Hi everybody,
to deploy minimal OpenWrt images on multiple routers it is necessary to
set a root password, while building the deployable file.
Therefore i added a patch that is setting a "default" password in the
"/etc/shadow" file of the "base-files" package. It is using the openssl
command of the building host to create the hash of the password.
Here are the diff files for both the current development branch (Barrier
Braker) and the 12.09 branch..please add the patches to both branches,
to be able to use it in the currently stable release as well.
*12.09-branch (http://git.openwrt.org/?p=12.09/openwrt.git;a=summary):*
Signed-off-by: Benjamin Pflueg <b...@bensbox.de>
---
diff --git a/package/base-files/Makefile b/package/base-files/Makefile
index 2152edd..db72656 100644
--- a/package/base-files/Makefile
+++ b/package/base-files/Makefile
@@ -9,6 +9,7 @@
include $(TOPDIR)/rules.mk
include $(INCLUDE_DIR)/kernel.mk
include $(INCLUDE_DIR)/version.mk
+include $(INCLUDE_DIR)/baseconf.mk
PKG_NAME:=base-files
PKG_RELEASE:=118.2
@@ -113,6 +114,11 @@ define Package/base-files/install
$(1)/etc/openwrt_version \
$(1)/etc/openwrt_release
+ $(if $(filter $(BASECONF_ROOT_PASSWORD),x), \
+ $(SED) 's/%P/x/g' $(1)/etc/shadow, \
+ $(SED) 's/%P/$(shell $(OPENSSL) passwd -1
$(BASECONF_ROOT_PASSWORD) | $(SED_PLAIN) -e 's/[/.$$^]/\\&/g' |
$(SED_PLAIN) -e 's/\$$/\$$\$$/g')/' $(1)/etc/shadow \
+ )
+
mkdir -p $(1)/CONTROL
mkdir -p $(1)/dev
mkdir -p $(1)/etc/crontabs
diff --git a/package/base-files/files/etc/shadow
b/package/base-files/files/etc/shadow
index e989890..f35be79 100644
--- a/package/base-files/files/etc/shadow
+++ b/package/base-files/files/etc/shadow
@@ -1,4 +1,4 @@
-root:x:0:0:99999:7:::
+root:%P:0:0:99999:7:::
daemon:*:0:0:99999:7:::
ftp:*:0:0:99999:7:::
network:*:0:0:99999:7:::
diff --git a/package/base-files/image-config.in
b/package/base-files/image-config.in
index 1371356..79dee49 100644
--- a/package/base-files/image-config.in
+++ b/package/base-files/image-config.in
@@ -184,3 +184,19 @@ menuconfig VERSIONOPT
%d .. Distribution name or "openwrt", lowercase
%T .. Target name
%S .. Target/Subtarget name
+
+menuconfig BASECONFOPT
+ bool "Base system configurations" if IMAGEOPT
+ default n
+ help
+ In here you can set configurations like a default root
password.
+ They are suppose to be very basic and default settings
to the
+ vanilla OpenWRT firmware.
+
+ config BASECONF_ROOT_PASSWORD
+ string
+ prompt "Custom default root password" if BASECONFOPT
+ help
+ Usually the firmware does not have the root
password set.
+ Here you can set a default one, that will be in
effect
+ even after a factory reset.
diff --git a/rules.mk b/rules.mk
index e657eec..8c5d2c2 100644
--- a/rules.mk
+++ b/rules.mk
@@ -182,9 +182,11 @@ TARGET_AR:=$(TARGET_CROSS)ar
TARGET_RANLIB:=$(TARGET_CROSS)ranlib
TARGET_CXX:=$(if $(CONFIG_INSTALL_LIBSTDCPP),$(TARGET_CROSS)g++,no)
KPATCH:=$(SCRIPT_DIR)/patch-kernel.sh
-SED:=$(STAGING_DIR_HOST)/bin/sed -i -e
+SED_PLAIN:=$(STAGING_DIR_HOST)/bin/sed
+SED:=$(SED_PLAIN) -i -e
CP:=cp -fpR
LN:=ln -sf
+OPENSSL:=openssl
INSTALL_BIN:=install -m0755
INSTALL_DIR:=install -d -m0755
diff --git a/include/baseconf.mk b/include/baseconf.mk
new file mode 100644
index 0000000..ad8db58
--- /dev/null
+++ b/include/baseconf.mk
@@ -0,0 +1,6 @@
+
+PKG_CONFIG_DEPENDS += \
+ CONFIG_BASECONF_ROOT_PASSWORD
+
+BASECONF_ROOT_PASSWORD:=$(call qstrip,$(CONFIG_BASECONF_ROOT_PASSWORD))
+BASECONF_ROOT_PASSWORD:=$(if
$(BASECONF_ROOT_PASSWORD),$(BASECONF_ROOT_PASSWORD),x)
_______________________________________________
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
