How to set up a login prompt with uClinux
Success! Subscription added.
Success! Subscription removed.
Sorry, you must verify to complete this action. Please click the verification link in your email. You may re-send via your profile.
- Intel Community
- Intel Community Knowledge Base
- Product Support Forums Knowledge Base
- FPGA Knowledge Base
- FPGA Wiki
- How to set up a login prompt with uClinux
How to set up a login prompt with uClinux
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
How to set up a login prompt with uClinux
With the default build options of uClinux for nios2 the system boots directly to shell (sash) as root with no login prompt. While this is not an issue if you don't need a system console it may be a major security problem if you plan to, in example, set up a console in a serial port for maintenance purposes. In this case anyone could log on to your system freely and do anything he wants.
This situation can be avoided with some simple changes to the kernel configuration.
Adding applications
Basically you need to add three applications to busybox: login, getty and passwd. Optionaly you may not add passwd that is only needed to change the passwords once the system is running, what is not likely and you can save the space. To add these apps do the following
In your uClinux-dist enter kernel configuration
make menuconfig
Select Customize Vendor/User Settings
Kernel/Library/Defaults Selection --->
(linux-2.6.x) Kernel Version
(None) Libc Version
[] Default all settings (lose changes)
[ ] Customize Kernel Settings
[ *] Customize Vendor/User Settings
[ ] Update Default Vendor Settings
Select <Exit>, <Exit> and <Yes>
When the user applications menu appears.
Busybox -->
Login/Password Management Utilities -->
[*] Use internal DES and MD5 crypt functions
[*] getty
[*] login
[*] passwd
Core Applications --->
[*] init
[ ] enable console shell <== unselect this
[ ] execute firewall rules
[ ] process init.conf
(Sash) Shell Program
Then <Exit>, <Exit> and <Yes>
Rebuild the kernel (Just to make sure your init is re-built, Thanks Hippo.)
make user/init_clean
make
Modifying config files
Once you've compiled the kernel you need to modify the
/etc/inittab
to setup agetty, and
/etc/passwd
to setup a root password. The following example uses the JTAG UART but you can specify whatever device you want.
From your uClinux-dist directory enter romfs/etc and edit inittab. inittab is empty by default, just add the following line.
ttyJ0:vt100:/sbin/getty 115200 ttyJ0
(Replace ttyJ0 for the device of your choice i.e: ttyS0)
Now you need to setup a password for root.
Method 1, for Suse
To generate a encrypted password use mkpasswd on your host system.
If you cannot find this command, please install "whois" package, which contains the "mkpasswd" command.
mkpasswd uClinux -H md5 uClinux is the password
$1$TQHH7TPp$EO30ubQdjCewHPj.oWMtZ.
Edit the passwd file. It should look like this
root:x:0:0:root:/:/bin/sh
ftp:x:14:50:FTP User:/home/ftp
Replace the x in the root entry for the password generated by mkpasswd and save.
root:$1$TQHH7TPp$EO30ubQdjCewHPj.oWMtZ.:0:0:root:/:/bin/sh
ftp:x:14:50:FTP User:/home/ftp
regenerate the system image.
make image
and you're done.
Method 2, for Fedora and others that don't have mkpasswd to encrypt password
Change passwd file, remove the 'x' for root entry
root::0:0:root:/:/bin/sh
ftp:x:14:50:FTP User:/home/ftp
Boot nios2 uClinux, login as root without password needed. Then run "passwd," enter your new password. Now you can save the content of /etc/passwd
on your nios2 uClinux.
WARNING: Changes made in files located in uClinux-dist/romfs/etc are not permanent. If you rebuild the kernel or romfs they are lost. If you want to make this changes permanent you should change the inittab and passwd files located at uClinux-dist/vendors/Altera/nios2
Community support is provided during standard business hours (Monday to Friday 7AM - 5PM PST). Other contact methods are available here.
Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.
For more complete information about compiler optimizations, see our Optimization Notice.