core-image: allow root login when debug-tweaks is enabled

This allows root to login over ssh with an empty password just like
dropbear when the debug-tweaks are enabled, it's important to disable
debug-tweaks for a production system as this will leave open a security
hole!

Thanks to Marc for the settings.
Cc: Marc Ferland <marc.ferland@gmail.com>
[Yocto #3078]

(From OE-Core rev: 13e6aa8bba6ab1ebba1efa23f94af379a8fcb6a9)

Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

diff --git a/meta/classes/image.bbclass b/meta/classes/image.bbclass
index 2e95556..9af67e7 100644 (file)
--- a/meta/classes/image.bbclass
+++ b/meta/classes/image.bbclass
@@ -369,6 +369,7 @@ zap_root_password () {
 # allow openssh accept login with empty password string
 openssh_allow_empty_password () {
        if [ -e ${IMAGE_ROOTFS}${sysconfdir}/ssh/sshd_config ]; then
+               sed -i 's#.*PermitRootLogin.*#PermitRootLogin yes#' ${IMAGE_ROOTFS}${sysconfdir}/ssh/sshd_config
                sed -i 's#.*PermitEmptyPasswords.*#PermitEmptyPasswords yes#' ${IMAGE_ROOTFS}${sysconfdir}/ssh/sshd_config
        fi
 }