[elbe-devel] [PATCH 2/2] Document mkpasswd call

Bastian Germann bage at linutronix.de
Thu Jun 30 12:27:51 CEST 2022


If one wants to get around relying on the crypt call done by elbe
preprocess mkpasswd comes in handy. Document an example call and recommend
the whois package in the debianization.

Signed-off-by: Bastian Germann <bage at linutronix.de>
---
 debian/control    | 5 ++++-
 schema/dbsfed.xsd | 7 ++++++-
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/debian/control b/debian/control
index 09f19a8191..64025aa42d 100644
--- a/debian/control
+++ b/debian/control
@@ -92,7 +92,10 @@ Depends: ${misc:Depends},
   p7zip-full,
   make,
   lsb-release
-Recommends: elbe-doc (= ${binary:Version}), python3-elbe-debianize, haveged
+Recommends: elbe-doc (= ${binary:Version}),
+ python3-elbe-debianize,
+ haveged,
+ whois
 Description: Embedded Linux Build Environment
  A flexible Root Filesystem builder. ELBE uses Debian packages to build a RFS
  for (embedded) targets. A target is described with a single XML file. Besides
diff --git a/schema/dbsfed.xsd b/schema/dbsfed.xsd
index b2732539e3..b80f8fe02d 100644
--- a/schema/dbsfed.xsd
+++ b/schema/dbsfed.xsd
@@ -985,7 +985,12 @@
       <element name="passwd_hashed" type="rfs:string" minOccurs="1" maxOccurs="1">
         <annotation>
           <documentation>
-            hashed root password
+            Hashed root password. The method must be supported by the target system.
+            The default method since bullseye is yescrypt.
+            elbe preprocess generates one from cleartext password with sha512crypt
+            for compatibility reasons.
+            You can generate a crypt hash via mkpasswd from whois package, e.g.:
+            mkpasswd --method=sha512crypt --rounds=656000
           </documentation>
         </annotation>
       </element>
-- 
2.30.2



More information about the elbe-devel mailing list