Hi Ming, On Fri, 2013-09-13 at 17:10 +0800, Ming Liu wrote: > It fixes the following failure: > "fatal: Missing privilege separation directory: /var/run/sshd" > > when sshd is started through xinetd.
With this patch applied, openssh doesn't start anymore in standard images (e.g. core-image-sato-sdk) root@qemux86-64:~# /etc/init.d/sshd restart /var/run/sshd must be owned by root and not group or world-writable. Cheers, Stefan > > Signed-off-by: Ming Liu <ming....@windriver.com> > --- > .../openssh/openssh-6.2p2/volatiles.99_sshd | 1 + > meta/recipes-connectivity/openssh/openssh_6.2p2.bb | 8 ++++++-- > 2 files changed, 7 insertions(+), 2 deletions(-) > create mode 100644 > meta/recipes-connectivity/openssh/openssh-6.2p2/volatiles.99_sshd > > diff --git > a/meta/recipes-connectivity/openssh/openssh-6.2p2/volatiles.99_sshd > b/meta/recipes-connectivity/openssh/openssh-6.2p2/volatiles.99_sshd > new file mode 100644 > index 0000000..86e7f6f > --- /dev/null > +++ b/meta/recipes-connectivity/openssh/openssh-6.2p2/volatiles.99_sshd > @@ -0,0 +1 @@ > +d sshd sshd 0755 /var/run/sshd none > diff --git a/meta/recipes-connectivity/openssh/openssh_6.2p2.bb > b/meta/recipes-connectivity/openssh/openssh_6.2p2.bb > index 3a7f50d..bb5c79e 100644 > --- a/meta/recipes-connectivity/openssh/openssh_6.2p2.bb > +++ b/meta/recipes-connectivity/openssh/openssh_6.2p2.bb > @@ -29,7 +29,8 @@ SRC_URI = > "ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar. > ${@base_contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', > d)} \ > file://sshd.socket \ > file://sshd@.service \ > - file://sshdgenkeys.service " > + file://sshdgenkeys.service \ > + file://volatiles.99_sshd " > > PAM_SRC_URI = "file://sshd" > > @@ -92,6 +93,9 @@ do_install_append () { > install -m 0755 ${WORKDIR}/init ${D}${sysconfdir}/init.d/sshd > rm -f ${D}${bindir}/slogin ${D}${datadir}/Ssh.bin > rmdir ${D}${localstatedir}/run/sshd ${D}${localstatedir}/run > ${D}${localstatedir} > + install -d ${D}/${sysconfdir}/default/volatiles > + install -m 644 ${WORKDIR}/volatiles.99_sshd > ${D}/${sysconfdir}/default/volatiles/99_sshd > + > # Create config files for read-only rootfs > install -d ${D}${sysconfdir}/ssh > install -m 644 ${WORKDIR}/sshd_config > ${D}${sysconfdir}/ssh/sshd_config_readonly > @@ -116,7 +120,7 @@ PACKAGES =+ "${PN}-keygen ${PN}-scp ${PN}-ssh ${PN}-sshd > ${PN}-sftp ${PN}-misc $ > FILES_${PN}-scp = "${bindir}/scp.${BPN}" > FILES_${PN}-ssh = "${bindir}/ssh.${BPN} ${sysconfdir}/ssh/ssh_config" > FILES_${PN}-sshd = "${sbindir}/sshd ${sysconfdir}/init.d/sshd" > -FILES_${PN}-sshd += "${sysconfdir}/ssh/moduli ${sysconfdir}/ssh/sshd_config > ${sysconfdir}/ssh/sshd_config_readonly" > +FILES_${PN}-sshd += "${sysconfdir}/ssh/moduli ${sysconfdir}/ssh/sshd_config > ${sysconfdir}/ssh/sshd_config_readonly > ${sysconfdir}/default/volatiles/99_sshd" > FILES_${PN}-sftp = "${bindir}/sftp" > FILES_${PN}-sftp-server = "${libexecdir}/sftp-server" > FILES_${PN}-misc = "${bindir}/ssh* ${libexecdir}/ssh*" _______________________________________________ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
