[LEDE-DEV] Makefile question
philipp_subx at redfish-solutions.com
Sat Feb 11 19:24:51 PST 2017
> On Feb 10, 2017, at 10:33 PM, David Lang <david at lang.hm> wrote:
> On Fri, 10 Feb 2017, Philip Prindeville wrote:
>> I was wondering if there’s an obvious place to install a hook that’s:
>> (a) after all the packages have been installed;
>> (b) before the root filesystem image gets finalized;
>> I’d like to be able to run some simple sed scripts inside the root-to-be directory to make some changes, maybe do an rm etc/rc.d/S??sshd so that the sshd service is installed but isn’t enabled by default, maybe inject a new root password or create an extra user login, etc.
>> That sort of thing.
>> I looked around through the makefiles but nothing stood out.
>> Should be easy, right?
> some of what you are talking about can be done by putting the replacement files in the /files heirarchy and they will replace the files created by the packages.
I thought about using files/ but here’s the problem. Some of the packages that provide config files are quite length and change fairly often, so I don’t want to have to keep updating my copy of the file with my changes.
For example, /etc/LCDd.conf from lcdproc is about 1400 lines… yet I only need 9 lines changed to do what I need.
Other examples? /etc/ssh/sshd_config is 136 lines long, but I only need 2 lines changed (turning off password logins, and forcing people to use Protocol v2 exclusively). And that’s a file that changed whenever an CVE comes out, for instance when a cipher is found to be weaker than originally thought, etc.
> This can't eliminate the /etc/rc.d/S* files as it only adds files, and it's not as flexibile as adding a user or changing a password (as it would just let you replace the /etc/passwd, /etc/shadow files, not modify them).
> If you look for where the /files/* are copied into the filesystem, that is probably the place you would want to add your scripting hooks.
Good idea. I’ll look there.
> David Lang_______________________________________________
> Lede-dev mailing list
> Lede-dev at lists.infradead.org
More information about the Lede-dev