[Buildroot] [PATCH 2/2 v4] system: allow/disallow root login, accept encoded passwords

Lorenzo M. Catucci lorenzo at sancho.ccd.uniroma2.it
Tue Mar 24 21:20:52 UTC 2015


Thank you, Yann!

On 24/03/2015 19:54, Yann E. MORIN wrote:
> From: Lorenzo Catucci <lorenzo at sancho.ccd.uniroma2.it>
> 
> Currently, there is only three possibilities regarding the root account:
>   - it is enabled with no password (the default)
>   - it is enabled, using a clear-text, user-provided password
>   - it is disabled if the user sets the clear-text password to '*'
> 
> This is deemed insufficient in many cases, especially when the .config
> file has to be published (e.g. for the GPL compliance, or any other
> reason.).
> 
> Fix that in two ways:
> 
>   - add a bolean option that allows/diesaloows root login altogether,
>     which defaults to 'y' to keep backward compatibility;
> 
>   - accept already-encoded passwords, which we recognise as starting
>     with either of $1$, $5$ or $6$ (resp. for md5, sha256 or sha512).
>     For backward-compatibility, we stil accept '*' to disable the
>     account.
> 

Works very well for me, especially since my primary need was a config option
disabling root login; still, you summarized very well the reason I'd rather
use a decent sha-512 encoded root password if I were to distribute my
applicance's config file.

Thank you once more, yours

	lorenzo


-- 
+-------------------------+----------------------------------------------+
| Lorenzo M. Catucci      | Centro di Calcolo e Documentazione           |
| catucci at ccd.uniroma2.it | Università degli Studi di Roma "Tor Vergata" |
|                         | Via O. Raimondo 18 ** I-00173 ROMA ** ITALY  |
| Tel. +39 06 7259 2255   | Fax. +39 06 7259 2125                        |
+-------------------------+----------------------------------------------+


More information about the buildroot mailing list