HOW TO set up a login prompt (uClinux)
With the default build options of uClinux for nios2 the system boots directly to shell (sash) as root with no login prompt. While this is not an issue if you don't need a system console it may be a major security problem if you plan to, in example, set up a console in a serial port for maintenance purposes. In this case anyone could log on to your system freely and do anything he wants.
This situation can be avoided with some simple changes to the kernel configuration.
Adding applications
Basically you need to add three applications to busybox: login, getty and passwd. Optionaly you may not add passwd that is only needed to change the passwords once the system is running, what is not likely and you can save the space. To add these apps do the following
In your uClinux-dist enter kernel configuration
make menuconfigSelect Customize Vendor/User Settings
Kernel/Library/Defaults Selection --->(linux-2.6.x) Kernel Version (None) Libc Version
[] Default all settings (lose changes)
[ ] Customize Kernel Settings [ *] Customize Vendor/User Settings [ ] Update Default Vendor Settings Select <Exit>, <Exit> and <Yes>
When the user applications menu appears.
Busybox -->
Login/Password Management Utilities -->
[*] Use internal DES and MD5 crypt functions
[*] getty
[*] login
[*] passwd
Core Applications --->
[*] init
[ ] enable console shell <== unselect this
[ ] execute firewall rules
[ ] process init.conf
(Sash) Shell Program
Then <Exit>, <Exit> and <Yes>
Rebuild the kernel
make user/init_clean Just to make sure your init is re-built, Thanks Hippo.
make Modifying config files
Once you've compiled the kernel you need to modify the /etc/inittab to setup agetty, and /etc/passwd to setup a root password. The following example uses the JTAG UART but you can specify whatever device you want.
From your uClinux-dist directory enter romfs/etc and edit inittab. inittab is empty by default, just add the following line.
ttyJ0:vt100:/sbin/getty 115200 ttyJ0
(Replace ttyJ0 for the device of your choice i.e: ttyS0)
Now you need to setup a password for root.
Method 1, for Suse,
To generate a encrypted password use mkpasswd on your host system.
If you cannot find this command, please install "whois" package, which contains the "mkpasswd" command.
mkpasswd uClinux -H md5 uClinux is the password
$1$TQHH7TPp$EO30ubQdjCewHPj.oWMtZ.
Edit the passwd file. It should look like this
root:x:0:0:root:/:/bin/sh
ftp:x:14:50:FTP User:/home/ftp
Replace the x in the root entry for the password generated by mkpasswd and save.
root:$1$TQHH7TPp$EO30ubQdjCewHPj.oWMtZ.:0:0:root:/:/bin/sh
ftp:x:14:50:FTP User:/home/ftp
regenerate the system image.
make imageand you're done.
Method 2, for Fedora, and others that don't have mkpasswd to encrypt password.
Change passwd file, remove the 'x' for root entry
root
::0:0:root:/:/bin/sh
ftp:x:14:50:FTP User:/home/ftp
Boot nios2 uClinux, login as root without password needed. Then run "passwd", enter your new password. Now you can save the content of /etc/passwd on your nios2 uClinux.
WARNING: Changes made in files located in uClinux-dist/romfs/etc are not permanent. If you rebuild the kernel or romfs they are lost. If you want to make this changes permanent you should change the inittab and passwd files located at uClinux-dist/vendors/Altera/nios2
