[LEDE-DEV] Procd and askconsole

John Crispin john at phrozen.org
Fri Sep 16 02:18:06 PDT 2016 


On 16/09/2016 10:48, Lebleu Pierre wrote:
> Hi all,
> 
> I am new to this mailing list and I would like to present me as Pierre.
> 
> I recently play a bit with procd and I found an "issue". Indeed, if I do
> a factory reset, I am able to login as root without login. I have some
> scripts in /etc/uci-defaults and one of them set the password for the
> root account. So, this behaviour looks like to me a bug.
> 
> For my understanding, when procd reaches STATE_INIT, it runs
> the inittab and one of them is "askconsole". The problem is the system
> is not completely ready to receive the user : the hostname is not even
> set.
> 
> In the old sysvinit, the inittab contains an entry called "bootwait"
> wich is executed after the termination of init (eg : "/etc/rc.d").
> I purpose to move the "askconsole" entry to STATE_RUNNING or to create
> a new entry called "askconsolewait" in order to keep backward
> compatibility.
> 
> diff --git a/inittab.c b/inittab.c
> index ae2c431..2d590e4 100644
> --- a/inittab.c
> +++ b/inittab.c
> @@ -228,6 +228,10 @@ static struct init_handler handlers[] = {
>                 .name = "respawn",
>                 .cb = rcrespawn,
>                 .multi = 1,
> +       }, {
> +               .name = "askconsolewait",
> +               .cb = askconsole,
> +               .multi = 1,
>         }
>  };
>  
> @@ -251,11 +255,9 @@ void procd_inittab_run(const char *handler)
>  
>         list_for_each_entry(a, &actions, list)
>                 if (!strcmp(a->handler->name, handler)) {
> -                       if (a->handler->multi) {
> -                               a->handler->cb(a);
> -                               continue;
> -                       }
>                         a->handler->cb(a);
> +                       if (a->handler->multi)
> +                               continue;
>                         break;
>                 }
>  }
> diff --git a/state.c b/state.c
> index 4ad9e2d..fe37419 100644
> --- a/state.c
> +++ b/state.c
> @@ -128,6 +128,7 @@ static void state_enter(void)
>  
>         case STATE_RUNNING:
>                 LOG("- init complete -\n");
> +               procd_inittab_run("askconsolewait");
>                 break;
>  
>         case STATE_SHUTDOWN:
> 
> What is your view ? Thank you.
> 
> Cheers,
> 
> Pierre
> 
> _______________________________________________
> Lede-dev mailing list
> Lede-dev at lists.infradead.org
> http://lists.infradead.org/mailman/listinfo/lede-dev
> 

Hi Pierre,

just to be clear, you mean that there is a short timeslot between
inittab/askconsole and uci-defaults during which a passwordless login is
possible and you would liek to prevent this ?

if i understood the problem corretly please simply set

ttylogin=1 here ->

https://git.lede-project.org/?p=source.git;a=blob;f=package/base-files/files/bin/config_generate;h=80ed61b9e2dabf6f2f99102345be3da60097af3e;hb=HEAD#l231

that should make the image boot with password login required even if no
password is set.

the normal use case is that one flashes, enables the flag and then upon
second bootup the unit will require a login. in your use case you
already want the password protection on the very first boot i think

	John

More information about the Lede-dev mailing list