3 files changed, 297 insertions, 0 deletions
diff --git a/recipes-containers/lxc/files/lxc-busybox-add-OpenSSH-support.patch b/recipes-containers/lxc/files/lxc-busybox-add-OpenSSH-support.patch
new file mode 100644
index 00000000..f2f332cb
--- /dev/null
+++ b/recipes-containers/lxc/files/lxc-busybox-add-OpenSSH-support.patch
@@ -0,0 +1,246 @@
+From ed52814c776963efdcc9dcda1ec26fc09930ef93 Mon Sep 17 00:00:00 2001
+From: Bogdan Purcareata <bogdan.purcareata@freescale.com>
+Date: Wed, 22 Apr 2015 14:53:32 +0000
+Subject: [PATCH] lxc-busybox: add OpenSSH support
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+Add an additional template parameter for SSH support in the container. Currently
+this can be implemented using the Dropbear or OpenSSH utility. The respective
+tool needs to be available on the host Linux.
+If the parameter is omitted, the template will look for the Dropbear utility on
+the host and install it if it is available (legacy behavior).
+Adding OpenSSH support has been done following the model in the lxc-sshd
+template.
+Upstream-status: Accepted
+[https://github.com/lxc/lxc/commit/ed52814c776963efdcc9dcda1ec26fc09930ef93]
+Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
+Acked-by: Stéphane Graber <stgraber@ubuntu.com>
+---
+ templates/lxc-busybox.in | 169 ++++++++++++++++++++++++++++++++++++++---------
+ 1 file changed, 139 insertions(+), 30 deletions(-)
+diff --git a/templates/lxc-busybox.in b/templates/lxc-busybox.in
+index 7e05bd6..95961a3 100644
+--- a/templates/lxc-busybox.in
+++ b/templates/lxc-busybox.in
+@@ -22,6 +22,7 @@
+ 
+ LXC_MAPPED_UID=
+ LXC_MAPPED_GID=
+SSH=
+ 
+ # Make sure the usual locations are in PATH
+ export PATH=$PATH:/usr/sbin:/usr/bin:/sbin:/bin
+@@ -160,6 +161,116 @@ EOF
+     return $res
+ }
+ 
+install_dropbear()
+{
+    # copy dropbear binary
+    cp $(which dropbear) $rootfs/usr/sbin
+    if [ $? -ne 0 ]; then
+        echo "Failed to copy dropbear in the rootfs"
+        return 1
+    fi
+
+    # make symlinks to various ssh utilities
+    utils="\
+        $rootfs/usr/bin/dbclient \
+        $rootfs/usr/bin/scp \
+        $rootfs/usr/bin/ssh \
+        $rootfs/usr/sbin/dropbearkey \
+        $rootfs/usr/sbin/dropbearconvert \
+    "
+    echo $utils | xargs -n1 ln -s /usr/sbin/dropbear
+
+    # add necessary config files
+    mkdir $rootfs/etc/dropbear
+    dropbearkey -t rsa -f $rootfs/etc/dropbear/dropbear_rsa_host_key > /dev/null 2>&1
+    dropbearkey -t dss -f $rootfs/etc/dropbear/dropbear_dss_host_key > /dev/null 2>&1
+
+    echo "'dropbear' ssh utility installed"
+
+    return 0
+}
+
+install_openssh()
+{
+    # tools to be installed
+    server_utils="sshd"
+    client_utils="\
+        ssh \
+        scp \
+        sftp \
+        ssh-add \
+        ssh-agent \
+        ssh-keygen \
+        ssh-keyscan \
+        ssh-argv0 \
+        ssh-copy-id \
+        "
+
+    # new folders used by ssh
+    ssh_tree="\
+$rootfs/etc/ssh \
+$rootfs/var/empty/sshd \
+$rootfs/var/lib/empty/sshd \
+$rootfs/var/run/sshd \
+"
+
+    # create folder structure
+    mkdir -p $ssh_tree
+    if [ $? -ne 0 ]; then
+        return 1
+    fi
+
+    # copy binaries
+    for bin in $server_utils $client_utils; do
+        tool_path=`which $bin`
+        cp $tool_path $rootfs/$tool_path
+        if [ $? -ne 0 ]; then
+            echo "Unable to copy $tool_path in the rootfs"
+            return 1
+        fi
+    done
+
+    # add user and group
+    cat <<EOF >> $rootfs/etc/passwd
+sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
+EOF
+
+    cat <<EOF >> $rootfs/etc/group
+sshd:x:74:
+EOF
+
+    # generate container keys
+    ssh-keygen -t rsa -N "" -f $rootfs/etc/ssh/ssh_host_rsa_key >/dev/null 2>&1
+    ssh-keygen -t dsa -N "" -f $rootfs/etc/ssh/ssh_host_dsa_key >/dev/null 2>&1
+
+    # by default setup root password with no password
+    cat <<EOF > $rootfs/etc/ssh/sshd_config
+Port 22
+Protocol 2
+HostKey /etc/ssh/ssh_host_rsa_key
+HostKey /etc/ssh/ssh_host_dsa_key
+UsePrivilegeSeparation yes
+KeyRegenerationInterval 3600
+ServerKeyBits 768
+SyslogFacility AUTH
+LogLevel INFO
+LoginGraceTime 120
+PermitRootLogin yes
+StrictModes yes
+RSAAuthentication yes
+PubkeyAuthentication yes
+IgnoreRhosts yes
+RhostsRSAAuthentication no
+HostbasedAuthentication no
+PermitEmptyPasswords yes
+ChallengeResponseAuthentication no
+EOF
+
+    echo "'OpenSSH' utility installed"
+
+    return 0
+}
+
+ configure_busybox()
+ {
+     rootfs=$1
+@@ -230,34 +341,6 @@ EOF
+     lxc-unshare -s MOUNT -- /bin/sh < $CHPASSWD_FILE
+     rm $CHPASSWD_FILE
+ 
+-    # add ssh functionality if dropbear package available on host
+-    which dropbear >/dev/null 2>&1
+-    if [ $? -eq 0 ]; then
+-        # copy dropbear binary
+-        cp $(which dropbear) $rootfs/usr/sbin
+-        if [ $? -ne 0 ]; then
+-            echo "Failed to copy dropbear in the rootfs"
+-            return 1
+-        fi
+-
+-        # make symlinks to various ssh utilities
+-        utils="\
+-            $rootfs/usr/bin/dbclient \
+-            $rootfs/usr/bin/scp \
+-            $rootfs/usr/bin/ssh \
+-            $rootfs/usr/sbin/dropbearkey \
+-            $rootfs/usr/sbin/dropbearconvert \
+-        "
+-        echo $utils | xargs -n1 ln -s /usr/sbin/dropbear
+-
+-        # add necessary config files
+-        mkdir $rootfs/etc/dropbear
+-        dropbearkey -t rsa -f $rootfs/etc/dropbear/dropbear_rsa_host_key > /dev/null 2>&1
+-        dropbearkey -t dss -f $rootfs/etc/dropbear/dropbear_dss_host_key > /dev/null 2>&1
+-
+-        echo "'dropbear' ssh utility installed"
+-    fi
+-
+     return 0
+ }
+ 
+@@ -315,12 +398,12 @@ remap_userns()
+ usage()
+ {
+     cat <<EOF
+-$1 -h|--help -p|--path=<path>
+$1 -h|--help -p|--path=<path> -s|--ssh={dropbear,openssh}
+ EOF
+     return 0
+ }
+ 
+-options=$(getopt -o hp:n: -l help,rootfs:,path:,name:,mapped-uid:,mapped-gid: -- "$@")
+options=$(getopt -o hp:n:s: -l help,rootfs:,path:,name:,mapped-uid:,mapped-gid:,ssh: -- "$@")
+ if [ $? -ne 0 ]; then
+     usage $(basename $0)
+     exit 1
+@@ -336,6 +419,7 @@ do
+         -n|--name)      name=$2; shift 2;;
+         --mapped-uid)   LXC_MAPPED_UID=$2; shift 2;;
+         --mapped-gid)   LXC_MAPPED_GID=$2; shift 2;;
+        -s|--ssh)       SSH=$2; shift 2;;
+         --)             shift 1; break ;;
+         *)              break ;;
+     esac
+@@ -384,3 +468,28 @@ if [ $? -ne 0 ]; then
+     echo "failed to remap files to user"
+     exit 1
+ fi
+
+if [ -n "$SSH" ]; then
+    case "$SSH" in
+        "dropbear")
+            install_dropbear
+            if [ $? -ne 0 ]; then
+                echo "Unable to install 'dropbear' ssh utility"
+                exit 1
+            fi ;;
+        "openssh")
+            install_openssh
+            if [ $? -ne 0 ]; then
+                echo "Unable to install 'OpenSSH' utility"
+                exit 1
+            fi ;;
+        *)
+            echo "$SSH: unrecognized ssh utility"
+            exit 1
+    esac
