Commit 7e8d4617 authored by Adam Wujek's avatar Adam Wujek 💬

remove dropbear

dropbear was replaced, because it does not support correctly LDAP+kerberos.

It was almost working. With LDAP+Kerberos over PAM dropbear was prompting once
more for a password when the correct was given.
Signed-off-by: Adam Wujek's avatarAdam Wujek <adam.wujek@cern.ch>
parent 0b7f5058
......@@ -38,8 +38,6 @@ cp -r $WRS_OUTPUT_DIR/images/lib/* $TMPFS/lib
rm -f $TMPFS/etc/init.d/*
rm -f $TMPFS/THIS_IS_NOT_YOUR_ROOT_FILESYSTEM
# remove symlink from the buildroot
rm -rf $TMPFS/etc/dropbear
mkdir -p $TMPFS/etc/dropbear; chown -R root:root $TMPFS/etc/dropbear
cp -r $rootfs_override/* $TMPFS
# remove leftovers from on-going edits in rootfs_override
......
......@@ -2111,13 +2111,7 @@ BR2_PACKAGE_BRIDGE_UTILS=y
BR2_PACKAGE_DHCPDUMP=y
# BR2_PACKAGE_DNSMASQ is not set
# BR2_PACKAGE_DRBD_UTILS is not set
BR2_PACKAGE_DROPBEAR=y
BR2_PACKAGE_DROPBEAR_CLIENT=y
BR2_PACKAGE_DROPBEAR_DISABLE_REVERSEDNS=y
BR2_PACKAGE_DROPBEAR_SMALL=y
# BR2_PACKAGE_DROPBEAR_WTMP is not set
# BR2_PACKAGE_DROPBEAR_LASTLOG is not set
# BR2_PACKAGE_EBTABLES is not set
# BR2_PACKAGE_DROPBEAR is not set
#
# ejabberd needs erlang
......
......@@ -660,7 +660,7 @@ list of faults leading to a data error.
The idea is to reboot the system if it was not able to boot correctly.
Then we use the scratchpad registers of the processor to keep
the boot count. If the value of this counter is more than X we stop
rebooting and try to have a system running with at least \emph{dropbear}
rebooting and try to have a system running with at least \emph{sshd}
for SSH and \emph{net-snmp} to allow remote diagnostics. If on the other
hand the switch has booted correctly, we set the boot count to 0.
\end{pck_descr}
......@@ -732,7 +732,7 @@ list of faults leading to a data error.
Less critical processes (Restarting them and Warning generation is
enough):
\begin{itemize}
\item \emph{dropbear}
\item \emph{sshd}
\item \emph{udhcpc}
\item \emph{rsyslogd}
\item \emph{snmpd}
......
#!/bin/sh
#
# Starts dropbear sshd.
#
# Make sure the dropbearkey progam exists
[ -f /usr/bin/dropbearkey ] || exit 0
start_counter() {
# increase boot counter
COUNTER_FILE="/tmp/start_cnt_sshd"
START_COUNTER=1
if [ -f "$COUNTER_FILE" ];
then
read -r START_COUNTER < $COUNTER_FILE
START_COUNTER=$((START_COUNTER+1))
fi
echo "$START_COUNTER" > $COUNTER_FILE
}
start() {
echo -n "Starting dropbear sshd: "
# copy authorized keys if exists
if [ -f /usr/authorized_keys ] ; then
mkdir -p /root/.ssh/
cp /usr/authorized_keys /root/.ssh/
fi
# Make sure dropbear directory exists
if [ ! -d /etc/dropbear ] ; then
mkdir -p /etc/dropbear
fi
mkdir -p /usr/etc/dropbear
# Check for the Dropbear RSA key
if [ ! -f /etc/dropbear/dropbear_rsa_host_key ] ; then
echo -n "generating rsa key... "
/usr/bin/dropbearkey -t rsa -f /etc/dropbear/dropbear_rsa_host_key > /dev/null 2>&1
cp /etc/dropbear/dropbear_rsa_host_key /usr/etc/dropbear
fi
# Check for the Dropbear DSS key
if [ ! -f /etc/dropbear/dropbear_dss_host_key ] ; then
echo -n "generating dsa key... "
/usr/bin/dropbearkey -t dss -f /etc/dropbear/dropbear_dss_host_key > /dev/null 2>&1
cp /etc/dropbear/dropbear_dss_host_key /usr/etc/dropbear
fi
umask 077
start-stop-daemon -S -q -p /var/run/dropbear.pid --exec /usr/sbin/dropbear
ret=$?
if [ $ret -eq 0 ]; then
start_counter
echo "OK"
elif [ $ret -eq 1 ]; then
echo "Failed (already running?)"
else
echo "Failed"
fi
}
stop() {
echo -n "Stopping dropbear sshd: "
start-stop-daemon -K -q -p /var/run/dropbear.pid
if [ $? -eq 0 ]; then
echo "OK"
else
echo "Failed"
fi
}
restart() {
stop
start
}
case "$1" in
start)
start
;;
stop)
stop
;;
restart|reload)
restart
;;
*)
echo $"Usage: $0 {start|stop|restart}"
exit 1
esac
exit $?
check process dropbear with pidfile /var/run/dropbear.pid
start program = "/etc/init.d/dropbear start"
stop program = "/etc/init.d/dropbear stop"
if 5 restarts within 10 cycles then exec "/etc/init.d/reboot.sh dropbear"
../init.d/dropbear
\ No newline at end of file
......@@ -101,11 +101,11 @@ struct wrs_usd_item {
* - positive exp describe exact number of expected processes
* - negative exp describe minimum number of expected processes. Usefull for
* processes that is hard to predict number of their instances. For example
* new dropbear process is spawned at ssh login.
* new sshd process is spawned at ssh login.
*/
static struct wrs_usd_item userspace_daemons[] = {
[0] = {.key = "/usr/sbin/dropbear", .exp = -1}, /* expect at least one
* dropbear process */
[0] = {.key = "/usr/sbin/sshd", .exp = -1}, /* expect at least one
* sshd process */
[1] = {"/wr/bin/wrsw_hal", 2}, /* two wrsw_hal instances */
[2] = {"/wr/bin/wrsw_rtud", 1},
[3] = {"/wr/bin/ppsi", 1},
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment