meta-quanta: meta-common: enable TLS with static CA and specific user

Add Security Feature:
    1. default-users: Add static User "Megapede"
    2. enable-tls: Enable TLS authentication with static CA
    3. phosphor-monitor-hostname: Generate a self-signed certificate once
       the hostname is assigned

Note:
    1. CA PATH:
       meta-quanta\meta-common\recipes-phosphor\certificate\phosphor-certificate-manager\certs\authority
       All CAs under the folder will be encapsulated into the firmware image

(From meta-quanta rev: a310726a27974a471386d4e5f6d4b79f3bc6906e)

Signed-off-by: AlanKuo <Alan_Kuo@quantatw.com>
Change-Id: If033222b72c59a86c1f818a3350d6eb55bba10b5
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>

1 files changed, 24 insertions, 0 deletions

diff --git a/meta-quanta/meta-common/recipes-quanta/default-users/default-users.bb b/meta-quanta/meta-common/recipes-quanta/default-users/default-users.bb
new file mode 100755
index 000000000..0bb9be821
--- /dev/null
+++ b/meta-quanta/meta-common/recipes-quanta/default-users/default-users.bb
@@ -0,0 +1,24 @@
+SUMMARY = "Add default Users"
+DESCRIPTION = "Add Users"
+LICENSE = "Apache-2.0"
+LIC_FILES_CHKSUM = "file://${COREBASE}/meta/files/common-licenses/Apache-2.0;md5=89aea4e17d99a7cacdbeed46a0096b10"
+
+EXCLUDE_FROM_WORLD = "1"
+
+DEPENDS = "bmcweb"
+DEPENDS += "phosphor-ipmi-host"
+DEPENDS += "phosphor-user-manager"
+RDEPENDS_${PN} = "bmcweb"
+RDEPENDS_${PN} += "phosphor-ipmi-host"
+RDEPENDS_${PN} += "phosphor-user-manager"
+
+inherit useradd
+USERADD_PACKAGES = "${PN}"
+
+USERADD_PARAM_${PN} = "-m -N -u 1000 -g 100 -s /bin/nologin \
+                       -p '\$1\$UGMqyqdG\$FZiylVFmRRfl9Z0Ue8G7e/' \
+                       -G 'web,redfish,priv-admin' Megapede; "
+GROUPMEMS_PARAM_${PN} = "-g priv-admin -a root; "
+GROUPMEMS_PARAM_${PN} += "-g ipmi -a root; "
+
+ALLOW_EMPTY_${PN} = "1"