buildroot/system/device_table.txt
Yann E. MORIN 2f2bf6a800 system/permissions: make /root group+others non-writable
Upon logging, dropbear whines if /root is group- or others-writable, and
key-based authentication is attempted, reverting to password-based
authentication:
    dropbear[149]: /root must be owned by user or root, and not writable by others
    dropbear[149]: Password auth succeeded for 'root' from 192.168.127.35:41566

On my system, /root was 770. Changing to 700 fixed the issue.

Having /root 700 is a good idea, anyway.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Acked-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2013-06-23 21:51:57 +02:00

25 lines
1.0 KiB
Plaintext

# See package/makedevs/README for details
#
# This device table is used to assign proper ownership and permissions
# on various files. It doesn't create any device file, as it is used
# in both static device configurations (where /dev/ is static) and in
# dynamic configurations (where devtmpfs, mdev or udev are used).
#
# <name> <type> <mode> <uid> <gid> <major> <minor> <start> <inc> <count>
/dev d 755 0 0 - - - - -
/tmp d 1777 0 0 - - - - -
/etc d 755 0 0 - - - - -
/root d 700 0 0 - - - - -
/home/default d 755 1000 1000 - - - - -
/var/www d 755 33 33 - - - - -
/etc/shadow f 600 0 0 - - - - -
/etc/passwd f 644 0 0 - - - - -
/etc/network/if-up.d d 755 0 0 - - - - -
/etc/network/if-pre-up.d d 755 0 0 - - - - -
/etc/network/if-post-up.d d 755 0 0 - - - - -
/etc/network/if-down.d d 755 0 0 - - - - -
/etc/network/if-pre-down.d d 755 0 0 - - - - -
/etc/network/if-post-down.d d 755 0 0 - - - - -
# uncomment this to allow starting x as non-root
#/usr/X11R6/bin/Xfbdev f 4755 0 0 - - - - -