[lxc-devel] FW: [PATCH] Add Dropbear SSH support for lxc-busybox template

Stéphane Graber stgraber at ubuntu.com
Mon Jan 14 14:37:05 UTC 2013 

Forwarding this from Bogdan as for some weird reason his e-mails are put
in the mailing-list moderation queue (even though he's subscribed).

Personally I think this change is good and would make the busybox
template behave similarly than the others where SSH is usually
automatically enabled.

But I'm not actually using that template so I'd prefer if someone
actually using it could give their opinion on whether they're fine with
this behaviour by default or would rather have it moved behind a command
line option to the template.

-----Original Message-----
From: Purcareata Bogdan-B43198 Sent: Monday, January 14, 2013 11:51 AM
To: 'lxc-users at lists.sourceforge.net'
Subject: FW: [PATCH] Add Dropbear SSH support for lxc-busybox template

Hello,

I've sent this patch to lxc-devel and received a notification of pending
for approval from a maintainer. Since I didn't receive any answer yet, I
was not sure it was the right place.

Bogdan P.


-----Original Message-----
From: Purcareata Bogdan-B43198 Sent: Thursday, January 10, 2013 2:23 PM
To: 'lxc-devel at lists.sourceforge.net'
Subject: [PATCH] Add Dropbear SSH support for lxc-busybox template

Dropbear implements lightweight SSH2 server and client functionality and
is likely to be included in embedded Linux distros.

Patch is done against staging branch.

Bogdan P.

diff --git a/templates/lxc-busybox.in b/templates/lxc-busybox.in index
f2751d8..014aac4 100644
--- a/templates/lxc-busybox.in
+++ b/templates/lxc-busybox.in
@@ -33,7 +33,9 @@ $rootfs/root \
 $rootfs/etc \
 $rootfs/etc/init.d \
 $rootfs/bin \
+$rootfs/usr/bin \
 $rootfs/sbin \
+$rootfs/usr/sbin \
 $rootfs/proc \
 $rootfs/mnt \
 $rootfs/tmp \
@@ -63,6 +65,8 @@ $rootfs/usr/lib64"
     chmod 600 ram0        || res=1
     mknod null c 1 3      || res=1
     chmod 666 null        || res=1
+    mknod urandom c 1 9   || res=1
+    chmod 666 urandom     || res=1

     popd > /dev/null

@@ -188,6 +192,36 @@ configure_busybox()
     echo "setting root passwd to root"
     echo "root:root" | chroot $rootfs chpasswd

+
+    # add ssh functionality if dropbear package available on host
+    type dropbear >/dev/null
+    if [ $? -eq 0 ]; then
+        # copy dropbear binary
+        cp $(which dropbear) $rootfs/usr/sbin
+        if [ $? -ne 0 ]; then
+            echo "Failed to copy dropbear in the rootfs"
+            return 1
+        fi
+
+        # make symlinks to various ssh utilities
+        utils="\
+            $rootfs/usr/bin/dbclient \
+            $rootfs/usr/bin/scp \
+            $rootfs/usr/bin/ssh \
+            $rootfs/usr/sbin/dropbearkey \
+            $rootfs/usr/sbin/dropbearconvert \
+        "
+        echo $utils | xargs -n1 ln -s /usr/sbin/dropbear
+
+        # add necessary config files
+        mkdir $rootfs/etc/dropbear
+        dropbearkey -t rsa -f
$rootfs/etc/dropbear/dropbear_rsa_host_key &> /dev/null
+        dropbearkey -t dss -f +
$rootfs/etc/dropbear/dropbear_dss_host_key &> /dev/null
+
+        echo "'dropbear' ssh utility installed"
+    fi
+
     return 0
 }


-- 
Stéphane Graber
Ubuntu developer
http://www.ubuntu.com

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 901 bytes
Desc: OpenPGP digital signature
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20130114/7a1bba9a/attachment.pgp>

More information about the lxc-devel mailing list