okay so reading the code...
filesystem is not noexec
# First take care of var/local
if ! mount -t ext3 -o rw $local /var/local; then
f_log I filesystems createvarlocal "Creating /var/local filesystem"
mkfs.ext3 -F -L LocalVars $local
tune2fs -c 0 -i 0 $local # disable fsck
rm -rf /var/local/*
mount -t ext3 -o rw $local /var/local
cp -arf /opt/var/local/. /var/local/.
mkdir -p /var/local/system
Also the section of code that appears to do "something" with dropbear (not sure what is supposed to invoke it- possibly it's a startup call?) by my reading of it should attempt to at the very least create a new key in /etc/dropbear/blah , even after I nerfed the /usr/local/* cleanup.
ASSUMPTION: Key is overwritten if the key already exists, this may be wrong.
has to be dropbearkey -t rsa -f /etc/dropbear/dropbear_rsa_host_key
Thus if that was triggered one might assume that my copy in usr/local/dropbear/key would be different to the one in /etc/dropbear/key
[root@kindle mmc]# diff -s usr/local/etc/dropbear/dropbear_rsa_host_key etc/dropbear/dropbear_rsa_host_key
Files usr/local/etc/dropbear/dropbear_rsa_host_key and etc/dropbear/dropbear_rsa_host_key are identical
They are the same however. And thus the key I expect. So it's not a wonky key.
ASSUMPTION: was probably wrong. as opposed to anything else as rm -rf /usr/local/* operates as expected when in place...
I'll give this config a go and see what falls out then go for a strace (don't want to hang DIAGS too bad. might get stuck)
# expect fork
/usr/local/sbin/dropbear -a -p 22 -g -K 0 -r /usr/local/etc/dropbear/dropbear_rsa_host_key -E 2> /mnt/us/droplog
ps aux > /mnt/us/processes
/usr/local/sbin/dropbear -P /var/run/sshd -p 22 -r /etc/dropbear/dropbear_rsa_host_key -E 2> /mnt/us/droplog2
ps aux > /mnt/us/processes2