Introduction #
VxWorks, developed by Wind River, is a real-time operating system (RTOS) that supports secure user authentication. This guide outlines the configuration steps required to enable secure user login for a VxWorks 7 target. Once properly configured, users must authenticate with valid credentials before accessing the VxWorks kernel shell.
Prerequisites #
This procedure assumes the following environment:
- Wind River VxWorks 7 (SR0620)
- Host system: Windows workstation
Reference Documentation #
For more detailed information, refer to the VxWorks 7 Security Programmer’s Guide provided by Wind River.
Creating and Building the VxWorks Source Build (VSB) Project #
Begin by launching a command shell and setting up the build environment:
cd <WIND_HOME> // Navigate to your Wind River installation directory
wrenv -p vxworks-7
cd <YOUR_WORKSPACE> // Navigate to your VxWorks workspace
vxprj vsb create users_vsb -bsp vxsim_windows -smp -force -S
cd users_vsb
// Add required user management components
vxprj vsb add USER_MANAGEMENT
vxprj vsb add USER_MANAGEMENT_POLICY
vxprj vsb add USER_MANAGEMENT_USER_PRIVILEGES
make -j 32 // Build the VSB
Creating and Building the VxWorks Image Project (VIP) #
To create and configure the VIP, follow these steps:
cd ..
vxprj create -smp vxsim_windows users_vip -profile PROFILE_DEVELOPMENT -vsb users_vsb
cd users_vip
// Add required components to the VIP
vxprj vip bundle add BUNDLE_STANDALONE_SHELL
vxprj vip component add INCLUDE_USER_DATABASE
vxprj vip component add INCLUDE_SHELL_SECURITY
vxprj vip component add INCLUDE_LOGIN_POLICY
// Set relevant parameters
vxprj parameter set UDB_STORAGE_PATH "\"host:vxUserDB.txt\""
vxprj parameter set UDB_PROMPT_INITIAL_USER TRUE
vxprj parameter set meta_UDB_HASH_KEY "\"\x48\x61\"" // Replace with your own unique hash key
vxprj build
Important: Renamemeta_UDB_HASH_KEYtoUDB_HASH_KEYand ensure that a unique key (preferably 256 bytes) is used for database encryption. This secures the integrity and confidentiality of the user credentials file.
Booting VxWorks on the Target #
Once the build is complete, boot the target using:
cd default
vxsim
Upon successful boot, the VxWorks kernel shell will be available.
Initial User Creation #
The system will prompt you to create an initial user upon first boot:
** Creation of initial user **
Initial user's login:
After providing and confirming the password, you’ll be asked to authenticate using the newly created credentials:
login:
From this point forward, access to the kernel shell will require valid login credentials.
Logging In and Creating Additional Users #
Authenticate using the initial user account, then proceed to create a second user from the kernel shell:
-> userAdd "harmonicss", "harmonicss"
value = 0 = 0x0
-> logout
login:
You now have two distinct user accounts. The user database (vxUserDB.txt) is located in the VIP’s default directory (users_vip\default\vxUserDB.txt) and is referenced during login authentication. VxWorks supports user and group management, login time monitoring, and account maintenance. For further functionality, consult the VxWorks Security Programmer’s Guide.
Optional: Mitigating a Potential Security Risk #
Be aware that if the vxUserDB.txt file is deleted, the system will revert to prompting for the creation of a new initial user upon boot—introducing a potential security vulnerability. To safeguard against this:
- Store the user database on a secure, encrypted local file system partition
- Restrict access to prevent unauthorized modifications
This is particularly critical for secure deployments that utilize the standard VxWorks kernel shell.
Optional: Defining User-Specific Privileges #
VxWorks provides granular control over shell-level permissions via user privilege configurations. To enable this feature:
cd ..
vxprj vip component add INCLUDE_USER_PRIVILEGES
vxprj vip parameter set PRIVILEGE_MANIFEST_PATH "\"host:\privilege_manifest\prvlgManifest.txt\""
Edit the privilege manifest file as directed in its comments to define allowed operations per user. After editing, rebuild the VIP and reboot the target.
Note: By default, users have no privileges assigned. Unless explicitly configured in the privilege manifest, all shell operations will return a privilege error—even if login succeeds.