Op940.01 expire password #69
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Ensure the root password is set to expired on the first boot of the system. This can be after the BMC flash chip is first physically written or after a factory reset. The dropbearkey.service dependency is to ensure this service does not run if a user is updating from a OpenBMC firmware image that did not have this feature enabled to one that does. The user password should not be reset in this case so use the dropbear rsa key file to know if the system was running previous firmware (i.e. not a factory reset scenario). By default this feature is not enabled. See the following design for more information: https://github.com/openbmc/docs/blob/master/designs/expired-password.md Tested: - Enabled feature and ensured in QEMU I was required to change the password on first boot - Rebooted QEMU and verified I was not required to change the password and the one I had set previously worked Change-Id: I5abb190df55ee1238f51916442581461766e3cc8 Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
Ensure the root password is set to expired on the first boot of the system. This can be after the BMC flash chip is first physically written or after a factory reset. The dropbearkey.service dependency is to ensure this service does not run if a user is updating from a OpenBMC firmware image that did not have this feature enabled to one that does. The user password should not be reset in this case so use the dropbear rsa key file to know if the system was running previous firmware (i.e. not a factory reset scenario). By default this feature is not enabled. See the following design for more information: https://github.com/openbmc/docs/blob/master/designs/expired-password.md Tested: - Enabled feature and ensured in QEMU I was required to change the password on first boot - Rebooted QEMU and verified I was not required to change the password and the one I had set previously worked Change-Id: I5abb190df55ee1238f51916442581461766e3cc8 Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
…/openbmc into OP940.01-expire-password
Signed-off-by: Joseph Reynolds <joseph-reynolds@charter.net>
geissonator
approved these changes
Nov 12, 2019
|
@geissonator @joseph-reynolds Why is the |
|
Why? I was confused about the git subtree process and made a mistake. The commit was added twice, with commit 9d742a4 having an extra source file recipes-phosphor/users/phosphor-user-manager_git.bb which was then removed by commit 1c8278e. I could have fixed up the PR, but didn't, and it merged as-is. The merged copy looks good. |
rfrandse
added a commit
that referenced
this pull request
Oct 25, 2022
Giridhari Krishna (1): Fixing clang errors in panel_app_test (#62) Jinu Joy Thomas (3): Added default display Fix default display for power down (#138) Fix write Error displays when Hot-plugging the panel out (#153) PriyangaRamasamy (11): Generic GetPDR method (#65) Fix for Lamp test issue (#73) Clang issue:Remove brace initialiser in string (#85) Move GetPDR api to utility (#82) Better trace statement for transport key (#86) Get OS IPL mode state from PHYP (#95) Add 3 seconds interval after software reset (#113) Function 30: Make LinkLocal IP default (#119) Clang format missing for an header file (#132) Func30:Pick inventory ethernet objects at runtime (#135) Bug fix in panel PEL code (#151) Santosh Puranik (6): Executor method to trigger PHYP functions (#68) Manual mode fixes (#80) Compilation Fixes (#99) Revert "Get OS IPL mode state from PHYP (#95)" (#104) Code fix to check for HMC managed system (#125) transport: Recover From Bootloader Hang (#149) Priyanga Ramasamy (2): Dbus property to store OS IPL mode Fix:SW547181 Display static/DHCP IP if present Sunny Srivastava (19): Panel to PHYP communication via PLDM (#58) Code fix for Function02 and Function01 (#60) PEL terminating bit handle (#69) Implementation of function 25 and 26 (#71) Panel function 74 implementation (#77) Fetch existing PELs (#79) Code fix to check CE mode condition (#90) Update PELs processing implementation (#92) Code fix to handle I2C write failure (#94) Unwanted logs removed (#106) Execute function 01 at bmc ready state (#108) Update parameters for System operating mode (#110) Flow update to set current operating mode (#112) Logs added/removed (#122) Display Phyp src and hexwords (#129) Use Bios attribute for boot side (#140) Update progress code at standby PEL addition for ibm panel (#147) Panel CM in Everest (#157) GiridhariKrishna (2): Tool for simulating panel input (#97) D-bus method to display lines on lcd panel (#118) Change-Id: Ib523552fa716dc3b0ec76a6e6fadab0811abc1e4
