diff options
| author | Andre McCurdy <armccurdy@gmail.com> | 2018-05-30 17:16:47 -0700 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2018-06-04 15:15:00 +0100 |
| commit | 762a3f229c42b734160334fb462beaf576353a58 (patch) | |
| tree | 31c6b434e2bacf748e3a98f3cd4e9be818d8fcf5 /meta/recipes-core/dropbear | |
| parent | b7f6638962b0348ae93c1d5a7696c80e2b7933ed (diff) | |
| download | poky-762a3f229c42b734160334fb462beaf576353a58.tar.gz | |
dropbear: drop run time detection of read-only rootfs
Previously, when dropbear was started via its init script, relocation
of DROPBEAR_RSAKEY_DIR to support read-only rootfs was handled at
run time from within the init script.
Update the init script to take advantage of the read-only rootfs
config setup by read_only_rootfs_hook() and therefore be consistent
with startup under systemd (where relocation of DROPBEAR_RSAKEY_DIR
is handled by the read_only_rootfs_hook() at build time).
(From OE-Core rev: 4990f87b2f6a8b30c8d1c767636e7f5527f595ba)
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-core/dropbear')
| -rwxr-xr-x | meta/recipes-core/dropbear/dropbear/init | 26 |
1 files changed, 8 insertions, 18 deletions
diff --git a/meta/recipes-core/dropbear/dropbear/init b/meta/recipes-core/dropbear/dropbear/init index f6e1c462fa..ffab7a2362 100755 --- a/meta/recipes-core/dropbear/dropbear/init +++ b/meta/recipes-core/dropbear/dropbear/init | |||
| @@ -17,8 +17,11 @@ NAME=dropbear | |||
| 17 | DESC="Dropbear SSH server" | 17 | DESC="Dropbear SSH server" |
| 18 | PIDFILE=/var/run/dropbear.pid | 18 | PIDFILE=/var/run/dropbear.pid |
| 19 | 19 | ||
| 20 | # These values may be replaced by those from /etc/default/dropbear | ||
| 21 | DROPBEAR_RSAKEY_DIR="/etc/dropbear" | ||
| 20 | DROPBEAR_PORT=22 | 22 | DROPBEAR_PORT=22 |
| 21 | DROPBEAR_EXTRA_ARGS= | 23 | DROPBEAR_EXTRA_ARGS= |
| 24 | DROPBEAR_RSAKEY_ARGS= | ||
| 22 | NO_START=0 | 25 | NO_START=0 |
| 23 | 26 | ||
| 24 | set -e | 27 | set -e |
| @@ -28,32 +31,19 @@ test "$NO_START" = "0" || exit 0 | |||
| 28 | test -x "$DAEMON" || exit 0 | 31 | test -x "$DAEMON" || exit 0 |
| 29 | test ! -h /var/service/dropbear || exit 0 | 32 | test ! -h /var/service/dropbear || exit 0 |
| 30 | 33 | ||
| 31 | readonly_rootfs=0 | ||
| 32 | for flag in `awk '{ if ($2 == "/") { split($4,FLAGS,",") } }; END { for (f in FLAGS) print FLAGS[f] }' </proc/mounts`; do | ||
| 33 | case $flag in | ||
| 34 | ro) | ||
| 35 | readonly_rootfs=1 | ||
| 36 | ;; | ||
| 37 | esac | ||
| 38 | done | ||
| 39 | |||
| 40 | if [ $readonly_rootfs = "1" ]; then | ||
| 41 | mkdir -p /var/lib/dropbear | ||
| 42 | DROPBEAR_RSAKEY_DEFAULT="/var/lib/dropbear/dropbear_rsa_host_key" | ||
| 43 | else | ||
| 44 | DROPBEAR_RSAKEY_DEFAULT="/etc/dropbear/dropbear_rsa_host_key" | ||
| 45 | fi | ||
| 46 | |||
| 47 | test -z "$DROPBEAR_BANNER" || \ | 34 | test -z "$DROPBEAR_BANNER" || \ |
| 48 | DROPBEAR_EXTRA_ARGS="$DROPBEAR_EXTRA_ARGS -b $DROPBEAR_BANNER" | 35 | DROPBEAR_EXTRA_ARGS="$DROPBEAR_EXTRA_ARGS -b $DROPBEAR_BANNER" |
| 49 | test -n "$DROPBEAR_RSAKEY" || \ | 36 | test -n "$DROPBEAR_RSAKEY" || \ |
| 50 | DROPBEAR_RSAKEY=$DROPBEAR_RSAKEY_DEFAULT | 37 | DROPBEAR_RSAKEY="${DROPBEAR_RSAKEY_DIR}/dropbear_rsa_host_key" |
| 51 | 38 | ||
| 52 | gen_keys() { | 39 | gen_keys() { |
| 53 | if [ -f "$DROPBEAR_RSAKEY" -a ! -s "$DROPBEAR_RSAKEY" ]; then | 40 | if [ -f "$DROPBEAR_RSAKEY" -a ! -s "$DROPBEAR_RSAKEY" ]; then |
| 54 | rm $DROPBEAR_RSAKEY || true | 41 | rm $DROPBEAR_RSAKEY || true |
| 55 | fi | 42 | fi |
| 56 | test -f $DROPBEAR_RSAKEY || dropbearkey -t rsa -f $DROPBEAR_RSAKEY $DROPBEAR_RSAKEY_ARGS | 43 | if [ ! -f "$DROPBEAR_RSAKEY" ]; then |
| 44 | mkdir -p ${DROPBEAR_RSAKEY%/*} | ||
| 45 | dropbearkey -t rsa -f $DROPBEAR_RSAKEY $DROPBEAR_RSAKEY_ARGS | ||
| 46 | fi | ||
| 57 | } | 47 | } |
| 58 | 48 | ||
| 59 | case "$1" in | 49 | case "$1" in |