[Buildroot] Proposed patch: allow setting an hashed root password

Yann E. MORIN yann.morin.1998 at free.fr
Sun Mar 22 16:00:22 UTC 2015

Lorenzo, All,

On 2015-03-22 16:09 +0100, Lorenzo Catucci spake thusly:
> Please find enclosed my proposed patch. I've posted the patch to a GH fork of
> the main repository too: look at the «hashed_root_pw» branch of
> 	https://github.com/lmctv/buildroot
> The reason I've enabled the new «BR2_TARGET_GENERIC_ROOT_PASSWD_HASH»
> configuration option is being able to set a "*" password hash for the root
> user without being forced to put a static /etc/shadow inside BR2_ROOTFS_OVERLAY.
> Even if setting a "real" password, I think the option to put a sha256 or
> sha512 hash in the .config is a lot less scary than putting a plaintext
> password, especially in the case of sha512 .
> Thank you very much, yours
> 	lorenzo m catucci


First, the commit log should only explain the technical reasons for the
change, and not contain "personal" messages:

    first line, short explanation

    One (or more) paragraph explainging the current situation and why
    you believe it is incorrect.

    One (or more) paragraph explaining what you changed.

    Signed-ogg-by: Your Real Name <your-email at somehwere.net>

Second, there's something odd: clearly the patch prefers the hashed
password over the clear-text one, but does not prevent the user to set

Third, if you want to do tricky password handling like this, I think it
would be better if you passed a "user table" (BR2_ROOTFS_USERS_TABLES)
that defines the root user and its password, like documented in the
mkuser infra:

Yann E. MORIN.

|  Yann E. MORIN  | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
| +33 662 376 056 | Software  Designer | \ / CAMPAIGN     |  ___               |
| +33 223 225 172 `------------.-------:  X  AGAINST      |  \e/  There is no  |
| http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL    |   v   conspiracy.  |

More information about the buildroot mailing list