From: Konstantin Demin Date: Tue, 9 Jan 2024 00:40:01 +0000 (+0300) Subject: dropbear: adjust allowed shell list X-Git-Url: http://git.cdn.openwrt.org/?a=commitdiff_plain;h=88c8053d47fb5ecc53e46d8ba261df2932dd5649;p=openwrt%2Fstaging%2Flinusw.git dropbear: adjust allowed shell list this takes an effect only if getusershell(3) is missing Signed-off-by: Konstantin Demin --- diff --git a/package/network/services/dropbear/Makefile b/package/network/services/dropbear/Makefile index 77104431db..ef67371e1d 100644 --- a/package/network/services/dropbear/Makefile +++ b/package/network/services/dropbear/Makefile @@ -104,6 +104,8 @@ CONFIGURE_ARGS += \ # ############################################################################## +# adjust allowed shell list (if getusershell(3) is missing): +# - COMPAT_USER_SHELLS # remove protocol idented software version number: # - LOCAL_IDENT # disable legacy/unsafe methods and unused functionality: @@ -114,6 +116,7 @@ CONFIGURE_ARGS += \ # - DROPBEAR_SHA1_HMAC DB_OPT_COMMON = \ !!LOCAL_IDENT,"SSH-2.0-dropbear" \ + COMPAT_USER_SHELLS,"/bin/ash","/bin/sh" \ DEFAULT_PATH,"$(TARGET_INIT_PATH)" \ DEFAULT_ROOT_PATH,"$(TARGET_INIT_PATH)" \ DROPBEAR_DSS,0 \