I finally got around to looking into why my rsync automation fails with my new Lineage OS 17.1 device. The old instructions worked like charm. Sshd will start, but the shell user will receive a permission denied after successful authentication.
It turns out that sshd is unhappy with the file ownership or modes for
/data. Now I didn’t want to mess with those nor did I want to move the
ssh directory to another place so I cheated and told sshd to relax by adding:
sshd_config. Probably sshd dislikes that
/data is owned by system and not shell nor root – allowing the system user to erase the
ssh directory. Seems like one security concept is ruining another…
The little userinit runner I discussed twice previously has lead to small but constant number of requests for an APK over time, so I finally got myself to release Run Userinit on F-Droid. As a side-effect the current git should build out of the box with a more current gradle version.
As I’m currently switching phones I had to revisit the issue of how to get sshd running on a pristine LineageOS install. I decided to collect the steps here as the how-to formerly available on the CM wiki has vanished together with CM itself. Note that some steps are not incredibly detailed and you really should be aware of the security implications before going ahead with this. Continue reading →
For some reason the support for init.d and thereby userinit.d has been removed from CyanogenMod starting with CM12. Unfortunately it is not easy to re-activate the functionality, even more so if you want the change to survive future CM updates.
So I decided to create a trivial app that will simply execute run-parts on the /data/local/userinit.d directory when the phone completes booting to get the good old userinit.d back. To clone the git repository run:
git clone https://lisas.de/~alex/runuserinit.git
Find more details on the repository contents here.
After installation you will have to start RunUserinit once and hit the button. When asked whether RunUserinit should be allowed to use root privileges accept that and make the setting permanent. Finally sshd will run automatically again, whenever my phone requires a reboot…