> On Feb 10, 2017, at 10:33 PM, David Lang <da...@lang.hm> wrote: > > On Fri, 10 Feb 2017, Philip Prindeville wrote: > >> Hi. >> >> I was wondering if there’s an obvious place to install a hook that’s: >> >> (a) after all the packages have been installed; >> (b) before the root filesystem image gets finalized; >> >> I’d like to be able to run some simple sed scripts inside the root-to-be >> directory to make some changes, maybe do an rm etc/rc.d/S??sshd so that the >> sshd service is installed but isn’t enabled by default, maybe inject a new >> root password or create an extra user login, etc. >> >> That sort of thing. >> >> I looked around through the makefiles but nothing stood out. >> >> Should be easy, right? > > some of what you are talking about can be done by putting the replacement > files in the /files heirarchy and they will replace the files created by the > packages.
I thought about using files/ but here’s the problem. Some of the packages that provide config files are quite length and change fairly often, so I don’t want to have to keep updating my copy of the file with my changes. For example, /etc/LCDd.conf from lcdproc is about 1400 lines… yet I only need 9 lines changed to do what I need. Other examples? /etc/ssh/sshd_config is 136 lines long, but I only need 2 lines changed (turning off password logins, and forcing people to use Protocol v2 exclusively). And that’s a file that changed whenever an CVE comes out, for instance when a cipher is found to be weaker than originally thought, etc. > > This can't eliminate the /etc/rc.d/S* files as it only adds files, and it's > not as flexibile as adding a user or changing a password (as it would just > let you replace the /etc/passwd, /etc/shadow files, not modify them). > > If you look for where the /files/* are copied into the filesystem, that is > probably the place you would want to add your scripting hooks. Good idea. I’ll look there. Thanks > > David Lang_______________________________________________ > Lede-dev mailing list > Lede-dev@lists.infradead.org > http://lists.infradead.org/mailman/listinfo/lede-dev _______________________________________________ Lede-dev mailing list Lede-dev@lists.infradead.org http://lists.infradead.org/mailman/listinfo/lede-dev
