[Buildroot] [PATCH] package/openssh: Set /var/empty permissions

Arnout Vandecappelle arnout at mind.be
Sun Feb 3 21:01:23 UTC 2019



On 18/12/2018 00:37, Chris Lesiak wrote:
> I can certainly submit a new version that adds the following change:
> 
>   define OPENSSH_USERS
> -       sshd -1 sshd -1 * - - - SSH drop priv user
> +       sshd -1 sshd -1 * /var/empty /bin/false - SSH drop priv user
>   endef
> 
> 
> Is everyone happy with using /var/empty as the home directory? It isn't 
> obvious that /var/empty should belong to sshd.

 It doesn't belong to sshd. There are plenty of system users that have home
directories like / or /sbin.

 Note that there is no need to set the shell. - does not exist, so logging in as
that user doesn't work, which is what we want. I even think login treats it special.

 But changing the home directory of sshd would probably be good.

 Regards,
 Arnout



More information about the buildroot mailing list