+else
+    which dropbear >/dev/null 2>&1
+    if [ $? -eq 0 ]; then
+        install_dropbear
+    fi
+fi
+-- 
+2.1.4
diff --git a/recipes-containers/lxc/files/make-some-OpenSSH-tools-optional.patch b/recipes-containers/lxc/files/make-some-OpenSSH-tools-optional.patch
new file mode 100644
index 00000000..2d287885
--- /dev/null
+++ b/recipes-containers/lxc/files/make-some-OpenSSH-tools-optional.patch
@@ -0,0 +1,49 @@
+From 34be0d3cd8c4eaca9929470bc8bce5e74975bccf Mon Sep 17 00:00:00 2001
+From: Bogdan Purcareata <bogdan.purcareata@freescale.com>
+Date: Thu, 23 Apr 2015 08:33:00 +0000
+Subject: [PATCH] lxc-busybox: make some OpenSSH tools optional
+Currently, when installing OpenSSH in a Busybox container, the template searches
+for all the OpenSSH client binaries available in the Debian distro package. The
+included tools might differ from distro to distro, so make part of the tools
+optional. The mandatory tools, without which installing OpenSSH fails, are
+"sshd" for the server and "ssh" and "scp" for the client.
+Upstream-Status: Submitted
+[https://lists.linuxcontainers.org/pipermail/lxc-devel/2015-April/011696.html]
+Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
+---
+ templates/lxc-busybox.in | 9 +++++++++
+ 1 file changed, 9 insertions(+)
+diff --git a/templates/lxc-busybox.in b/templates/lxc-busybox.in
+index 95961a3..17a3006 100644
+--- a/templates/lxc-busybox.in
+++ b/templates/lxc-busybox.in
+@@ -197,6 +197,8 @@ install_openssh()
+     client_utils="\
+         ssh \
+         scp \
+        "
+    client_optional_utils="\
+         sftp \
+         ssh-add \
+         ssh-agent \
+@@ -230,6 +232,13 @@ $rootfs/var/run/sshd \
+         fi
+     done
+ 
+    for bin in $client_optional_utils; do
+        tool_path=`which $bin`
+        if [ $? -eq 0 ]; then
+            cp $tool_path $rootfs/$tool_path
+        fi
+    done
+
+     # add user and group
+     cat <<EOF >> $rootfs/etc/passwd
+ sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
+-- 
+2.1.4
diff --git a/recipes-containers/lxc/lxc_1.0.7.bb b/recipes-containers/lxc/lxc_1.0.7.bb
index 0da1e37f..f79ba762 100644
--- a/recipes-containers/lxc/lxc_1.0.7.bb
+++ b/recipes-containers/lxc/lxc_1.0.7.bb
@@ -32,6 +32,8 @@ SRC_URI = "http://linuxcontainers.org/downloads/${BPN}-${PV}.tar.gz \
        file://lxc-busybox-use-lxc.rebootsignal-SIGTERM.patch \
        file://ppc-add-seccomp-support-for-lxc.patch \
        file://lxc-fix-B-S.patch \
+        file://lxc-busybox-add-OpenSSH-support.patch \
+        file://make-some-OpenSSH-tools-optional.patch \
        "
 SRC_URI[md5sum] = "b48f468a9bef0e4e140dd723f0a65ad0"

diff --git a/recipes-containers/lxc/files/lxc-busybox-add-OpenSSH-support.patch b/recipes-containers/lxc/files/lxc-busybox-add-OpenSSH-support.patch new file mode 100644 index 00000000..f2f332cb --- /dev/null +++ b/recipes-containers/lxc/files/lxc-busybox-add-OpenSSH-support.patch
@@ -0,0 +1,246 @@
		1	From ed52814c776963efdcc9dcda1ec26fc09930ef93 Mon Sep 17 00:00:00 2001
		2	From: Bogdan Purcareata <bogdan.purcareata@freescale.com>
		3	Date: Wed, 22 Apr 2015 14:53:32 +0000
		4	Subject: [PATCH] lxc-busybox: add OpenSSH support
		5	MIME-Version: 1.0
		6	Content-Type: text/plain; charset=UTF-8
		7	Content-Transfer-Encoding: 8bit
		8
		9	Add an additional template parameter for SSH support in the container. Currently
		10	this can be implemented using the Dropbear or OpenSSH utility. The respective
		11	tool needs to be available on the host Linux.
