[yocto] Fwd: OpenSSH pre login banner

Amit Tomer amittomer25 at gmail.com
Thu Oct 3 07:41:20 PDT 2013 

Fine Bryan,Thanks for your Suggestion

Not sure should I Share it with you or not but I have seen very weird
behaviour on my Targer board regarding Openssh Banner.

When I login to my Hardware Board(after freash boot) and do ssh
some_ip_address ,I am able to see Banner message
But in /etc/ssh/sshd_config file

#Banner is set to nothing

Then when I do ssh some_ip_address again ,I could not see any banner as it
is expected behaviour.

Hope you would provide any pointer on the same .

Thanks
Amit





On Thu, Oct 3, 2013 at 7:40 PM, Bryan Evenson <bevenson at melinkcorp.com>wrote:

> Amit,****
>
> ** **
>
> Good to hear you got your recipe in order.  Best way to learn more about
> the Yocto Project and the Poky distribution is through watching this
> mailing list and the Poky mailing list (poky at yoctoproject.org) to see how
> other people solve their problems they come across.  And, by reading the
> documentation over at http://www.yoctoproject.org/documentation/current/.*
> ***
>
> ** **
>
> -Bryan ****
>
> ** **
>
> *From:* Amit Tomer [mailto:amittomer25 at gmail.com]
> *Sent:* Thursday, October 03, 2013 10:03 AM
>
> *To:* Bryan Evenson
> *Cc:* yocto at yoctoproject.org
> *Subject:* Re: [yocto] Fwd: OpenSSH pre login banner****
>
> ** **
>
> Thanks again Bryan for your kind response ****
>
> ** **
>
> The reason for having the PRINC ="4" is becaue when I started modifying
> this already existing file****
>
> value of PRINC is set 3 ,so for my changes I Incremented it to One.****
>
> ** **
>
> Change****
>
> SRC_URI = “file://banner”****
>
> To****
>
> SRC_URI += “file://banner“****
>
> ** **
>
> I am really feeling bit stupid here ,I just in hurry forgot to put + sign*
> ***
>
> Though I learned a new point ****
>
> ** **
>
> "With your line, you are overriding all the SRC_URI for the entire openssh
> recipe and the openssh recipe will only include the banner file ".****
>
> ** **
>
> Change****
>
> FILESEXTRAPATHS_prepend := "${THISDIR}/openssh-6.1p1:"****
>
> to****
>
> FILESEXTRAPATHS_prepend := "${THISDIR}:"****
>
>  ****
>
> We already had openssh-6.1p1 folder where our sshd_config file is placed
> ,So I guess it won't harm****
>
> much if I put FILESEXTRAPATHS_prepend := "${THISDIR}/openssh-6.1p1:" with
> banner file in openssh-6.1p1 folder****
>
> ** **
>
> One more point wanted from your end,what is best way to learn Yocto****
>
> How can improve my knowledge in Yocto?****
>
> ** **
>
> Thanks ****
>
> Amit.****
>
> ** **
>
> ** **
>
> ** **
>
> ** **
>
> On Thu, Oct 3, 2013 at 7:05 PM, Bryan Evenson <bevenson at melinkcorp.com>
> wrote:****
>
> Amit,****
>
>  ****
>
> First, I suggest you change****
>
> PRINC = “4”****
>
> to****
>
> PRINC := "${@int(PRINC) + 1}"****
>
>  ****
>
> This way your bbappend will always increment the PR to one more than the
> PR called out by the main recipe.  So if the openssh recipe would get
> updated and increment the PR, you do not have to change your bbappend.****
>
>  ****
>
> Change****
>
> SRC_URI = “file://banner”****
>
> To****
>
> SRC_URI += “file://banner“****
>
>  ****
>
> The += appends your banner file to the SRC_URI for the openssh recipe.
> With your line, you are overriding all the SRC_URI for the entire openssh
> recipe and the openssh recipe will only include the banner file.  I’ve
> taken to the habit of writing the SRC_URI as follows:****
>
>  ****
>
> SRC_URI += “ \****
>
> file://banner \****
>
> “****
>
> just to ensure that words aren’t joined together when my SRC_URI is
> appended to the existing one.  I don’t know if this is strictly necessary,
> but it’s not a bad habit.****
>
>  ****
>
> Change****
>
> FILESEXTRAPATHS_prepend := "${THISDIR}/openssh-6.1p1:"****
>
> to****
>
> FILESEXTRAPATHS_prepend := "${THISDIR}:"****
>
>  ****
>
> so Bitbake can find your banner file and sshd_config that you have in the
> same directory as the bbappend.****
>
>  ****
>
> I can’t remember if you get a warning if Bitbake can’t find the license
> file at all or if it fails on each attempt through the filepath.  Since
> your new path is first, it won’t find LICENCE in your layer since you
