Re: extrausers-bbclass: plaintext password (since shadow update to 4.9)

Matthias Klein

Hello Peter,

I have already tried many things to pass the hash escaped to the extrausers-bbclass.

But I have not found a way to set the password with EXTRA_USERS_PARAMS.
Do you know a working variant?

Many greetings,

-----Urspr√ľngliche Nachricht-----
Von: Peter Bergin <peter@...>
Gesendet: Montag, 30. August 2021 22:52
An: Matthias Klein <matthias.klein@...>; yocto@...
Betreff: Re: [yocto] extrausers-bbclass: plaintext password (since shadow update to 4.9)

On 2021-08-30 14:54, Matthias Klein wrote:


I am trying to find a working alternative for the old -P option.

EXTRA_USERS_PARAMS = "usermod -P toor root;"

The suggestions from this thread don't seem to work:

hash="$(python3 -c "import crypt; print(crypt.crypt('toor', crypt.METHOD_SHA512))")"
EXTRA_USERS_PARAMS = "usermod -p ${hash} root;"

The hashed password does not seem to be escaped properly in the extrausers-bbclass. The password in the shadow file is missing $ characters.

Is there a way (with the current master branch) to define a password?

You have to escape the password string in the recipe. Use '\\\$' to escape the '$' token. There are some levels of evaluation of the expression and that's the reason for multiple '\'. Just iterate until you have the correct string in the shadow file, also check the log.do_rootfs where you can see the parameters to usermod.


Join to automatically receive all group messages.