From a60230a9279610fabf213c9f4946b19c703c6fcd Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Wed, 26 May 2010 04:00:49 -0700 Subject: [PATCH] shadow.inc: Append serial devices mentioned in SERIAL_CONSOLE into /etc/securetty * Some serial dev nodes are not part of /etc/securetty. So either we can add them manually or deduce from SERIAL_CONSOLE. this does the later. Tested on qemuarm which used ttyAMA0 for console and it not listed in the securetty list. This authorizes root login on the give named console. Signed-off-by: Khem Raj Acked-by: Chris Larson --- recipes/shadow/shadow.inc | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/recipes/shadow/shadow.inc b/recipes/shadow/shadow.inc index 30bd92f394..460930b22a 100644 --- a/recipes/shadow/shadow.inc +++ b/recipes/shadow/shadow.inc @@ -11,7 +11,9 @@ LICENSE = "BSD" SECTION = "base" DEPENDS += "${@base_contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}" -INC_PR = "r13" +PACKAGE_ARCH_${PN} = "${MACHINE_ARCH}" + +INC_PR = "r14" # Additional Policy files for PAM PAM_SRC_URI = " \ @@ -90,8 +92,15 @@ do_install_append() { mv ${D}${bindir}/login ${D}${base_bindir}/login.${PN} # Ensure we add a suitable securetty file to the package that has most common embedded TTYs defined. + if [ ! -z "${SERIAL_CONSOLE}" ]; then + # our SERIAL_CONSOLE contains baud rate too and sometime -L option as well. + # the following pearl :) takes that and converts it into newline sepated tty's and appends + # them into securetty. So if a machine has a weird looking console device node (e.g. ttyAMA0) that securetty + # does not know then it will get appended to securetty and root login will be allowed on + # that console. + echo "${SERIAL_CONSOLE}" | sed -e 's/[0-9][0-9]\|\-L//g'|tr "[ ]" "[\n]" >> ${WORKDIR}/securetty + fi install -m 0400 ${WORKDIR}/securetty ${D}${sysconfdir}/securetty - } pkg_postinst_${PN} () { -- 2.39.5