[Buildroot] Proposed patch: allow setting an hashed root password

Johan Oudinet johan.oudinet at gmail.com
Mon Mar 23 11:05:37 UTC 2015

Lorenze, Yann, All,

On Sun, Mar 22, 2015 at 11:56 PM, Yann E. MORIN <yann.morin.1998 at free.fr> wrote:
> Alternatively, you could also tweak the root password from a post-build
>     http://buildroot.net/downloads/manual/manual.html#rootfs-custom
> script which could look something like:
>     #!/bin/sh
>     PASSWD='your-encoded-password'
>     sed -r -i -e "s/^root:[^:]+:/root:${PASSWD}:/" "${TARGET_DIR}/etc/passwd"
> And in the end, I wonder if that would not be the best option...

This is the solution we do internally. I'm not sure how hard it is for
us to send it upstream as it implies several changes. I'll look into
it this week.
Basically, we have a script to ease the access to BR2_* variables
inside post_build scripts, then we have a post_build script that looks
- if it's empty, it does nothing;
- if it starts by $1$, $5$, or $6$, it assumes it is already
encrypted, and skip the encoding part
- otherwise, first it encodes it by calling mkpasswd with the
BR2_TARGET_GENERIC_PASSWD_METHOD method, then it replaces the second
field of the root user in the /etc/shadow file

So, one can either put a password in clear text in the .config or an
already encrypted password, which allows us to share a defconfig with
a non-empty password for root.

Best regards,

More information about the buildroot mailing list