ltib
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Ltib] Root owned files in the merge directories...

From: Stuart Hughes
Subject: RE: [Ltib] Root owned files in the merge directories...
Date: Tue, 15 Apr 2008 07:11:31 -0700 
Hi Peter,

If this is for testing and not a production image and you don't mind
about security, and dropbear ssh is okay for you you can select 
"use an insecure hackable RSA key" as shown here:

[*] dropbear ssh client/server 
[*]   non-blocking random device 
[*]   disable reverse host lookups
[*]   disable X11 forwarding
[*]   use an insecure hackable RSA key

If you need to use the full sshd, then you'll have to create the file in
your merge area owned by your uid and it must at least have read
permissions set.  This will not work properly for NFS (you'll need to
change owner/perms on the target), but for RAMDISK/jffs2 it will get
squashed to be owned by root.

Regards, Stuart

On Tue, 2008-04-15 at 09:49 -0400, Stephens, Peter A. wrote:
>  
> Hey Stuart.  I am using a u-boot ramdisk image, but I don't want to keep
> generating/changing the SSH keys for OpenSSH so I figured I would create
> the "merge" area and put some pre-created ones in there.  It seems to
> see them and try to copy them into the image, but there are permission
> problems.  On the target they need to be (chown) root/root and (chmod)
> "rw r  r  ".
> 
> Peter A. Stephens
> Advanced Engineering
> address@hidden
> www.delphi.com
> 765-451-7074
> 
> -----Original Message-----
> From: Stuart Hughes [mailto:address@hidden 
> Sent: Monday, April 14, 2008 9:04 PM
> To: Stephens, Peter A.
> Cc: address@hidden
> Subject: Re: [Ltib] Root owned files in the merge directories...
> 
> Hi Peter,
> 
> You can't for the NFS area.  You should make this as your normal user.
> When you finally build a RAMDISK or JFFS2 image, it'll get squashed to
> be owned by root.
> 
> If this is not what you need, you'll need to edit the spec file for ssh.
> What are you trying to do?
> 
> Regards, Stuart
> 
> On Mon, 2008-04-14 at 17:23 -0400, Stephens, Peter A. wrote:
> > If I add a merge directory (say "etc/ssh") to the 
> > {ltib}/config/platform/mpc2151ads/merge area how can I get it to end 
> > up with root permissions on the target?  I tried it with normal user 
> > permissions on the host and with root permissions on the host in the 
> > merge directories and got:
> >  
> > Processing deployment operations
> > ==================================
> > making filesystem image file
> > staging directory
> > is /home/hzqmrk/proj/ltib-mpc5121ads-20071210/rootfs.tmp
> > cp: cannot open
> > `/home/hzqmrk/proj/ltib-mpc5121ads-20071210/rootfs/usr/libexec/ssh-key
> > sign' for reading: Permission denied
> > cp: cannot open
> > `/home/hzqmrk/proj/ltib-mpc5121ads-20071210/rootfs/etc/ssh/ssh_host_rs
> > a_key' for reading: Permission denied
> > cp: cannot open
> > `/home/hzqmrk/proj/ltib-mpc5121ads-20071210/rootfs/etc/ssh/ssh_host_ds
> > a_key' for reading: Permission denied
> > cp: cannot open
> > `/home/hzqmrk/proj/ltib-mpc5121ads-20071210/rootfs/etc/ssh/ssh_host_ke
> > y' for reading: Permission denied removing the boot directory and 
> > files
> > 
> >  
> > Peter A. Stephens
> > address@hidden 
> > 765-451-7074   
> > 
> > 
> > 
> > 
> > 
> > Dream as if you'll live forever;
> > 
> > Live as if you'll die today.
> >           - James Dean
> > 
> > 
> >     Electronics & Safety, Advanced
> > Engineering
> > 
> > 
> > 
> >  
> > 
> > 
> >  
> > **********************************************************************
> > ******************
> > 
> > Note: If the reader of this message is not the intended recipient, or 
> > an employee or agent responsible for delivering this message to the 
> > intended recipient, you are hereby notified that any dissemination, 
> > distribution or copying of this communication is strictly prohibited.
> > If you have received this communication in error, please notify us 
> > immediately by replying to the message and deleting it from your 
> > computer. Thank you.
> > 
> > **********************************************************************
> > ******************
> > 
> > _______________________________________________
> > LTIB home page: http://bitshrine.org
> > 
> > Ltib mailing list
> > address@hidden
> > http://lists.nongnu.org/mailman/listinfo/ltib
> 
> 
> ****************************************************************************************
> 
> Note:  If the reader of this message is not the intended recipient, or an 
> employee or agent responsible for delivering this message to the intended 
> recipient, you are hereby notified that any dissemination, distribution or 
> copying of this communication is strictly prohibited. If you have received 
> this communication in error, please notify us immediately by replying to the 
> message and deleting it from your computer. Thank you. 
> 
> ****************************************************************************************
reply via email to
[Prev in Thread] Current Thread [Next in Thread]