diff options
author | Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com> | 2019-11-02 18:46:40 +0300 |
---|---|---|
committer | Brad Bishop <bradleyb@fuzziesquirrel.com> | 2019-11-18 15:28:16 +0300 |
commit | a2a2087c7df085e9c582a531f05fe0befd3281db (patch) | |
tree | cd04784466cde04fa856e281ef3cb4b02bff901f /meta-phosphor/classes | |
parent | 8aa4c6cfb84de6330e5e6955413f74c174a19cf8 (diff) | |
download | openbmc-a2a2087c7df085e9c582a531f05fe0befd3281db.tar.xz |
Use debug-tweaks, allow-root-login to allow root.
root user account is enabled with proper privilege and group,
only if debug-tweaks or allow-root-login FEATURES is defined.
Note: This will not remove root user getting managed from
phosphor-user-manager, instead it will make sure, the privilege
and groups are empty for the root user.
Tested:
1. Verified the default build, which has debug-tweaks, allowing
root user to be with priv-admin, and enabled for all groups.
2. Verified by removing debug-tweaks from the local.conf, and
root user privilege & groups are empty.
(From meta-phosphor rev: b1b8251f4e5f19189057cdeb998cf119be1c27b8)
Change-Id: Iec2a0b1a9f84c27dd4947125903ce43f3a9c3c2c
Signed-off-by: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
Diffstat (limited to 'meta-phosphor/classes')
-rw-r--r-- | meta-phosphor/classes/phosphor-rootfs-postcommands.bbclass | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/meta-phosphor/classes/phosphor-rootfs-postcommands.bbclass b/meta-phosphor/classes/phosphor-rootfs-postcommands.bbclass new file mode 100644 index 000000000..3485661b3 --- /dev/null +++ b/meta-phosphor/classes/phosphor-rootfs-postcommands.bbclass @@ -0,0 +1,10 @@ +# +# This function is intended to add root to corresponding groups if 'debug-tweaks' or 'allow-root-login' is in IMAGE_FEATURES. +# +update_root_user_groups () { + if [ -e ${IMAGE_ROOTFS}/etc/group ]; then + sed -i '/^\(ipmi\|web\|redfish\|priv-admin\):.*:.*:$/s/$/root/' ${IMAGE_ROOTFS}/etc/group + fi +} +# Add root user to the needed groups +ROOTFS_POSTPROCESS_COMMAND += '${@bb.utils.contains_any("IMAGE_FEATURES", [ 'debug-tweaks', 'allow-root-login' ], "update_root_user_groups; ", "", d)}' |