> didn’t copy it.  Once way to quiet this warning would be to copy the
> license file to your directory.****
>
>  ****
>
> -Bryan****
>
>  ****
>
> *From:* Amit Tomer [mailto:amittomer25 at gmail.com]
> *Sent:* Thursday, October 03, 2013 8:23 AM
> *To:* Bryan Evenson
> *Cc:* yocto at yoctoproject.org
> *Subject:* Re: [yocto] Fwd: OpenSSH pre login banner****
>
>  ****
>
> Hi Brayan****
>
>  ****
>
> Thanks for your help****
>
>  ****
>
> The way I modify .bbapend file is below****
>
>  ****
>
> PRINC = "4"****
>
> SRC_URI = "file://banner"****
>
> FILESEXTRAPATHS_prepend := "${THISDIR}/openssh-6.1p1:"****
>
> do_install_append() {****
>
>  ****
>
> Install -m 755 ${WORKDIR}/banner ${D}${sysconfdir}/ssh****
>
> }****
>
>  ****
>
>  ****
>
>  ****
>
> But it gives me ****
>
>  ****
>
> Below problem****
>
>  ****
>
> WARNING:
> /tmp/work/cortexa15hf-vfp-neon-poky-linux-gnueabi/openssh/6.1p1-r3/openssh-6.1p1/LICENCE
> could not be copied for some reason. It may not exist. WARN for now.****
>
>  ****
>
> And my build process is really got slow and sometimes I am getting the
> error also****
>
>  ****
>
> What could be the reason for above??****
>
>  ****
>
>  ****
>
>  ****
>
>  ****
>
>  ****
>
>  ****
>
> On Thu, Oct 3, 2013 at 5:49 PM, Bryan Evenson <bevenson at melinkcorp.com>
> wrote:****
>
> Amit,****
>
>  ****
>
> From your message, I’m assuming you have a bbappend file for openssh.
> Following the example in section of 5.1.4 of the Mega Manual (located at
> http://www.yoctoproject.org/docs/current/mega-manual/mega-manual.html#using-bbappend-files)
> and from personal experience, put the following in your bbappend file:****
>
>  ****
>
> FILESEXTRAPATHS_prepend := " ${THISDIR}: "****
>
> SRC_URI += “ file://banner ”****
>
> FILES_${PN} += “ /etc/ssh/banner ”****
>
>  ****
>
> do_install_append() {****
>
>                 install –d ${D}${sysconfdir}/ssh****
>
>                 install –m 0644 ${WORKDIR}/banner
> ${D}${sysconfdir/ssh/banner****
>
> }****
>
> PRINC := "${@int(PRINC) + 1}"****
>
>  ****
>
> then place your banner file and sshd_config in the same directory as your
> bbappend.  When openssh gets built, Bitbake will find your sshd_config
> first and use and install that file instead of the one from the main
> layer.  The recipe also tells it how to handle the new banner file that is
> not part of the original recipe; you do not need to put these rules in
> place for sshd_config because that is already part of the original recipe.
> Then in the future every time you make a change to the openssh package in
> your layer, increment the PRINC so your package management tools will see
> it as an upgrade.  For example, if you change the contents of the banner
> file, then change the “+ 1” to “+ 2”.****
>
>  ****
>
> -Bryan****
>
>  ****
>
> *From:* yocto-bounces at yoctoproject.org [mailto:
> yocto-bounces at yoctoproject.org] *On Behalf Of *Amit Tomer
> *Sent:* Thursday, October 03, 2013 7:05 AM
> *To:* yocto at yoctoproject.org
> *Subject:* [yocto] Fwd: OpenSSH pre login banner****
>
>  ****
>
>  ****
>
> ---------- Forwarded message ----------
> From: *Amit Tomer* <amittomer25 at gmail.com>
> Date: Thu, Oct 3, 2013 at 1:50 PM
> Subject: OpenSSH pre login banner
> To: "yocto-request at yoctoproject.org" <yocto-request at yoctoproject.org>****
>
> I am new to OpenEmbedded Yocto and have a requirement where OpenSSH pre
> login banner****
>
> should come when do ssh from target board****
>
>  ****
>
> Now I know I have to create a simple .txt file(banner) and put my banner
> in to it and add the following to sshd_config****
>
>  ****
>
> Banner /etc/ssh/banner ****
>
>  ****
>
> But now  wanted to know where should I keep my banner file in yocto so
> that Yocto build infrastructure will pack banner file  to /etc/ssh/banner
> into final image.****
>
>  ****
>
> I do have receipes for openssh in meta-xyz/recipes-connectivity/openssh
>  folder****
>
>  ****
>
> Thanks ****
>
> Amit ****
>
>  ****
>
>  ****
>
>  ****
>
>  ****
>
>  ****
>
> ** **
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.yoctoproject.org/pipermail/yocto/attachments/20131003/50a7c89c/attachment.html>

More information about the yocto mailing list