Previously, when dropbear was started via its init script, relocation
of DROPBEAR_RSAKEY_DIR to support read-only rootfs was handled at
run time from within the init script.
Update the init script to take advantage of the read-only rootfs
config setup by read_only_rootfs_hook() and therefore be consistent
with startup under systemd (where relocation of DROPBEAR_RSAKEY_DIR
is handled by the read_only_rootfs_hook() at build time).
Signed-off-by: Andre McCurdy <armccu...@gmail.com>
---
meta/classes/rootfs-postcommands.bbclass | 5 +----
meta/recipes-core/dropbear/dropbear/init | 26 ++++++++------------------
2 files changed, 9 insertions(+), 22 deletions(-)
diff --git a/meta/classes/rootfs-postcommands.bbclass
b/meta/classes/rootfs-postcommands.bbclass
index 5522209..221869e 100644
--- a/meta/classes/rootfs-postcommands.bbclass
+++ b/meta/classes/rootfs-postcommands.bbclass
@@ -112,14 +112,11 @@ read_only_rootfs_hook () {
# Also tweak the key location for dropbear in the same way.
if [ -d ${IMAGE_ROOTFS}/etc/dropbear ]; then
- if [ -e ${IMAGE_ROOTFS}/etc/dropbear/dropbear_rsa_host_key ];
then
- echo "DROPBEAR_RSAKEY_DIR=/etc/dropbear" >>
${IMAGE_ROOTFS}/etc/default/dropbear
- else
+ if [ ! -e ${IMAGE_ROOTFS}/etc/dropbear/dropbear_rsa_host_key ];
then
echo "DROPBEAR_RSAKEY_DIR=/var/lib/dropbear" >>
${IMAGE_ROOTFS}/etc/default/dropbear
fi
fi
-
if ${@bb.utils.contains("DISTRO_FEATURES", "sysvinit", "true", "false",
d)}; then
# Change the value of ROOTFS_READ_ONLY in /etc/default/rcS to
yes
if [ -e ${IMAGE_ROOTFS}/etc/default/rcS ]; then
diff --git a/meta/recipes-core/dropbear/dropbear/init
b/meta/recipes-core/dropbear/dropbear/init
index f6e1c46..ffab7a2 100755
--- a/meta/recipes-core/dropbear/dropbear/init
+++ b/meta/recipes-core/dropbear/dropbear/init
@@ -17,8 +17,11 @@ NAME=dropbear
DESC="Dropbear SSH server"
PIDFILE=/var/run/dropbear.pid
+# These values may be replaced by those from /etc/default/dropbear
+DROPBEAR_RSAKEY_DIR="/etc/dropbear"
DROPBEAR_PORT=22
DROPBEAR_EXTRA_ARGS=
+DROPBEAR_RSAKEY_ARGS=
NO_START=0
set -e
@@ -28,32 +31,19 @@ test "$NO_START" = "0" || exit 0
test -x "$DAEMON" || exit 0
test ! -h /var/service/dropbear || exit 0
-readonly_rootfs=0
-for flag in `awk '{ if ($2 == "/") { split($4,FLAGS,",") } }; END { for (f in
FLAGS) print FLAGS[f] }' </proc/mounts`; do
- case $flag in
- ro)
- readonly_rootfs=1
- ;;
- esac
-done
-
-if [ $readonly_rootfs = "1" ]; then
- mkdir -p /var/lib/dropbear
- DROPBEAR_RSAKEY_DEFAULT="/var/lib/dropbear/dropbear_rsa_host_key"
-else
- DROPBEAR_RSAKEY_DEFAULT="/etc/dropbear/dropbear_rsa_host_key"
-fi
-
test -z "$DROPBEAR_BANNER" || \
DROPBEAR_EXTRA_ARGS="$DROPBEAR_EXTRA_ARGS -b $DROPBEAR_BANNER"
test -n "$DROPBEAR_RSAKEY" || \
- DROPBEAR_RSAKEY=$DROPBEAR_RSAKEY_DEFAULT
+ DROPBEAR_RSAKEY="${DROPBEAR_RSAKEY_DIR}/dropbear_rsa_host_key"
gen_keys() {
if [ -f "$DROPBEAR_RSAKEY" -a ! -s "$DROPBEAR_RSAKEY" ]; then
rm $DROPBEAR_RSAKEY || true
fi
- test -f $DROPBEAR_RSAKEY || dropbearkey -t rsa -f $DROPBEAR_RSAKEY
$DROPBEAR_RSAKEY_ARGS
+ if [ ! -f "$DROPBEAR_RSAKEY" ]; then
+ mkdir -p ${DROPBEAR_RSAKEY%/*}
+ dropbearkey -t rsa -f $DROPBEAR_RSAKEY $DROPBEAR_RSAKEY_ARGS
+ fi
}
case "$1" in
--
1.9.1
--
_______________________________________________
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core
