Adding ps3 target specific /bin/login script.

For security reasons, allow telnet login only if the user explicitly sets a flag in the ps3 flash db to enable telnet login from the host console.


git-svn-id: svn://svn.openwrt.org/openwrt/trunk@11360 3c298f89-4303-0410-b956-a3cf2f4a3e73

1 files changed, 47 insertions, 0 deletions

diff --git a/target/linux/ps3/base-files/bin/login b/target/linux/ps3/base-files/bin/login
new file mode 100644
index 000000000..98fcbf005
--- /dev/null
+++ b/target/linux/ps3/base-files/bin/login
@@ -0,0 +1,47 @@
+#!/bin/sh
+# Copyright (C) 2008 OpenWrt.org
+
+ps3_db_bin=/usr/sbin/ps3-flash-util
+ps3_db_owner_petitboot=3
+ps3_db_key_telnet=3
+
+if [ ! -f $ps3_db_bin ] ||
+   [ ! `$ps3_db_bin -P $ps3_db_owner_petitboot $ps3_db_key_telnet` ] ||
+   [ `$ps3_db_bin -P $ps3_db_owner_petitboot $ps3_db_key_telnet` = 0 ]; then
+    echo \
+"
+ === IMPORTANT ==========================
+  Telnet login is disabled for security
+  reasons. Enabling telnet login on the
+  host will allow any user connected to
+  the same network to login to the host.
+
+  You can enable telnet login with the
+  following command in the host console:
+
+  # $ps3_db_bin -H $ps3_db_owner_petitboot $ps3_db_key_telnet 1
+
+  You can disable telnet login with the
+  following command in the host console:
+
+  # $ps3_db_bin -H $ps3_db_owner_petitboot $ps3_db_key_telnet 0
+ ----------------------------------------
+"
+    exit 0
+fi
+
+grep '^root:[^!]' /etc/passwd >&- 2>&-
+[ "$?" = "0" -a -z "$FAILSAFE" ]  &&
+{
+    echo "Login failed."
+    exit 0
+} || {
+cat << EOF
+ === IMPORTANT ============================
+  Use 'passwd' to set your login password
+  this will disable telnet and enable SSH
+ ------------------------------------------
+EOF
+}
+
+exec /bin/ash --login