rfrandse
added a commit
that referenced
this pull request
Oct 25, 2022
Santosh Puranik (1): Add Initial Bonnell Support (#69) Change-Id: I2aeb62fbe4d7cd1f320e6293b26bcc59469b6ee4
rfrandse
added a commit
that referenced
this pull request
Oct 26, 2022
Giridhari Krishna (1): Fixing clang errors in panel_app_test (#62) Jinu Joy Thomas (3): Added default display Fix default display for power down (#138) Fix write Error displays when Hot-plugging the panel out (#153) PriyangaRamasamy (11): Generic GetPDR method (#65) Fix for Lamp test issue (#73) Clang issue:Remove brace initialiser in string (#85) Move GetPDR api to utility (#82) Better trace statement for transport key (#86) Get OS IPL mode state from PHYP (#95) Add 3 seconds interval after software reset (#113) Function 30: Make LinkLocal IP default (#119) Clang format missing for an header file (#132) Func30:Pick inventory ethernet objects at runtime (#135) Bug fix in panel PEL code (#151) Santosh Puranik (6): Executor method to trigger PHYP functions (#68) Manual mode fixes (#80) Compilation Fixes (#99) Revert "Get OS IPL mode state from PHYP (#95)" (#104) Code fix to check for HMC managed system (#125) transport: Recover From Bootloader Hang (#149) Priyanga Ramasamy (2): Dbus property to store OS IPL mode Fix:SW547181 Display static/DHCP IP if present Sunny Srivastava (19): Panel to PHYP communication via PLDM (#58) Code fix for Function02 and Function01 (#60) PEL terminating bit handle (#69) Implementation of function 25 and 26 (#71) Panel function 74 implementation (#77) Fetch existing PELs (#79) Code fix to check CE mode condition (#90) Update PELs processing implementation (#92) Code fix to handle I2C write failure (#94) Unwanted logs removed (#106) Execute function 01 at bmc ready state (#108) Update parameters for System operating mode (#110) Flow update to set current operating mode (#112) Logs added/removed (#122) Display Phyp src and hexwords (#129) Use Bios attribute for boot side (#140) Update progress code at standby PEL addition for ibm panel (#147) Panel CM in Everest (#157) GiridhariKrishna (2): Tool for simulating panel input (#97) D-bus method to display lines on lcd panel (#118) Change-Id: Ib523552fa716dc3b0ec76a6e6fadab0811abc1e4
rfrandse
added a commit
that referenced
this pull request
Oct 26, 2022
Santosh Puranik (1): Add Initial Bonnell Support (#69) Change-Id: I2aeb62fbe4d7cd1f320e6293b26bcc59469b6ee4
anoo1
pushed a commit
to anoo1/openbmc-1
that referenced
this pull request
Oct 28, 2022
Giridhari Krishna (1): Fixing clang errors in panel_app_test (ibm-openbmc#62) Jinu Joy Thomas (3): Added default display Fix default display for power down (ibm-openbmc#138) Fix write Error displays when Hot-plugging the panel out (ibm-openbmc#153) PriyangaRamasamy (11): Generic GetPDR method (ibm-openbmc#65) Fix for Lamp test issue (ibm-openbmc#73) Clang issue:Remove brace initialiser in string (ibm-openbmc#85) Move GetPDR api to utility (ibm-openbmc#82) Better trace statement for transport key (ibm-openbmc#86) Get OS IPL mode state from PHYP (ibm-openbmc#95) Add 3 seconds interval after software reset (ibm-openbmc#113) Function 30: Make LinkLocal IP default (ibm-openbmc#119) Clang format missing for an header file (ibm-openbmc#132) Func30:Pick inventory ethernet objects at runtime (ibm-openbmc#135) Bug fix in panel PEL code (ibm-openbmc#151) Santosh Puranik (6): Executor method to trigger PHYP functions (ibm-openbmc#68) Manual mode fixes (ibm-openbmc#80) Compilation Fixes (ibm-openbmc#99) Revert "Get OS IPL mode state from PHYP (ibm-openbmc#95)" (ibm-openbmc#104) Code fix to check for HMC managed system (ibm-openbmc#125) transport: Recover From Bootloader Hang (ibm-openbmc#149) Priyanga Ramasamy (2): Dbus property to store OS IPL mode Fix:SW547181 Display static/DHCP IP if present Sunny Srivastava (19): Panel to PHYP communication via PLDM (ibm-openbmc#58) Code fix for Function02 and