[OE-core] [PATCH 4/4] dropbear: fix key generation when systemd is in use and rootfs is readonly

Alexander Kanavin alexander.kanavin at linux.intel.com
Wed Sep 30 12:53:18 UTC 2015 

Signed-off-by: Alexander Kanavin <alexander.kanavin at linux.intel.com>
---
 meta/recipes-core/dropbear/dropbear/dropbear at .service   | 3 ++-
 meta/recipes-core/dropbear/dropbear/dropbearkey.service | 9 +++++++--
 2 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/meta/recipes-core/dropbear/dropbear/dropbear at .service b/meta/recipes-core/dropbear/dropbear/dropbear at .service
index 6fe9942..b420bcd 100644
--- a/meta/recipes-core/dropbear/dropbear/dropbear at .service
+++ b/meta/recipes-core/dropbear/dropbear/dropbear at .service
@@ -4,8 +4,9 @@ Wants=dropbearkey.service
 After=syslog.target dropbearkey.service
 
 [Service]
+Environment="DROPBEAR_RSAKEY_DIR=/etc/dropbear"
 EnvironmentFile=-/etc/default/dropbear
-ExecStart=- at SBINDIR@/dropbear -i -r /etc/dropbear/dropbear_rsa_host_key $DROPBEAR_EXTRA_ARGS
+ExecStart=- at SBINDIR@/dropbear -i -r ${DROPBEAR_RSAKEY_DIR}/dropbear_rsa_host_key $DROPBEAR_EXTRA_ARGS
 ExecReload=@BASE_BINDIR@/kill -HUP $MAINPID
 StandardInput=socket
 KillMode=process
diff --git a/meta/recipes-core/dropbear/dropbear/dropbearkey.service b/meta/recipes-core/dropbear/dropbear/dropbearkey.service
index ccc21d5..c49053d 100644
--- a/meta/recipes-core/dropbear/dropbear/dropbearkey.service
+++ b/meta/recipes-core/dropbear/dropbear/dropbearkey.service
@@ -1,8 +1,13 @@
 [Unit]
 Description=SSH Key Generation
-ConditionPathExists=|!/etc/dropbear/dropbear_rsa_host_key
+RequiresMountsFor=/var /var/lib
+ConditionPathExists=!/etc/dropbear/dropbear_rsa_host_key
+ConditionPathExists=!/var/lib/dropbear/dropbear_rsa_host_key
 
 [Service]
+Environment="DROPBEAR_RSAKEY_DIR=/etc/dropbear"
+EnvironmentFile=-/etc/default/dropbear
 Type=oneshot
-ExecStart=@SBINDIR@/dropbearkey -t rsa -f /etc/dropbear/dropbear_rsa_host_key
+ExecStart=@BASE_BINDIR@/mkdir -p ${DROPBEAR_RSAKEY_DIR}
+ExecStart=@SBINDIR@/dropbearkey -t rsa -f ${DROPBEAR_RSAKEY_DIR}/dropbear_rsa_host_key
 RemainAfterExit=yes
-- 
2.1.4

More information about the Openembedded-core mailing list