summaryrefslogtreecommitdiff
path: root/meta/classes
diff options
context:
space:
mode:
authorAlexander Kanavin <alexander.kanavin@linux.intel.com>2015-09-30 15:53:15 +0300
committerRichard Purdie <richard.purdie@linuxfoundation.org>2015-10-01 07:40:36 +0100
commit8aa5c66a29c1394e0418e94bdd49e5b268ffc790 (patch)
tree5436e9fb834b0018b0a14cbdc8be2420eb139f21 /meta/classes
parent21bad4c807acd4c596fcca8afeab737161fbbb39 (diff)
downloadopenembedded-core-8aa5c66a29c1394e0418e94bdd49e5b268ffc790.tar.gz
openembedded-core-8aa5c66a29c1394e0418e94bdd49e5b268ffc790.tar.bz2
openembedded-core-8aa5c66a29c1394e0418e94bdd49e5b268ffc790.zip
image.bbclass: when building a readonly rootfs, tweak ssh settings regardless of init system in use
Previously it was done only if sysvinit was in DISTRO_FEATURES. Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/classes')
-rw-r--r--meta/classes/image.bbclass24
1 files changed, 12 insertions, 12 deletions
diff --git a/meta/classes/image.bbclass b/meta/classes/image.bbclass
index 7e6822cac5..9fbdce583c 100644
--- a/meta/classes/image.bbclass
+++ b/meta/classes/image.bbclass
@@ -239,6 +239,18 @@ read_only_rootfs_hook () {
# Tweak the mount option and fs_passno for rootfs in fstab
sed -i -e '/^[#[:space:]]*\/dev\/root/{s/defaults/ro/;s/\([[:space:]]*[[:digit:]]\)\([[:space:]]*\)[[:digit:]]$/\1\20/}' ${IMAGE_ROOTFS}/etc/fstab
+ # If we're using openssh and the /etc/ssh directory has no pre-generated keys,
+ # we should configure openssh to use the configuration file /etc/ssh/sshd_config_readonly
+ # and the keys under /var/run/ssh.
+ if [ -d ${IMAGE_ROOTFS}/etc/ssh ]; then
+ if [ -e ${IMAGE_ROOTFS}/etc/ssh/ssh_host_rsa_key ]; then
+ echo "SYSCONFDIR=/etc/ssh" >> ${IMAGE_ROOTFS}/etc/default/ssh
+ echo "SSHD_OPTS=" >> ${IMAGE_ROOTFS}/etc/default/ssh
+ else
+ echo "SYSCONFDIR=/var/run/ssh" >> ${IMAGE_ROOTFS}/etc/default/ssh
+ echo "SSHD_OPTS='-f /etc/ssh/sshd_config_readonly'" >> ${IMAGE_ROOTFS}/etc/default/ssh
+ fi
+ fi
if ${@bb.utils.contains("DISTRO_FEATURES", "sysvinit", "true", "false", d)}; then
# Change the value of ROOTFS_READ_ONLY in /etc/default/rcS to yes
if [ -e ${IMAGE_ROOTFS}/etc/default/rcS ]; then
@@ -249,18 +261,6 @@ read_only_rootfs_hook () {
if [ -x ${IMAGE_ROOTFS}/etc/init.d/populate-volatile.sh ]; then
${IMAGE_ROOTFS}/etc/init.d/populate-volatile.sh
fi
- # If we're using openssh and the /etc/ssh directory has no pre-generated keys,
- # we should configure openssh to use the configuration file /etc/ssh/sshd_config_readonly
- # and the keys under /var/run/ssh.
- if [ -d ${IMAGE_ROOTFS}/etc/ssh ]; then
- if [ -e ${IMAGE_ROOTFS}/etc/ssh/ssh_host_rsa_key ]; then
- echo "SYSCONFDIR=/etc/ssh" >> ${IMAGE_ROOTFS}/etc/default/ssh
- echo "SSHD_OPTS=" >> ${IMAGE_ROOTFS}/etc/default/ssh
- else
- echo "SYSCONFDIR=/var/run/ssh" >> ${IMAGE_ROOTFS}/etc/default/ssh
- echo "SSHD_OPTS='-f /etc/ssh/sshd_config_readonly'" >> ${IMAGE_ROOTFS}/etc/default/ssh
- fi
- fi
fi
if ${@bb.utils.contains("DISTRO_FEATURES", "systemd", "true", "false", d)}; then