summaryrefslogtreecommitdiffstats
path: root/documentation/dev-manual
diff options
context:
space:
mode:
authorScott Rifenbark <scott.m.rifenbark@intel.com>2014-05-29 10:36:42 +0300
committerRichard Purdie <richard.purdie@linuxfoundation.org>2014-05-30 16:32:16 +0100
commit57bd61eabb5e6c7de5b47f78e4aeadac252f38f3 (patch)
tree315dcd642aea1ab2de1756f89c9ca66876aee8fe /documentation/dev-manual
parentbd5973e7875162e6d2dce5e29ff3e9bb8f0f6190 (diff)
downloadpoky-57bd61eabb5e6c7de5b47f78e4aeadac252f38f3.tar.gz
ref-manual: Edits to the "Making Images More Secure" section.
Fixes [YOCTO #5482] I added some key references to the section on considerations specific to the OpenEmbedded build system. In particular, I provided some cross-linking back to the extrausers.bbclass section to reference an example of adding a user account. I also split out the topics of adding an extra user and setting a password on the image in the bulleted list. (From yocto-docs rev: 19dcd70b9b5aba1bd5e7ce090d5449afcef726bf) Signed-off-by: Scott Rifenbark <scott.m.rifenbark@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'documentation/dev-manual')
-rw-r--r--documentation/dev-manual/dev-manual-common-tasks.xml22
1 files changed, 16 insertions, 6 deletions
diff --git a/documentation/dev-manual/dev-manual-common-tasks.xml b/documentation/dev-manual/dev-manual-common-tasks.xml
index d9fb9e2f4a..89437f7764 100644
--- a/documentation/dev-manual/dev-manual-common-tasks.xml
+++ b/documentation/dev-manual/dev-manual-common-tasks.xml
@@ -3967,16 +3967,26 @@
3967 producing your final image. 3967 producing your final image.
3968 Among other things, leaving this in place sets the 3968 Among other things, leaving this in place sets the
3969 root password as blank. 3969 root password as blank.
3970 </para></listitem> 3970 </para></listitem>
3971 <listitem><para>
3972 It is possible to set a root password for the image.
3973 For information on how to do that, see the
3974 <ulink url='https://wiki.yoctoproject.org/wiki/FAQ:How_do_I_set_or_change_the_root_password'>How do I set or change the root password</ulink>
3975 Wiki page.
3976 </para></listitem>
3971 <listitem><para> 3977 <listitem><para>
3972 It is possible to set a root password or to add 3978 It is possible to add an additional user account
3973 some additional user account for later administrative 3979 for later administrative or service access using the
3974 or service access using the
3975 <ulink url='&YOCTO_DOCS_REF_URL;#ref-classes-extrausers'><filename>extrausers</filename></ulink> 3980 <ulink url='&YOCTO_DOCS_REF_URL;#ref-classes-extrausers'><filename>extrausers</filename></ulink>
3976 class or the 3981 class or the
3977 <ulink url='&YOCTO_DOCS_REF_URL;#var-ROOTFS_POSTPROCESS_COMMAND'><filename>ROOTFS_POSTPROCESS_COMMAND</filename></ulink> 3982 <ulink url='&YOCTO_DOCS_REF_URL;#var-ROOTFS_POSTPROCESS_COMMAND'><filename>ROOTFS_POSTPROCESS_COMMAND</filename></ulink>
3978 variable. 3983 variable.
3979 If you do this, be cautious about setting 3984 For an example on how to add users, see the
3985 "<ulink url='&YOCTO_DOCS_REF_URL;#ref-classes-extrausers'><filename>extrausers.bbclass</filename></ulink>"
3986 section.
3987 </para>
3988 <para>If you do add extra user accounts,
3989 be cautious about setting
3980 the same password for every device. 3990 the same password for every device.
3981 If you want the device to remain secure 3991 If you want the device to remain secure
3982 from unauthorized access, and the password set on 3992 from unauthorized access, and the password set on
@@ -3985,7 +3995,7 @@
3985 If you need this access but want to ensure security, 3995 If you need this access but want to ensure security,
3986 consider setting a different, random password for each 3996 consider setting a different, random password for each
3987 device. 3997 device.
3988 </para></listitem> 3998 </para></listitem>
3989 </itemizedlist> 3999 </itemizedlist>
3990 </para> 4000 </para>
3991 </section> 4001 </section>