Upon logging, dropbear whines if /root is group- or others-writable, and
key-based authentication is attempted, reverting to password-based
authentication:
dropbear[149]: /root must be owned by user or root, and not writable by others
dropbear[149]: Password auth succeeded for 'root' from 192.168.127.35:41566
On my system, /root was 770. Changing to 700 fixed the issue.
Having /root 700 is a good idea, anyway.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Acked-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
Currently, /home/default is mode 2755 which means it is setgid.
Since /home/default is not group-writable, it is useless.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Acked-by: Samuel Martin <s.martin49@gmail.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
The /var/www directory is listed in /etc/passwd in the skeleton target
filesystem as the home directory of the www-data user (uid 33).
In the final target filesystem, /var/www should be owned by www-data. This
is important for the lighttpd package, for example.
Signed-off-by: Simon Dawson <spdawson@gmail.com>
Acked-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
This directory groups the following elements:
* the default root filesystem skeleton
* the default device tables
* the Config.in options for system configuration (UART port for
getty, system hostname, etc.)
* the make rules to apply the system configuration options
Even though the skeleton and device tables could have lived in fs/, it
would have been strange to have the UART, system hostname and other
related options into fs/. A new system/ directory makes more sense.
As a consequence, this patch also removes target/Makefile.in, which
has become useless in the process.
[Peter: fixup TARGET_SKELETON settings / documentation to match]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Acked-by: Yann E. MORIN <yann.morin.1998@free.fr>
Acked-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>