[Buildroot] [PATCH] package/openssh: Set /var/empty permissions
Arnout Vandecappelle
arnout at mind.be
Sun Feb 3 20:53:04 UTC 2019
On 17/12/2018 23:25, Chris Lesiak wrote:
> The openssh privilege separation feature, enabled by default,
> requires that the path /var/empty exist and have certain permission.
> See README.privsep included as part of the openssh distribution.
>
> Use OPENSSH_PERMISSIONS to ensure this is done correctly.
I've added some of the discussion to the commit message and applied to master,
thanks.
Regards,
Arnout
>
> Signed-off-by: Chris Lesiak <chris.lesiak at licor.com>
> ---
> package/openssh/openssh.mk | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/package/openssh/openssh.mk b/package/openssh/openssh.mk
> index 07f3e0d663..9175f9589d 100644
> --- a/package/openssh/openssh.mk
> +++ b/package/openssh/openssh.mk
> @@ -22,6 +22,10 @@ define OPENSSH_USERS
> sshd -1 sshd -1 * - - - SSH drop priv user
> endef
>
> +define OPENSSH_PERMISSIONS
> + /var/empty d 755 root root - - - - -
> +endef
> +
> ifeq ($(BR2_TOOLCHAIN_SUPPORTS_PIE),)
> OPENSSH_CONF_OPTS += --without-pie
> endif
>
More information about the buildroot
mailing list