[elbe-devel] [PATCH v3 6/7] init: Drop initvm-ssh-root-open-danger
Bastian Germann
bage at linutronix.de
Fri Mar 3 14:37:13 CET 2023
The file still references buster and is not really helpful, so drop it.
Represent the only difference to the default initvm in an example so
that the useful information is not forgotten and more visible for users.
Signed-off-by: Bastian Germann <bage at linutronix.de>
---
elbepack/init/initvm-ssh-root-open-danger.xml | 58 -------------------
examples/elbe-init-big-machine.xml | 4 ++
2 files changed, 4 insertions(+), 58 deletions(-)
delete mode 100644 elbepack/init/initvm-ssh-root-open-danger.xml
diff --git a/elbepack/init/initvm-ssh-root-open-danger.xml b/elbepack/init/initvm-ssh-root-open-danger.xml
deleted file mode 100644
index 1c59288ead..0000000000
--- a/elbepack/init/initvm-ssh-root-open-danger.xml
+++ /dev/null
@@ -1,58 +0,0 @@
-<ns0:RootFileSystem xmlns:ns0="https://www.linutronix.de/projects/Elbe" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" created="2009-05-20T08:50:56" revision="6" xsi:schemaLocation="https://www.linutronix.de/projects/Elbe dbsfed.xsd">
- <initvm>
- <buildtype>amd64</buildtype>
- <mirror>
- <primary_host>ftp.de.debian.org</primary_host>
- <primary_path>/debian</primary_path>
- <primary_proto>http</primary_proto>
- <url-list>
- <url>
- <binary>
- http://security.debian.org/debian-security buster/updates main
- </binary>
- <source>
- http://security.debian.org/debian-security buster/updates main
- </source>
- </url>
- <url>
- <binary>
- http://debian.linutronix.de/elbe buster main
- </binary>
- <source>
- http://debian.linutronix.de/elbe buster main
- </source>
- <key>
- http://debian.linutronix.de/elbe/elbe-repo.pub
- </key>
- </url>
- <url>
- <binary>
- http://debian.linutronix.de/elbe-common buster main
- </binary>
- <source>
- http://debian.linutronix.de/elbe-common buster main
- </source>
- <key>
- http://debian.linutronix.de/elbe-common/elbe-repo.pub
- </key>
- </url>
- </url-list>
- </mirror>
- <suite>buster</suite>
- <pkg-list>
- <pkg>openssh-server</pkg>
- <pkg>debootstrap</pkg>
- <pkg>pbuilder</pkg>
- </pkg-list>
- <preseed>
- <conf owner="pbuilder" key="pbuilder/mirrorsite" type="string" value="http://ftp.de.debian.org/debian"/>
- <!-- See https://bugs.debian.org/837733 for this counter-intuitive setting -->
- <conf owner="openssh-server" key="openssh-server/permit-root-login" type="boolean" value="false"/>
- </preseed>
- <size>80G</size>
- <swap-size>10GiB</swap-size>
- <img>qcow2</img>
- <portforwarding>
- </portforwarding>
- </initvm>
-</ns0:RootFileSystem>
diff --git a/examples/elbe-init-big-machine.xml b/examples/elbe-init-big-machine.xml
index 392588c39f..02076a9444 100644
--- a/examples/elbe-init-big-machine.xml
+++ b/examples/elbe-init-big-machine.xml
@@ -48,6 +48,10 @@ SPDX-FileCopyrightText: Linutronix GmbH
</pkg-list>
<preseed>
<conf owner="pbuilder" key="pbuilder/mirrorsite" type="string" value="http://ftp.de.debian.org/debian"/>
+
+ <!-- THIS CONF IS POTENTIALLY DANGEROUS! It enables logging in on the initvm's ssh as root with password.
+ See https://bugs.debian.org/837733 for this counter-intuitive setting -->
+ <conf owner="openssh-server" key="openssh-server/permit-root-login" type="boolean" value="false"/>
</preseed>
<size>80G</size>
<mem>2GiB</mem>
--
2.39.2
More information about the elbe-devel
mailing list