core-image.bbclass: zap root password if debug-tweaks not enabled
If you do not have debug-tweaks in IMAGE_FEATURES, then zap the root password so that you can't log in as root without a password in an image potentially intended for a production system. Also mention debug-tweaks in the comments listing IMAGE_FEATURES in this file. (From OE-Core rev: 5ddda44efc97b4d6cf863033348e57e5cfdcd392) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
parent
f0d490684b
commit
0342cf81d5
|
@ -26,6 +26,7 @@ LIC_FILES_CHKSUM = "file://${COREBASE}/LICENSE;md5=3f40d7994397109285ec7b81fdeb3
|
|||
# - nfs-server - NFS server (exports / over NFS to everybody)
|
||||
# - ssh-server-dropbear - SSH server (dropbear)
|
||||
# - ssh-server-openssh - SSH server (openssh)
|
||||
# - debug-tweaks - makes an image suitable for development
|
||||
#
|
||||
PACKAGE_GROUP_apps-console-core = "task-core-apps-console"
|
||||
PACKAGE_GROUP_x11-base = "task-core-x11-base"
|
||||
|
@ -65,3 +66,7 @@ inherit image
|
|||
|
||||
# Create /etc/timestamp during image construction to give a reasonably sane default time setting
|
||||
ROOTFS_POSTPROCESS_COMMAND += "rootfs_update_timestamp ; "
|
||||
|
||||
# Zap the root password if debug-tweaks feature is not enabled
|
||||
ROOTFS_POSTPROCESS_COMMAND += '${@base_contains("IMAGE_FEATURES", "debug-tweaks", "", "zap_root_password ; ",d)}'
|
||||
|
||||
|
|
Loading…
Reference in New Issue