ref-manual: Edits to the "Making Images More Secure" section.

Fixes [YOCTO #5482] I added some key references to the section on considerations specific to the OpenEmbedded build system. In particular, I provided some cross-linking back to the extrausers.bbclass section to reference an example of adding a user account. I also split out the topics of adding an extra user and setting a password on the image in the bulleted list. (From yocto-docs rev: 19dcd70b9b5aba1bd5e7ce090d5449afcef726bf) Signed-off-by: Scott Rifenbark <scott.m.rifenbark@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-05-29 10:36:42 +03:00 · 2014-05-29 10:36:42 +03:00 · 57bd61eabb
parent bd5973e787
commit 57bd61eabb
1 changed files with 16 additions and 6 deletions
--- a/documentation/dev-manual/dev-manual-common-tasks.xml
+++ b/documentation/dev-manual/dev-manual-common-tasks.xml
@ -3967,16 +3967,26 @@
                        producing your final image.
                        Among other things, leaving this in place sets the
                        root password as blank.
-                    </para></listitem>
+                        </para></listitem>
                    <listitem><para>
-                        It is possible to set a root password or to add
-                        some additional user account for later administrative
-                        or service access using the
+                        It is possible to set a root password for the image.
+                        For information on how to do that, see the
+                        <ulink url='https://wiki.yoctoproject.org/wiki/FAQ:How_do_I_set_or_change_the_root_password'>How do I set or change the root password</ulink>
+                        Wiki page.
+                        </para></listitem>
+                    <listitem><para>
+                        It is possible to add an additional user account
+                        for later administrative or service access using the
                        <ulink url='&YOCTO_DOCS_REF_URL;#ref-classes-extrausers'><filename>extrausers</filename></ulink>
                        class or the
                        <ulink url='&YOCTO_DOCS_REF_URL;#var-ROOTFS_POSTPROCESS_COMMAND'><filename>ROOTFS_POSTPROCESS_COMMAND</filename></ulink>
                        variable.
-                        If you do this, be cautious about setting
+                        For an example on how to add users, see the
+                        "<ulink url='&YOCTO_DOCS_REF_URL;#ref-classes-extrausers'><filename>extrausers.bbclass</filename></ulink>"
+                        section.
+                        </para>
+                        <para>If you do add extra user accounts,
+                        be cautious about setting
                        the same password for every device.
                        If you want the device to remain secure
                        from unauthorized access, and the password set on
@ -3985,7 +3995,7 @@
                        If you need this access but want to ensure security,
                        consider setting a different, random password for each
                        device.
-                    </para></listitem>
+                        </para></listitem>
                </itemizedlist>
            </para>
        </section>