From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 801E5158020 for ; Tue, 15 Nov 2022 02:52:10 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 2FE17E0937; Tue, 15 Nov 2022 02:52:09 +0000 (UTC) Received: from mail-qk1-f174.google.com (mail-qk1-f174.google.com [209.85.222.174]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id EDD90E0934; Tue, 15 Nov 2022 02:52:08 +0000 (UTC) Received: by mail-qk1-f174.google.com with SMTP id k4so8733079qkj.8; Mon, 14 Nov 2022 18:52:08 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=UvdP9Nl6GHXXMT/xcmowOE/GbMxC3EaID1EDaS5TM+A=; b=M/9KWfLKskx1rRTCrvVFnbeTSyY6Ljm2sqhiYWilB0eBHc3aX7k9ZC6Q88Tednr5+X deIsFM4YuhiU4C1IuBUkbQgrdw0ohuwFUhiFGUXpv7uUg5MCdUBFZ5ruCMJLbTczsvEt Aeb7iXr1zSlV7gxLbzFtX2/J7sfgBNtrT4gI8uUpv4LtjVzDsBI16b6hTDP3Ga3iKgNA 4jt9BcA8t3EoEYVRKvjQvTovYLkTc6qaWE2KKB2pQQh9ZYtBbv2Wh/jjihlFzCd5hsYa hl3OABCXhUUzs0jPasFwuUdhPC56JHRM0zA9NDo56amPDJ2M9oC+kF1IhWQrYBP0mJ/K 6PMg== X-Gm-Message-State: ANoB5pn1ccG7ZRmrmpmUsbEYHjlWJqvF3qie7dOrYYkk1PFjgjh637TK e/nsSNDIi0xQRwb7HV4+4mWTYnACU+Q= X-Google-Smtp-Source: AA0mqf41bR8lsvxCwpI5QqWdbmZ8KNqT13xCWZ9F/YpW8pUX1VfGy7wdMu1pMo0vN5yKhdXpaB+LJQ== X-Received: by 2002:ae9:e00a:0:b0:6fa:dde:394b with SMTP id m10-20020ae9e00a000000b006fa0dde394bmr13649740qkk.265.1668480727891; Mon, 14 Nov 2022 18:52:07 -0800 (PST) Received: from localhost ([162.208.5.36]) by smtp.gmail.com with ESMTPSA id s1-20020a05620a0bc100b006faaf6dc55asm7600725qki.22.2022.11.14.18.52.06 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 14 Nov 2022 18:52:06 -0800 (PST) From: Matt Turner To: gentoo-dev@lists.gentoo.org, gentoo-catalyst@lists.gentoo.org Cc: Matt Turner Subject: [gentoo-catalyst] [PATCH 1/5] targets: Fix enabling PermitRootLogin Date: Mon, 14 Nov 2022 21:51:53 -0500 Message-Id: <20221115025157.1703859-1-mattst88@gentoo.org> X-Mailer: git-send-email 2.37.4 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-catalyst@lists.gentoo.org Reply-to: gentoo-catalyst@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Archives-Salt: b0dc640c-5d92-47dd-ac9c-dffa1f8d149a X-Archives-Hash: f7bc04b059f9aec2590c5ee130d69c50 The default changed to "prohibit-password" many moons ago, so our ISOs would not have allowed root logins if not for net-misc/openssh's IUSE=livecd, which handles this in the ebuild. Let's go ahead and fix it, so that we can consider removing openssh's livecd USE flag which would allow us to avoid rebuilding the package for the ISO. Signed-off-by: Matt Turner --- targets/support/livecdfs-update.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/targets/support/livecdfs-update.sh b/targets/support/livecdfs-update.sh index b7ead552..3f47012b 100755 --- a/targets/support/livecdfs-update.sh +++ b/targets/support/livecdfs-update.sh @@ -7,7 +7,8 @@ source /tmp/chroot-functions.sh # Allow root logins to our CD by default if [ -e /etc/ssh/sshd_config ] then - sed -i 's:^#PermitRootLogin\ yes:PermitRootLogin\ yes:' \ + sed -i \ + -e '/^#PermitRootLogin/c# Allow root login with password on livecds.\nPermitRootLogin Yes' \ /etc/ssh/sshd_config fi -- 2.37.4