From: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
To: buildroot@busybox.net
Subject: [Buildroot] [PATCH 06/10] openssh: add support for SELinux
Date: Sun, 8 Sep 2013 18:35:52 +0200 [thread overview]
Message-ID: <20130908183552.45492faa@skate> (raw)
In-Reply-To: <1378429464-12546-7-git-send-email-rjbarnet@rockwellcollins.com>
Dear Ryan Barnett,
On Thu, 5 Sep 2013 20:04:20 -0500, Ryan Barnett wrote:
> Adding configuration options for SELinux along with install
> configuration of Linux-PAM for SSHd when the linux-pam packages is
> selected
>
> Signed-off-by: Ryan Barnett <rjbarnet@rockwellcollins.com>
> ---
> package/openssh/openssh.mk | 12 ++++++++++++
> 1 files changed, 12 insertions(+), 0 deletions(-)
>
> diff --git a/package/openssh/openssh.mk b/package/openssh/openssh.mk
> index 4a5b125..6324ef8 100644
> --- a/package/openssh/openssh.mk
> +++ b/package/openssh/openssh.mk
> @@ -12,9 +12,21 @@ OPENSSH_CONF_OPT = --disable-lastlog --disable-utmp \
>
> OPENSSH_DEPENDENCIES = zlib openssl
>
> +define OPENSSH_INSTALL_PAM_CONF
> + $(INSTALL) -D -m 644 $(@D)/contrib/sshd.pam.generic $(TARGET_DIR)/etc/pam.d/sshd
> + sed -i '/password required \/lib\/security\/pam_cracklib.so/d' $(TARGET_DIR)/etc/pam.d/sshd
What about using a different separator than / in order to avoid having
to escape it? I.e:
'%password required /lib/security/pam_cracklib.so%d'
> + sed -i -e 's/\#UsePAM no/UsePAM yes/' $(TARGET_DIR)/etc/sshd_config
Also, use $(SED) instead of sed -i -e.
Finally, while the first and third commands purpose is obvious, the
purpose of the second command is less obvious. Adding a comment about
OPENSSH_INSTALL_PAM_CONF would be great.
Thanks!
Thomas
--
Thomas Petazzoni, Free Electrons
Kernel, drivers, real-time and embedded Linux
development, consulting, training and support.
http://free-electrons.com
next prev parent reply other threads:[~2013-09-08 16:35 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-09-06 1:04 [Buildroot] [PATCH 00/10] Enable SELinux Support in Existing Packages Ryan Barnett
2013-09-06 1:04 ` [Buildroot] [PATCH 01/10] sysvinit: add support for SELinux Ryan Barnett
2013-09-08 16:27 ` Thomas Petazzoni
2013-09-06 1:04 ` [Buildroot] [PATCH 02/10] sysvinit: install new cmds and fix inittab Ryan Barnett
2013-09-08 16:29 ` Thomas Petazzoni
2013-09-06 1:04 ` [Buildroot] [PATCH 03/10] sysvinit: add patch for libcrypt Ryan Barnett
2013-09-08 16:31 ` Thomas Petazzoni
2013-09-06 1:04 ` [Buildroot] [PATCH 04/10] util-linux: add suport for SELinux Ryan Barnett
2013-09-08 16:32 ` Thomas Petazzoni
2013-09-06 1:04 ` [Buildroot] [PATCH 05/10] linux-pam: add support " Ryan Barnett
2013-09-08 16:33 ` Thomas Petazzoni
2013-09-06 1:04 ` [Buildroot] [PATCH 06/10] openssh: " Ryan Barnett
2013-09-08 16:35 ` Thomas Petazzoni [this message]
2013-09-06 1:04 ` [Buildroot] [PATCH 07/10] logrotate: " Ryan Barnett
2013-09-08 16:36 ` Thomas Petazzoni
2013-09-06 1:04 ` [Buildroot] [PATCH 08/10] coreutils: " Ryan Barnett
2013-09-08 16:36 ` Thomas Petazzoni
2013-09-06 1:04 ` [Buildroot] [PATCH 09/10] dbus: " Ryan Barnett
2013-09-08 16:40 ` Thomas Petazzoni
2013-09-06 1:04 ` [Buildroot] [PATCH 10/10] busybox: " Ryan Barnett
2013-09-08 16:46 ` Thomas Petazzoni
2013-09-08 16:26 ` [Buildroot] [PATCH 00/10] Enable SELinux Support in Existing Packages Thomas Petazzoni
2013-09-09 13:40 ` rjbarnet at rockwellcollins.com
2013-09-11 11:48 ` Thomas De Schampheleire
2013-09-11 14:58 ` Ryan Barnett
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130908183552.45492faa@skate \
--to=thomas.petazzoni@free-electrons.com \
--cc=buildroot@busybox.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox