* [PATCH] proftpd: use /bin/false as the login shell
@ 2013-12-02 2:27 rongqing.li
2013-12-02 4:43 ` Rongqing Li
0 siblings, 1 reply; 2+ messages in thread
From: rongqing.li @ 2013-12-02 2:27 UTC (permalink / raw)
To: openembedded-devel
From: Roy Li <rongqing.li@windriver.com>
Use /bin/false as the login shell, just like what Ubuntu does,
otherwise there might be secure issue.
Signed-off-by: Roy Li <rongqing.li@windriver.com>
---
meta-networking/recipes-daemons/proftpd/proftpd_1.3.4b.bb | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/meta-networking/recipes-daemons/proftpd/proftpd_1.3.4b.bb b/meta-networking/recipes-daemons/proftpd/proftpd_1.3.4b.bb
index 6537b77..0006a2a 100644
--- a/meta-networking/recipes-daemons/proftpd/proftpd_1.3.4b.bb
+++ b/meta-networking/recipes-daemons/proftpd/proftpd_1.3.4b.bb
@@ -62,6 +62,7 @@ INITSCRIPT_PARAM = "defaults 85 15"
USERADD_PACKAGES = "${PN}"
GROUPADD_PARAM_${PN} = "--system ${FTPGROUP}"
-USERADD_PARAM_${PN} = "--system -g ${FTPGROUP} ${FTPUSER}"
+USERADD_PARAM_${PN} = "--system -g ${FTPGROUP} --home-dir /var/lib/ftp --no-create-home \
+ --shell /bin/false ${FTPUSER}"
FILES_${PN} += "/home/${FTPUSER}"
--
1.7.10.4
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH] proftpd: use /bin/false as the login shell
2013-12-02 2:27 [PATCH] proftpd: use /bin/false as the login shell rongqing.li
@ 2013-12-02 4:43 ` Rongqing Li
0 siblings, 0 replies; 2+ messages in thread
From: Rongqing Li @ 2013-12-02 4:43 UTC (permalink / raw)
To: openembedded-devel
Drop it, I will fix the commit log
On 12/02/2013 10:27 AM, rongqing.li@windriver.com wrote:
> From: Roy Li <rongqing.li@windriver.com>
>
> Use /bin/false as the login shell, just like what Ubuntu does,
> otherwise there might be secure issue.
>
> Signed-off-by: Roy Li <rongqing.li@windriver.com>
> ---
> meta-networking/recipes-daemons/proftpd/proftpd_1.3.4b.bb | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/meta-networking/recipes-daemons/proftpd/proftpd_1.3.4b.bb b/meta-networking/recipes-daemons/proftpd/proftpd_1.3.4b.bb
> index 6537b77..0006a2a 100644
> --- a/meta-networking/recipes-daemons/proftpd/proftpd_1.3.4b.bb
> +++ b/meta-networking/recipes-daemons/proftpd/proftpd_1.3.4b.bb
> @@ -62,6 +62,7 @@ INITSCRIPT_PARAM = "defaults 85 15"
>
> USERADD_PACKAGES = "${PN}"
> GROUPADD_PARAM_${PN} = "--system ${FTPGROUP}"
> -USERADD_PARAM_${PN} = "--system -g ${FTPGROUP} ${FTPUSER}"
> +USERADD_PARAM_${PN} = "--system -g ${FTPGROUP} --home-dir /var/lib/ftp --no-create-home \
> + --shell /bin/false ${FTPUSER}"
>
> FILES_${PN} += "/home/${FTPUSER}"
>
--
Best Reagrds,
Roy | RongQing Li
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2013-12-02 4:43 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2013-12-02 2:27 [PATCH] proftpd: use /bin/false as the login shell rongqing.li
2013-12-02 4:43 ` Rongqing Li
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.