From: Stephan Hoffmann <sho@relinux.de>
To: buildroot@busybox.net
Subject: [Buildroot] [PATCH] sudo: optionally add user "default" to sudoers
Date: Tue, 01 Nov 2011 15:26:37 +0100 [thread overview]
Message-ID: <4EB0019D.3070701@relinux.de> (raw)
In-Reply-To: <CAAXf6LX1JfKGScyO9v269rLEdbk8wf9UTiw_SHdQ=5XqKuJdDA@mail.gmail.com>
Hello all,
I think that using a non privileged user even in embedded systems is a
real good concept.
To make things easier I made this little patch that generates a config
option to add user "default" to the sudoers list when the package sudo
is included in the system.
Kind regards
Stephan
Signed-off-by: Stephan Hoffmann <sho@relinux.de>
---
package/sudo/Config.in | 9 +++++++++
package/sudo/sudo.mk | 9 +++++++++
2 files changed, 18 insertions(+), 0 deletions(-)
diff --git a/package/sudo/Config.in b/package/sudo/Config.in
index fc0a175..59b6a93 100644
--- a/package/sudo/Config.in
+++ b/package/sudo/Config.in
@@ -7,3 +7,12 @@ config BR2_PACKAGE_SUDO
but still allow people to get their work done.
http://www.sudo.ws/sudo/
+
+if BR2_PACKAGE_SUDO
+
+config BR2_SUDO_ADD_DEFAULT
+ bool "add default user"
+ help
+ Add user "default" to sudoers file
+
+endif
diff --git a/package/sudo/sudo.mk b/package/sudo/sudo.mk
index 9c62c49..adc1c0d 100644
--- a/package/sudo/sudo.mk
+++ b/package/sudo/sudo.mk
@@ -15,10 +15,19 @@ SUDO_CONF_OPT = \
--without-interfaces \
--without-pam
+ifeq ($(BR2_SUDO_ADD_DEFAULT),y)
+define SUDO_ADD_DEFAULT
+ mkdir $(TARGET_DIR)/etc/sudoers.d
+ echo "default ALL = ALL" >$(TARGET_DIR)/etc/sudoers.d/default
+ chmod 0440 $(TARGET_DIR)/etc/sudoers.d/default
+endef
+endif
+
define SUDO_INSTALL_TARGET_CMDS
install -m 4555 -D $(@D)/sudo $(TARGET_DIR)/usr/bin/sudo
install -m 0555 -D $(@D)/visudo $(TARGET_DIR)/usr/sbin/visudo
install -m 0440 -D $(@D)/sudoers $(TARGET_DIR)/etc/sudoers
+ $(SUDO_ADD_DEFAULT)
endef
$(eval $(call AUTOTARGETS))
--
1.7.0.4
--
reLinux - Stephan Hoffmann
Am Schmidtgrund 124 50765 K?ln
Tel. +49.221.95595-19 Fax: -64
www.reLinux.de sho at reLinux.de
next prev parent reply other threads:[~2011-11-01 14:26 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-10-28 10:08 [Buildroot] fix for mplayer with armv7 / neon Bruno Niklaus
2011-10-28 11:06 ` Thomas De Schampheleire
2011-10-28 11:24 ` Bruno Niklaus
2011-10-28 11:38 ` Damian Kaczmarek
2011-11-01 14:26 ` Stephan Hoffmann [this message]
2011-11-03 18:13 ` [Buildroot] [PATCH] sudo: optionally add user "default" to sudoers Stephan Hoffmann
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4EB0019D.3070701@relinux.de \
--to=sho@relinux.de \
--cc=buildroot@busybox.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.