		12
		13	If the parameter is omitted, the template will look for the Dropbear utility on
		14	the host and install it if it is available (legacy behavior).
		15
		16	Adding OpenSSH support has been done following the model in the lxc-sshd
		17	template.
		18
		19	Upstream-status: Accepted
		20	[https://github.com/lxc/lxc/commit/ed52814c776963efdcc9dcda1ec26fc09930ef93]
		21
		22	Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
		23	Acked-by: Stéphane Graber <stgraber@ubuntu.com>
		24	---
		25	templates/lxc-busybox.in \| 169 ++++++++++++++++++++++++++++++++++++++---------
		26	1 file changed, 139 insertions(+), 30 deletions(-)
		27
		28	diff --git a/templates/lxc-busybox.in b/templates/lxc-busybox.in
		29	index 7e05bd6..95961a3 100644
		30	--- a/templates/lxc-busybox.in
		31	+++ b/templates/lxc-busybox.in
		32	@@ -22,6 +22,7 @@
		33
		34	LXC_MAPPED_UID=
		35	LXC_MAPPED_GID=
		36	+SSH=
		37
		38	# Make sure the usual locations are in PATH
		39	export PATH=$PATH:/usr/sbin:/usr/bin:/sbin:/bin
		40	@@ -160,6 +161,116 @@ EOF
		41	return $res
		42	}
		43
		44	+install_dropbear()
		45	+{
		46	+ # copy dropbear binary
		47	+ cp $(which dropbear) $rootfs/usr/sbin
		48	+ if [ $? -ne 0 ]; then
		49	+ echo "Failed to copy dropbear in the rootfs"
		50	+ return 1
		51	+ fi
		52	+
		53	+ # make symlinks to various ssh utilities
		54	+ utils="\
		55	+ $rootfs/usr/bin/dbclient \
		56	+ $rootfs/usr/bin/scp \
		57	+ $rootfs/usr/bin/ssh \
		58	+ $rootfs/usr/sbin/dropbearkey \
		59	+ $rootfs/usr/sbin/dropbearconvert \
		60	+ "
		61	+ echo $utils \| xargs -n1 ln -s /usr/sbin/dropbear
		62	+
		63	+ # add necessary config files
		64	+ mkdir $rootfs/etc/dropbear
		65	+ dropbearkey -t rsa -f $rootfs/etc/dropbear/dropbear_rsa_host_key > /dev/null 2>&1
		66	+ dropbearkey -t dss -f $rootfs/etc/dropbear/dropbear_dss_host_key > /dev/null 2>&1
		67	+
		68	+ echo "'dropbear' ssh utility installed"
		69	+
		70	+ return 0
		71	+}
		72	+
		73	+install_openssh()
		74	+{
		75	+ # tools to be installed
		76	+ server_utils="sshd"
		77	+ client_utils="\
		78	+ ssh \
		79	+ scp \
		80	+ sftp \
		81	+ ssh-add \
		82	+ ssh-agent \
		83	+ ssh-keygen \
		84	+ ssh-keyscan \
		85	+ ssh-argv0 \
		86	+ ssh-copy-id \
		87	+ "
		88	+
		89	+ # new folders used by ssh
		90	+ ssh_tree="\
		91	+$rootfs/etc/ssh \
		92	+$rootfs/var/empty/sshd \
		93	+$rootfs/var/lib/empty/sshd \
		94	+$rootfs/var/run/sshd \
		95	+"
		96	+
		97	+ # create folder structure
		98	+ mkdir -p $ssh_tree
		99	+ if [ $? -ne 0 ]; then
		100	+ return 1
		101	+ fi
		102	+
		103	+ # copy binaries
		104	+ for bin in $server_utils $client_utils; do
		105	+ tool_path=`which $bin`
		106	+ cp $tool_path $rootfs/$tool_path
		107	+ if [ $? -ne 0 ]; then
		108	+ echo "Unable to copy $tool_path in the rootfs"
		109	+ return 1
		110	+ fi
		111	+ done
		112	+
		113	+ # add user and group
		114	+ cat <<EOF >> $rootfs/etc/passwd
		115	+sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
		116	+EOF
		117	+
		118	+ cat <<EOF >> $rootfs/etc/group
		119	+sshd:x:74:
		120	+EOF
		121	+
		122	+ # generate container keys
		123	+ ssh-keygen -t rsa -N "" -f $rootfs/etc/ssh/ssh_host_rsa_key >/dev/null 2>&1
