From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail1.windriver.com (mail1.windriver.com [147.11.146.13]) by mail.openembedded.org (Postfix) with ESMTP id 1D1836FFC8 for ; Wed, 30 Nov 2016 09:27:42 +0000 (UTC) Received: from ALA-HCA.corp.ad.wrs.com (ala-hca.corp.ad.wrs.com [147.11.189.40]) by mail1.windriver.com (8.15.2/8.15.1) with ESMTPS id uAU9Rh15007580 (version=TLSv1 cipher=AES128-SHA bits=128 verify=FAIL) for ; Wed, 30 Nov 2016 01:27:44 -0800 (PST) Received: from [128.224.162.209] (128.224.162.209) by ALA-HCA.corp.ad.wrs.com (147.11.189.50) with Microsoft SMTP Server (TLS) id 14.3.294.0; Wed, 30 Nov 2016 01:27:43 -0800 To: References: <25721f64-19ae-7998-7e64-5e7a165347eb@windriver.com> From: ChenQi Message-ID: Date: Wed, 30 Nov 2016 17:28:47 +0800 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.4.0 MIME-Version: 1.0 In-Reply-To: <25721f64-19ae-7998-7e64-5e7a165347eb@windriver.com> X-Originating-IP: [128.224.162.209] Subject: Re: [PATCH 0/2] fix can't login when debug-tweaks is not in IMAGE_FEATURES X-BeenThere: openembedded-core@lists.openembedded.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Patches and discussions about the oe-core layer List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 30 Nov 2016 09:27:44 -0000 Content-Type: text/plain; charset="windows-1252"; format=flowed Content-Transfer-Encoding: 7bit We could make use of EXTRA_USERS_PARAMS here. More details are in meta/classes/extrausers.bbclass. I haven't tested it myself, but maybe lines below could work: INHERIT += "extrausers" EXTRA_USERS_PARAMS = "\ usermod -p 'root' root; \ " This info could also be found in local.conf.sample.extended. Best Regards, Chen Qi On 11/30/2016 11:15 AM, Robert Yang wrote: > Hello, > > According to the discussions, here are things that we may do, > please feel free to give your comments. > 1) Add an image feature like "production", which will conflict with > debug-tweaks, and check for some common security issues ? > > 2) Add a way like ROOT_PASSWD to let user can set root passwd easily ? > > 3) Do nothing, leave it as the current status. > > // Robert > > On 11/23/2016 03:49 PM, Robert Yang wrote: >> Fixed 2 bugs: >> - Can't login as root when debug-tweaks/empty-root-password is not in >> IMAGE_FEATURES since no passwd. >> - When set root passwd and debug-tweaks/empty-root-password is in >> IMAGE_FEATURES, passwd is *required* to login. >> >> Filed https://bugzilla.yoctoproject.org/show_bug.cgi?id=10710, and >> marked doc changes required as yes. >> >> // Robert >> >> The following changes since commit >> a675b2c89e477af088faee9b3be96eae19a85f0b: >> >> sanity.bbclass: fix logging of an error (2016-11-15 15:18:50 +0000) >> >> are available in the git repository at: >> >> git://git.openembedded.org/openembedded-core-contrib rbt/root >> http://cgit.openembedded.org/cgit.cgi/openembedded-core-contrib/log/?h=rbt/root >> >> Robert Yang (2): >> rootfs-postcommands.bbclass: fix zap_empty_root_password >> base-passwd: set root's default password to 'root' >> >> meta/classes/rootfs-postcommands.bbclass | 8 ++++---- >> .../base-passwd/base-passwd/passwd_master.patch | 16 >> ++++++++++++++++ >> meta/recipes-core/base-passwd/base-passwd_3.5.29.bb | 1 + >> 3 files changed, 21 insertions(+), 4 deletions(-) >> create mode 100644 >> meta/recipes-core/base-passwd/base-passwd/passwd_master.patch >>