vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ # Cheat sheet of commands for the User Space Class # YP Summit 2019, Lyon France export PS1="[\W]$ " #--- Slide 158 --- cd /scratch/poky source oe-init-build-env build-userspace bitbake-layers create-layer meta-activity3 bitbake-layers add-layer meta-activity3 cat conf/bblayers.conf #--- Slide 159 --- mkdir -p meta-activity3/recipes-core/images pushd meta-activity3/recipes-core/images vi core-image-activity3.bb (INSERT THE FOLLOWING CONTENT) vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv SUMMARY = "Activity 3 Test Image" DESCRIPTION = "Activity 3 Test Image for Yocto Project Summit" LICENSE = "MIT" IMAGE_INSTALL = "packagegroup-core-boot \ packagegroup-base-extended \ ${CORE_IMAGE_EXTRA_INSTALL} \ " inherit core-image ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ bitbake core-image-activity3 # ~40 seconds runqemu qemux86-64 nographic (after boot, close QEMU with CTRL-A,X typed quickly) #--- Slide 161 --- vi core-image-activity3.bb (APPEND THE FOLLOWING CONTENT) vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv inherit extrausers ROOT_PASSWORD = "secret" DEV_PASSWORD = "hackme" EXTRA_USERS_PARAMS = " \ groupadd developers; \ useradd -p `openssl passwd ${DEV_PASSWORD}` developer; \ useradd -g developers developer; \ usermod -p `openssl passwd ${ROOT_PASSWORD}` root; \ " ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ bitbake core-image-activity3 runqemu qemux86-64 nographic (login with "root,secret", or "developer,hackme") (after login, exit QEMU) #--- Slide 163 --- vi user-setup.inc vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv # Image post-processing to setup user accounts inherit extrausers # Space-delimited list of user:password: tuples NEWUSERS ??= "" # root password ROOT_PASSWORD ??= "" python () { params = "" # add new users newusers = (d.getVar("NEWUSERS", True) or "").split() if newusers: for user in newusers: name,password,groups = user.split(":") for group in groups.split(","): params += "groupadd -f " + group + "; " params += "useradd -p `openssl passwd " + password + "` " if groups: params += "-G " + groups + " " params += name + "; " # modify root password rootpw = d.getVar("ROOT_PASSWORD", True) or "" if rootpw: params += "usermod -p `openssl passwd " + rootpw + "` root; " d.setVar("EXTRA_USERS_PARAMS", params) } ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ #--- Slide 164 --- vi core-image-activity3.bb vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv SUMMARY = "Activity 3 Test Image" DESCRIPTION = "Activity 3 Test Image for Yocto Project Summit" LICENSE = "MIT" IMAGE_INSTALL = "packagegroup-core-boot \ packagegroup-base-extended \ ${CORE_IMAGE_EXTRA_INSTALL} \ " inherit core-image require user-setup.inc ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ vi /scratch/poky/build-userspace/conf/local.conf (NOTE: the class image already happens has this text added) vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv # Users to be added: space-delimited list of name:password:groups tuples. # groups is comma-delimited list of additional group names NEWUSERS = "developer:my_hackme:developers" # Root User Password ROOT_PASSWORD = "my_secret" ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ bitbake core-image-activity3 runqemu qemux86-64 nographic (login with "root,secret", or "developer,hackme") (after login, exit QEMU) #--- Slide 167 --- vi core-image-activity3.bb vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv SUMMARY = "Activity 3 Test Image" DESCRIPTION = "Activity 3 Test Image for Yocto Project Summit" LICENSE = "MIT" IMAGE_INSTALL = "packagegroup-core-boot \ packagegroup-base-extended \ ${CORE_IMAGE_EXTRA_INSTALL} \ " inherit core-image modify_shells() { printf "# /etc/shells: valid login shells\n/bin/sh\n/bin/bash\n" \ > ${IMAGE_ROOTFS}/etc/shells } ROOTFS_POSTPROCESS_COMMAND += "modify_shells;" ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ bitbake core-image-activity3 runqemu qemux86-64 nographic cat /etc/shells #--- Slide 168 --- (note: no such file yet) ls /scratch/poky/build-userspace/tmp/work/qemux86_64-poky-linux/core-image-activity3/1.0-r0/rootfs/etc/sudoers vi core-image-activity3.bb vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv SUMMARY = "Activity 3 Test Image" DESCRIPTION = "Activity 3 Test Image for Yocto Project Summit" LICENSE = "MIT" IMAGE_INSTALL = "packagegroup-core-boot \ packagegroup-base-extended \ ${CORE_IMAGE_EXTRA_INSTALL} \ sudo \ " inherit core-image modify_sudoers() { sed 's/# %sudo/%sudo/' < ${IMAGE_ROOTFS}/etc/sudoers > \ ${IMAGE_ROOTFS}/etc/sudoers.tmp mv ${IMAGE_ROOTFS}/etc/sudoers.tmp ${IMAGE_ROOTFS}/etc/sudoers } ROOTFS_POSTPROCESS_COMMAND += "modify_sudoers;" ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ! (or use this line instead to see custom text) ! vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv ! sed 's/# %sudo/#FOO\n%sudo/' < ${IMAGE_ROOTFS}/etc/sudoers > \ ! ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ bitbake core-image-activity3 ls /scratch/poky/build-userspace/tmp/work/qemux86_64-poky-linux/core-image-activity3/1.0-r0/rootfs/etc/sudoers ! grep -A 1 FOO /scratch/poky/build-userspace/tmp/work/qemux86_64-poky-linux/core-image-activity3/1.0-r0/rootfs/etc/sudoers (no reason to launch QEMU) #runqemu qemux86-64 nographic #--- Slide 169 --- vi core-image-activity3.bb (append this content) vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv # Image post-processing to configure sshd # Setup ssh key login for these users SSH_USERS ??= "" configure_sshd() { # disallow password authentication echo "PasswordAuthentication no" >> ${IMAGE_ROOTFS}/etc/ssh/sshd_config # keys will be stored tmp/deploy/keys mkdir -p ${DEPLOY_DIR}/keys # create the keys for the users for user in ${SSH_USERS}; do if [ ! -f ${DEPLOY_DIR}/keys/${user}-sshkey ]; then /usr/bin/ssh-keygen -t rsa -N '' \ -f ${DEPLOY_DIR}/keys/${user}-sshkey fi # add public key to authorized_keys for the user mkdir -p ${IMAGE_ROOTFS}/home/${user}/.ssh cat ${DEPLOY_DIR}/keys/${user}-sshkey.pub \ >> ${IMAGE_ROOTFS}/home/${user}/.ssh/authorized_keys done } ROOTFS_POSTPROCESS_COMMAND += "configure_sshd;" ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ bitbake core-image-activity3 runqemu qemux86-64 nographic (in a new ssh shell to your build system) ssh -i \ /scratch/poky/build-userspace/tmp/deploy/keys/root-sshkey root@192.168.7.2 (keep this shell open for the next step) #--- Slide 170 --- vi sshd-setup.inc vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv # Image post-processing to configure sshd # Setup ssh key login for these users SSH_USERS ??= "" configure_sshd() { # disallow password authentication echo "PasswordAuthentication no" >> ${IMAGE_ROOTFS}/etc/ssh/sshd_config # keys will be stored tmp/deploy/keys mkdir -p ${DEPLOY_DIR}/keys # create the keys for the users for user in ${SSH_USERS}; do if [ ! -f ${DEPLOY_DIR}/keys/${user}-sshkey ]; then /usr/bin/ssh-keygen -t rsa -N '' \ -f ${DEPLOY_DIR}/keys/${user}-sshkey fi # add public key to authorized_keys for the user mkdir -p ${IMAGE_ROOTFS}/home/${user}/.ssh cat ${DEPLOY_DIR}/keys/${user}-sshkey.pub \ >> ${IMAGE_ROOTFS}/home/${user}/.ssh/authorized_keys done } ROOTFS_POSTPROCESS_COMMAND += "configure_sshd;" ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ #--- Slide 171 --- vi core-image-activity3.bb vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv SUMMARY = "Activity 3 Test Image" DESCRIPTION = "Activity 3 Test Image for Yocto Project Summit " LICENSE = "MIT" IMAGE_INSTALL = "packagegroup-core-boot \ packagegroup-base-extended \ ${CORE_IMAGE_EXTRA_INSTALL} \ " inherit core-image require sshd-setup.inc ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ vi /scratch/poky/build-userspace/conf/local.conf vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv # Users for whom to create ssh login with key SSH_USERS = "root developer" ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ bitbake core-image-activity3 runqemu qemux86-64 nographic (in a new ssh shell to your build system like above) ssh -i \ /scratch/poky/build-userspace/tmp/deploy/keys/developer-sshkey \ developer@192.168.7.2 End of Class Thank you!