		124	+ ssh-keygen -t dsa -N "" -f $rootfs/etc/ssh/ssh_host_dsa_key >/dev/null 2>&1
		125	+
		126	+ # by default setup root password with no password
		127	+ cat <<EOF > $rootfs/etc/ssh/sshd_config
		128	+Port 22
		129	+Protocol 2
		130	+HostKey /etc/ssh/ssh_host_rsa_key
		131	+HostKey /etc/ssh/ssh_host_dsa_key
		132	+UsePrivilegeSeparation yes
		133	+KeyRegenerationInterval 3600
		134	+ServerKeyBits 768
		135	+SyslogFacility AUTH
		136	+LogLevel INFO
		137	+LoginGraceTime 120
		138	+PermitRootLogin yes
		139	+StrictModes yes
		140	+RSAAuthentication yes
		141	+PubkeyAuthentication yes
		142	+IgnoreRhosts yes
		143	+RhostsRSAAuthentication no
		144	+HostbasedAuthentication no
		145	+PermitEmptyPasswords yes
		146	+ChallengeResponseAuthentication no
		147	+EOF
		148	+
		149	+ echo "'OpenSSH' utility installed"
		150	+
		151	+ return 0
		152	+}
		153	+
		154	configure_busybox()
		155	{
		156	rootfs=$1
		157	@@ -230,34 +341,6 @@ EOF
		158	lxc-unshare -s MOUNT -- /bin/sh < $CHPASSWD_FILE
		159	rm $CHPASSWD_FILE
		160
		161	- # add ssh functionality if dropbear package available on host
		162	- which dropbear >/dev/null 2>&1
		163	- if [ $? -eq 0 ]; then
		164	- # copy dropbear binary
		165	- cp $(which dropbear) $rootfs/usr/sbin
		166	- if [ $? -ne 0 ]; then
		167	- echo "Failed to copy dropbear in the rootfs"
		168	- return 1
		169	- fi
		170	-
		171	- # make symlinks to various ssh utilities
		172	- utils="\
		173	- $rootfs/usr/bin/dbclient \
		174	- $rootfs/usr/bin/scp \
		175	- $rootfs/usr/bin/ssh \
		176	- $rootfs/usr/sbin/dropbearkey \
		177	- $rootfs/usr/sbin/dropbearconvert \
		178	- "
		179	- echo $utils \| xargs -n1 ln -s /usr/sbin/dropbear
		180	-
		181	- # add necessary config files
		182	- mkdir $rootfs/etc/dropbear
		183	- dropbearkey -t rsa -f $rootfs/etc/dropbear/dropbear_rsa_host_key > /dev/null 2>&1
		184	- dropbearkey -t dss -f $rootfs/etc/dropbear/dropbear_dss_host_key > /dev/null 2>&1
		185	-
		186	- echo "'dropbear' ssh utility installed"
		187	- fi
		188	-
		189	return 0
		190	}
		191
		192	@@ -315,12 +398,12 @@ remap_userns()
		193	usage()
		194	{
		195	cat <<EOF
		196	-$1 -h\|--help -p\|--path=<path>
		197	+$1 -h\|--help -p\|--path=<path> -s\|--ssh={dropbear,openssh}
		198	EOF
		199	return 0
		200	}
		201
		202	-options=$(getopt -o hp:n: -l help,rootfs:,path:,name:,mapped-uid:,mapped-gid: -- "$@")
		203	+options=$(getopt -o hp:n:s: -l help,rootfs:,path:,name:,mapped-uid:,mapped-gid:,ssh: -- "$@")
		204	if [ $? -ne 0 ]; then
		205	usage $(basename $0)
		206	exit 1
		207	@@ -336,6 +419,7 @@ do
		208	-n\|--name) name=$2; shift 2;;
		209	--mapped-uid) LXC_MAPPED_UID=$2; shift 2;;
		210	--mapped-gid) LXC_MAPPED_GID=$2; shift 2;;
		211	+ -s\|--ssh) SSH=$2; shift 2;;
		212	--) shift 1; break ;;
		213	*) break ;;
		214	esac
		215	@@ -384,3 +468,28 @@ if [ $? -ne 0 ]; then
		216	echo "failed to remap files to user"
		217	exit 1
		218	fi
		219	+
		220	+if [ -n "$SSH" ]; then
		221	+ case "$SSH" in
		222	+ "dropbear")
		223	+ install_dropbear
		224	+ if [ $? -ne 0 ]; then
		225	+ echo "Unable to install 'dropbear' ssh utility"
		226	+ exit 1
		227	+ fi ;;
		228	+ "openssh")
