[OpenWrt-Devel] [PATCH] base-files utils/busybox: Make requiring login in console default for easily accessed devices
Daniel Dickinson
openwrt at daniel.thecshore.com
Wed Dec 23 07:43:14 EST 2015
Oh, and I think that initially this should be default off configuration
option that people who are able to flash firmware via bootloader in case
of getting locked out encourage to test before pushing this as default.
I'd hate to have some corner case result in bricked routers for people
who have no means of recovering from a bad flash.
Regards,
Daniel
On 23/12/15 07:35 AM, John Crispin wrote:
>
>
> On 23/12/2015 13:32, Daniel Dickinson wrote:
>> I'm inclined to make the opt-out an image generation time decision
>> rather than configurable on the overlayfs for what I think are obvious
>> reasons.
>
> yep, that would be the best choice.
>
>
>>
>> Regards,
>>
>> Daniel
>>
>> On 23/12/15 07:24 AM, John Crispin wrote:
>>>
>>>
>>> On 23/12/2015 13:05, Imre Kaloz wrote:
>>>> Hi Daniel,
>>>>
>>>> On Wed, 23 Dec 2015 07:58:59 +0100, Daniel Dickinson
>>>> <openwrt at daniel.thecshore.com> wrote:
>>>>
>>>>> I am reworking this (requiring console login) as couple of packages
>>>>> for the packages feed, although it may require an image.mk or packages
>>>>> Makefile hook in order to embed an appropriate inittab into the image
>>>>> (since the inittab will need to be modified and we need to guarantee
>>>>> the correct order of actions; and inittab comes from base-files which
>>>>> is last thing done in the packages Makefile).
>>>>
>>>> I hope the other devs will chime in, but FWIW I would make this enabled
>>>> unconditionally across all targets. As we already have a way to do a
>>>> "factory reset" using the reset button, IMHO failsafe should also
>>>> enforce login passwords everywhere, including the serial console.
>>>>
>>>
>>> default on, once root passwd is set sounds good. an optional opt-out
>>> feature would be nice to avoid people having to add dirty hacks to get
>>> rid of the login prompt on tty shells. this could be hidden inside a
>>> wrapper script called by inittab.
>>> _______________________________________________
>>> openwrt-devel mailing list
>>> openwrt-devel at lists.openwrt.org
>>> https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
>>>
>> _______________________________________________
>> openwrt-devel mailing list
>> openwrt-devel at lists.openwrt.org
>> https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
> _______________________________________________
> openwrt-devel mailing list
> openwrt-devel at lists.openwrt.org
> https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
>
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
More information about the openwrt-devel
mailing list