mirror of
https://github.com/openwrt/openwrt.git
synced 2025-01-01 11:36:49 +00:00
6c1542787d
Now that we know that the password is in /etc/shadow and not in
/etc/passwd, we can properly fix the logic for the empty password check.
Only 'root::' is an empty password, 'root❌' and 'root:!:' allow no
password login at all.
This fixes the empty password warning still showing after the root password
has been locked using 'passwd -l root' (e.g. to allow public-key auth
only).
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
44 lines
1.2 KiB
Bash
44 lines
1.2 KiB
Bash
#!/bin/sh
|
|
[ -f /etc/banner ] && cat /etc/banner
|
|
[ -e /tmp/.failsafe ] && cat /etc/banner.failsafe
|
|
fgrep -sq '/ overlay ro,' /proc/mounts && {
|
|
echo 'Your JFFS2-partition seems full and overlayfs is mounted read-only.'
|
|
echo 'Please try to remove files from /overlay/upper/... and reboot!'
|
|
}
|
|
|
|
export PATH="%PATH%"
|
|
export HOME=$(grep -e "^${USER:-root}:" /etc/passwd | cut -d ":" -f 6)
|
|
export HOME=${HOME:-/root}
|
|
export PS1='\u@\h:\w\$ '
|
|
|
|
[ "$TERM" = "xterm" ] && export PS1='\[\e]0;\u@\h: \w\a\]'$PS1
|
|
|
|
[ -x /bin/more ] || alias more=less
|
|
[ -x /usr/bin/vim ] && alias vi=vim || alias vim=vi
|
|
|
|
alias ll='ls -alF --color=auto'
|
|
|
|
[ -z "$KSH_VERSION" -o \! -s /etc/mkshrc ] || . /etc/mkshrc
|
|
|
|
[ -x /usr/bin/arp ] || arp() { cat /proc/net/arp; }
|
|
[ -x /usr/bin/ldd ] || ldd() { LD_TRACE_LOADED_OBJECTS=1 $*; }
|
|
|
|
[ -n "$FAILSAFE" ] || {
|
|
for FILE in /etc/profile.d/*.sh; do
|
|
[ -e "$FILE" ] && . "$FILE"
|
|
done
|
|
unset FILE
|
|
}
|
|
|
|
if ( grep -qs '^root::' /etc/shadow && \
|
|
[ -z "$FAILSAFE" ] )
|
|
then
|
|
cat << EOF
|
|
=== WARNING! =====================================
|
|
There is no root password defined on this device!
|
|
Use the "passwd" command to set up a new password
|
|
in order to prevent unauthorized SSH logins.
|
|
--------------------------------------------------
|
|
EOF
|
|
fi
|