		229	+ install_openssh
		230	+ if [ $? -ne 0 ]; then
		231	+ echo "Unable to install 'OpenSSH' utility"
		232	+ exit 1
		233	+ fi ;;
		234	+ *)
		235	+ echo "$SSH: unrecognized ssh utility"
		236	+ exit 1
		237	+ esac
		238	+else
		239	+ which dropbear >/dev/null 2>&1
		240	+ if [ $? -eq 0 ]; then
		241	+ install_dropbear
		242	+ fi
		243	+fi
		244	--
		245	2.1.4
		246


diff --git a/recipes-containers/lxc/files/make-some-OpenSSH-tools-optional.patch b/recipes-containers/lxc/files/make-some-OpenSSH-tools-optional.patch new file mode 100644 index 00000000..2d287885 --- /dev/null +++ b/recipes-containers/lxc/files/make-some-OpenSSH-tools-optional.patch
@@ -0,0 +1,49 @@
		1	From 34be0d3cd8c4eaca9929470bc8bce5e74975bccf Mon Sep 17 00:00:00 2001
		2	From: Bogdan Purcareata <bogdan.purcareata@freescale.com>
		3	Date: Thu, 23 Apr 2015 08:33:00 +0000
		4	Subject: [PATCH] lxc-busybox: make some OpenSSH tools optional
		5
		6	Currently, when installing OpenSSH in a Busybox container, the template searches
		7	for all the OpenSSH client binaries available in the Debian distro package. The
		8	included tools might differ from distro to distro, so make part of the tools
		9	optional. The mandatory tools, without which installing OpenSSH fails, are
		10	"sshd" for the server and "ssh" and "scp" for the client.
		11
		12	Upstream-Status: Submitted
		13	[https://lists.linuxcontainers.org/pipermail/lxc-devel/2015-April/011696.html]
		14
		15	Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
		16	---
		17	templates/lxc-busybox.in \| 9 +++++++++
		18	1 file changed, 9 insertions(+)
		19
		20	diff --git a/templates/lxc-busybox.in b/templates/lxc-busybox.in
		21	index 95961a3..17a3006 100644
		22	--- a/templates/lxc-busybox.in
		23	+++ b/templates/lxc-busybox.in
		24	@@ -197,6 +197,8 @@ install_openssh()
		25	client_utils="\
		26	ssh \
		27	scp \
		28	+ "
		29	+ client_optional_utils="\
		30	sftp \
		31	ssh-add \
		32	ssh-agent \
		33	@@ -230,6 +232,13 @@ $rootfs/var/run/sshd \
		34	fi
		35	done
		36
		37	+ for bin in $client_optional_utils; do
		38	+ tool_path=`which $bin`
		39	+ if [ $? -eq 0 ]; then
		40	+ cp $tool_path $rootfs/$tool_path
		41	+ fi
		42	+ done
		43	+
		44	# add user and group
		45	cat <<EOF >> $rootfs/etc/passwd
		46	sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
		47	--
		48	2.1.4
		49


diff --git a/recipes-containers/lxc/lxc_1.0.7.bb b/recipes-containers/lxc/lxc_1.0.7.bb index 0da1e37f..f79ba762 100644 --- a/recipes-containers/lxc/lxc_1.0.7.bb +++ b/recipes-containers/lxc/lxc_1.0.7.bb
@@ -32,6 +32,8 @@ SRC_URI = "http://linuxcontainers.org/downloads/${BPN}-${PV}.tar.gz \
32	file://lxc-busybox-use-lxc.rebootsignal-SIGTERM.patch \	32	file://lxc-busybox-use-lxc.rebootsignal-SIGTERM.patch \
33	file://ppc-add-seccomp-support-for-lxc.patch \	33	file://ppc-add-seccomp-support-for-lxc.patch \
34	file://lxc-fix-B-S.patch \	34	file://lxc-fix-B-S.patch \
		35	file://lxc-busybox-add-OpenSSH-support.patch \
		36	file://make-some-OpenSSH-tools-optional.patch \
35	"	37	"
36		38
37	SRC_URI[md5sum] = "b48f468a9bef0e4e140dd723f0a65ad0"	39	SRC_URI[md5sum] = "b48f468a9bef0e4e140dd723f0a65ad0"