summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRobert P. J. Day <rpjday@crashcourse.ca>2014-08-04 13:49:09 +0300
committerRichard Purdie <richard.purdie@linuxfoundation.org>2014-08-12 13:50:30 +0100
commit0467e3addf9485d5844dd2be6696250d777788f2 (patch)
treef19d826d11eaa5d396f12da3d72ba699799f0391
parent93f0d03a8dc0b7071a324495277a4fe6d908b7da (diff)
downloadpoky-0467e3addf9485d5844dd2be6696250d777788f2.tar.gz
dev-manual: Minor edits via patch to "common tasks" chapter.
(From yocto-docs rev: b1516fb6e6d40e7668ca5a4d5804d1a09c7ed6f8) Signed-off-by: Scott Rifenbark <scott.m.rifenbark@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r--documentation/dev-manual/dev-manual-common-tasks.xml24
1 files changed, 14 insertions, 10 deletions
diff --git a/documentation/dev-manual/dev-manual-common-tasks.xml b/documentation/dev-manual/dev-manual-common-tasks.xml
index a373f92090..e5c1649f57 100644
--- a/documentation/dev-manual/dev-manual-common-tasks.xml
+++ b/documentation/dev-manual/dev-manual-common-tasks.xml
@@ -5104,7 +5104,7 @@ Gateways via their Web Interfaces</ulink>"</emphasis>
5104 security problems. 5104 security problems.
5105 </para></listitem> 5105 </para></listitem>
5106 <listitem><para> 5106 <listitem><para>
5107 Pay particular attention to to the security for 5107 Pay particular attention to the security for
5108 any web-based administration interface. 5108 any web-based administration interface.
5109 </para> 5109 </para>
5110 <para>Web interfaces typically need to perform 5110 <para>Web interfaces typically need to perform
@@ -5182,7 +5182,7 @@ Gateways via their Web Interfaces</ulink>"</emphasis>
5182 Use the following line in your 5182 Use the following line in your
5183 <filename>local.conf</filename> file or in your custom 5183 <filename>local.conf</filename> file or in your custom
5184 distribution configuration file to enable the security 5184 distribution configuration file to enable the security
5185 compiler and linker flags to your build: 5185 compiler and linker flags for your build:
5186 <literallayout class='monospaced'> 5186 <literallayout class='monospaced'>
5187 require conf/distro/include/security_flags.inc 5187 require conf/distro/include/security_flags.inc
5188 </literallayout> 5188 </literallayout>
@@ -5197,15 +5197,19 @@ Gateways via their Web Interfaces</ulink>"</emphasis>
5197 OpenEmbedded build system to make your images more secure: 5197 OpenEmbedded build system to make your images more secure:
5198 <itemizedlist> 5198 <itemizedlist>
5199 <listitem><para> 5199 <listitem><para>
5200 Ensure "debug-tweaks" is not listed with 5200 Ensure "debug-tweaks" is not one of your selected
5201 <ulink url='&YOCTO_DOCS_REF_URL;#var-IMAGE_FEATURES'><filename>IMAGE_FEATURES</filename></ulink>. 5201 <ulink url='&YOCTO_DOCS_REF_URL;#var-IMAGE_FEATURES'><filename>IMAGE_FEATURES</filename></ulink>.
5202 The default is to enable "debug-tweaks" by adding it 5202 When creating a new project, the default is to provide you
5203 to 5203 with an initial <filename>local.conf</filename> file that
5204 <ulink url='&YOCTO_DOCS_REF_URL;#var-EXTRA_IMAGE_FEATURES'><filename>EXTRA_IMAGE_FEATURES</filename></ulink> 5204 enables this feature using the
5205 in <filename>local.conf</filename>. 5205 <ulink url='&YOCTO_DOCS_REF_URL;#var-EXTRA_IMAGE_FEATURES'><filename>EXTRA_IMAGE_FEATURES</filename></ulink> variable with the line:
5206 However, you should comment out the variable or be 5206 <literallayout class='monospaced'>
5207 sure that it does not have "debug-tweaks" before 5207 EXTRA_IMAGE_FEATURES = "debug-tweaks"
5208 producing your final image. 5208 </literallayout>
5209 To disable that feature, simply comment out that line in your
5210 <filename>local.conf</filename> file, or
5211 make sure <filename>IMAGE_FEATURES</filename> does not contain
5212 "debug-tweaks" before producing your final image.
5209 Among other things, leaving this in place sets the 5213 Among other things, leaving this in place sets the
5210 root password as blank, which makes logging in for 5214 root password as blank, which makes logging in for
5211 debugging or inspection easy during 5215 debugging or inspection easy during