E. MORIN wrote:
>> > On 2018-01-12 09:59 +0100, Thomas Petazzoni spake thusly:
>> > > On Thu, 11 Jan 2018 18:13:57 +0100, Yann E. MORIN wrote:
>> > > > grep -E '^/bin/bash$' $(TARGET_DIR)/etc/shells >/dev/null 2>&1 \
>> > > grep -q ?
>> >
>> > -q is not POSIX. Redirecting is guaranteed to always work.
>>
>> Knowing that Buildroot only supports Linux hosts, do we care about -q
>> not being POSIX ?
> Linux host does not mean GNU extensions. For example, Alpine is using
> busybox, so not GNU grep...
> But I back-pedal on this, it seems that -q has been added to POSIX now:
> http://pubs.opengroup.org/onlinepubs/9699919799/utilities/grep.html
And busybox grep DOES support -q.
--
Bye, Peter Korsgaard
^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2018-01-14 21:39 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-01-11 10:27 [Buildroot] [PATCH] package/bash: add /bin/bash to /etc/shells Romain Naour
2018-01-11 17:13 ` Yann E. MORIN
2018-01-12 8:59 ` Thomas Petazzoni
2018-01-12 9:06 ` Romain Naour
2018-01-12 17:36 ` Yann E. MORIN
2018-01-12 17:35 ` Yann E. MORIN
2018-01-12 20:21 ` Thomas Petazzoni
2018-01-13 11:25 ` Yann E. MORIN
2018-01-14 21:39 ` Peter Korsgaard
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.