ref-manual: Edits to the "Making Images More Secure" section.
Fixes [YOCTO #5482] I added some key references to the section on considerations specific to the OpenEmbedded build system. In particular, I provided some cross-linking back to the extrausers.bbclass section to reference an example of adding a user account. I also split out the topics of adding an extra user and setting a password on the image in the bulleted list. (From yocto-docs rev: 19dcd70b9b5aba1bd5e7ce090d5449afcef726bf) Signed-off-by: Scott Rifenbark <scott.m.rifenbark@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
parent
bd5973e787
commit
57bd61eabb
|
@ -3967,16 +3967,26 @@
|
|||
producing your final image.
|
||||
Among other things, leaving this in place sets the
|
||||
root password as blank.
|
||||
</para></listitem>
|
||||
</para></listitem>
|
||||
<listitem><para>
|
||||
It is possible to set a root password or to add
|
||||
some additional user account for later administrative
|
||||
or service access using the
|
||||
It is possible to set a root password for the image.
|
||||
For information on how to do that, see the
|
||||
<ulink url='https://wiki.yoctoproject.org/wiki/FAQ:How_do_I_set_or_change_the_root_password'>How do I set or change the root password</ulink>
|
||||
Wiki page.
|
||||
</para></listitem>
|
||||
<listitem><para>
|
||||
It is possible to add an additional user account
|
||||
for later administrative or service access using the
|
||||
<ulink url='&YOCTO_DOCS_REF_URL;#ref-classes-extrausers'><filename>extrausers</filename></ulink>
|
||||
class or the
|
||||
<ulink url='&YOCTO_DOCS_REF_URL;#var-ROOTFS_POSTPROCESS_COMMAND'><filename>ROOTFS_POSTPROCESS_COMMAND</filename></ulink>
|
||||
variable.
|
||||
If you do this, be cautious about setting
|
||||
For an example on how to add users, see the
|
||||
"<ulink url='&YOCTO_DOCS_REF_URL;#ref-classes-extrausers'><filename>extrausers.bbclass</filename></ulink>"
|
||||
section.
|
||||
</para>
|
||||
<para>If you do add extra user accounts,
|
||||
be cautious about setting
|
||||
the same password for every device.
|
||||
If you want the device to remain secure
|
||||
from unauthorized access, and the password set on
|
||||
|
@ -3985,7 +3995,7 @@
|
|||
If you need this access but want to ensure security,
|
||||
consider setting a different, random password for each
|
||||
device.
|
||||
</para></listitem>
|
||||
</para></listitem>
|
||||
</itemizedlist>
|
||||
</para>
|
||||
</section>
|
||||
|
|
Loading…
Reference in New Issue