Function01 (ibm-openbmc#60) PEL terminating bit handle (ibm-openbmc#69) Implementation of function 25 and 26 (ibm-openbmc#71) Panel function 74 implementation (ibm-openbmc#77) Fetch existing PELs (ibm-openbmc#79) Code fix to check CE mode condition (ibm-openbmc#90) Update PELs processing implementation (ibm-openbmc#92) Code fix to handle I2C write failure (ibm-openbmc#94) Unwanted logs removed (ibm-openbmc#106) Execute function 01 at bmc ready state (ibm-openbmc#108) Update parameters for System operating mode (ibm-openbmc#110) Flow update to set current operating mode (ibm-openbmc#112) Logs added/removed (ibm-openbmc#122) Display Phyp src and hexwords (ibm-openbmc#129) Use Bios attribute for boot side (ibm-openbmc#140) Update progress code at standby PEL addition for ibm panel (ibm-openbmc#147) Panel CM in Everest (ibm-openbmc#157) GiridhariKrishna (2): Tool for simulating panel input (ibm-openbmc#97) D-bus method to display lines on lcd panel (ibm-openbmc#118) Change-Id: Ib523552fa716dc3b0ec76a6e6fadab0811abc1e4
rfrandse
added a commit
that referenced
this pull request
Dec 8, 2022
George Liu (6): Update the style of resetButton (#61) Fix Chinese line break problem (#62) Add timeout mechanism when setting Server power policy (#68) Notices: changed from IBM to IPS (#69) Fix reset password error prompt password error (#60) Filter redundant licenses entry (#70) Change-Id: I39537278be28290398d35d8b676dc14bc2580a5b
rfrandse
added a commit
that referenced
this pull request
Mar 3, 2023
George Liu (6): Update the style of resetButton (#61) Fix Chinese line break problem (#62) Add timeout mechanism when setting Server power policy (#68) Notices: changed from IBM to IPS (#69) Fix reset password error prompt password error (#60) Filter redundant licenses entry (#70) Change-Id: I39537278be28290398d35d8b676dc14bc2580a5b
rfrandse
added a commit
that referenced
this pull request
Mar 3, 2023
sandeepasingh116 (4): fix translation defect for server power ops (#52) add toogle on Policies page (#73) Fix login page logo issue (#81) Fix logo issue (#82) George Liu (9): ips-localization: Change the width property size (#41) Support css style for IPS (#51) Update the style of resetButton (#61) Fix Chinese line break problem (#62) Add timeout mechanism when setting Server power policy (#68) Notices: changed from IBM to IPS (#69) Fix reset password error prompt password error (#60) Filter redundant licenses entry (#70) Fix server firmware start policy (#77) Gunnar Mills (1): Revert "Refresh only once after login (#42)" (#59) Nikhil Ashoka (10): Tab names translated in Inventory page (#54) Using privilege values from the translation file (#56) Deconfiguration type is taken from translation file (#57) Fabric Adapter table showing Name (#55) PCIe topology overlapping fix (#53) Added Identity LED to Fabric Adapters (#49) Removed Error message from Accounts verification (#44) Labels now updating in Concurrent maintenance page (#63) Refresh only once and title translation (#65) New helptext for Capacity on demand activation (#43) A Nikhil (1): Removed .tar.xz extension from dumps (#410) Change-Id: Ifbbd773a99fdd13b785976bd680f59fe50f59ff5
rfrandse
added a commit
that referenced
this pull request
Mar 28, 2024
Swarnendu Roy Chowdhury (1): Adding helper functions for switching of devtree backend in the same process Aravind T (1): Merge pull request #69 from Swarnendu-R-C/master Change-Id: I4e92f2835c9fef0320ba6d8a06b723bb30cfd2d9
rfrandse
pushed a commit
that referenced
this pull request
Mar 28, 2024
…(#3983)
Aravind T (1):
Merge pull request #69 from devenrao/defect1
Marri Devender Rao (4):
nag: power & thermal pel is not added to nag pel during bmcreboot
nag: capture deconfig records with association in nag dump
nag: write and read chassis poweron time from persistent file
nag: log deconfig reason in upper case
Add the new service file to write timestamp to persistent file during
chassis poweron
Change-Id: I4f25ad5336c3ff77a96a8873a96c623eaafefdff
Signed-off-by: Marri Devender Rao <devenrao@in.ibm.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is the service to expire the password on first boot.
See https://gerrit.openbmc-project.xyz/c/openbmc/meta-phosphor/+/25615 and https://gerrit.openbmc-project.xyz/c/openbmc/meta-phosphor/+/25712