Age | Commit message (Collapse) | Author |
|
Linux recently gained a new config option, CONFIG_MULTIUSER, that makes
support for non-root users optional. This results in a number of syscalls
being disabled: setuid, setregid, setgid, setreuid, setresuid, getresuid,
setresgid, getresgid, setgroups, getgroups, setfsuid, setfsgid, capget,
capset.
Currently a number of busybox applets, including login, struggle to run
when CONFIG_MULTIUSER is disabled. Even the root user is unable to login:
login: can't set groups: Functi
This patch adds code to make change_identity() a nop on single user
systems. It works by recognising the signature errno value (ENOSYS, due
to the system calls being disabled) and, to avoid security risks, only
deploys when the current uid and target uid is the same.
After the patch is applied any attempt to switch to a non-root user will
fail. Thus a badly configured userspace (for example, one that tries to
start a daemon as a non-root user when the kernel cannot support this)
will report errors as one would expect.
Signed-off-by: Daniel Thompson <daniel.thompson@linaro.org>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Matt Whitlock <busybox@mattwhitlock.name>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Matt Whitlock <busybox@mattwhitlock.name>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
This also removes their help texts.
function old new delta
run_applet_no_and_exit 442 452 +10
packed_usage 30713 30625 -88
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
The loop_on_EINTR argument to nonblock_immune_read is always set to 1.
function old new delta
xmalloc_reads 200 195 -5
pgetc 488 483 -5
argstr 1313 1308 -5
nonblock_immune_read 123 86 -37
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 0/4 up/down: 0/-52) Total: -52 bytes
Signed-off-by: Ron Yorston <rmy@tigress.co.uk>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Copyright years seem to be out of date, e.g. coreutils/truncate.c
has Copyright (C) 2015.
Signed-off-by: Aaro Koskinen <aaro.koskinen@iki.fi>
Signed-off-by: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com>
|
|
UTMP is SVID legacy, UTMPX is mandated by POSIX.
Glibc and uClibc have identical layout of UTMP and UTMPX, both of these
libc treat _PATH_UTMPX as _PATH_UTMP so from a user-perspective nothing
changes except the names of the API entrypoints.
Signed-off-by: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com>
|
|
function old new delta
truncate_main - 161 +161
cwbkMG_suffixes - 128 +128
packed_usage 30443 30459 +16
applet_names 2512 2521 +9
applet_main 1456 1460 +4
parse_command 1460 1463 +3
applet_nameofs 728 730 +2
applet_install_loc 182 183 +1
dd_suffixes 112 - -112
------------------------------------------------------------------------------
(add/remove: 3/1 grow/shrink: 10/3 up/down: 337/-133) Total: 204 bytes
Signed-off-by: Ari Sundholm <ari@tuxera.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
This way it can be used by other applets without duplication.
Signed-off-by: Ari Sundholm <ari@tuxera.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
function old new delta
is_prefixed_with - 18 +18
complete_username 78 77 -1
man_main 737 735 -2
fsck_device 429 427 -2
unpack_ar_archive 80 76 -4
strip_unsafe_prefix 105 101 -4
singlemount 1054 1050 -4
rtc_adjtime_is_utc 90 86 -4
resolve_mount_spec 88 84 -4
parse_one_line 1029 1025 -4
parse_conf 1460 1456 -4
may_wakeup 83 79 -4
loadkmap_main 219 215 -4
get_irqs_from_stat 103 99 -4
get_header_cpio 913 909 -4
findfs_main 79 75 -4
fbsplash_main 1230 1226 -4
load_crontab 776 771 -5
expand_vars_to_list 1151 1146 -5
date_main 881 876 -5
skip_dev_pfx 30 24 -6
make_device 2199 2193 -6
complete_cmd_dir_file 773 767 -6
run_applet_and_exit 715 708 -7
uudecode_main 321 313 -8
pwdx_main 197 189 -8
execute 568 560 -8
i2cdetect_main 1186 1176 -10
procps_scan 1242 1230 -12
procps_read_smaps 1017 1005 -12
process_module 746 734 -12
patch_main 1903 1891 -12
nfsmount 3572 3560 -12
stack_machine 126 112 -14
process_timer_stats 449 435 -14
match_fstype 111 97 -14
do_ipaddr 1344 1330 -14
open_list_and_close 359 343 -16
get_header_tar 1795 1779 -16
prepend_new_eth_table 340 323 -17
fsck_main 1811 1794 -17
find_iface_state 56 38 -18
dnsd_main 1321 1303 -18
base_device 179 158 -21
find_keyword 104 82 -22
handle_incoming_and_exit 2785 2762 -23
parse_and_put_prompt 774 746 -28
modinfo 347 317 -30
find_action 204 171 -33
update_passwd 1470 1436 -34
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 0/49 up/down: 18/-540) Total: -522 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
function old new delta
update_passwd 1270 1470 +200
deluser_main 310 332 +22
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
function old new delta
massage_data_for_non_r_func - 90 +90
bb_internal_getpwent - 69 +69
getXXnam_r 94 162 +68
fill_bounds 131 128 -3
deluser_main 355 310 -45
complete_username 123 78 -45
getXXnam 163 90 -73
massage_data_for_r_func 103 - -103
bb_internal_getpwent_r 121 - -121
------------------------------------------------------------------------------
(add/remove: 2/2 grow/shrink: 1/5 up/down: 227/-407) Total: -163 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
loopinfo.lo_file_name is not enough to uniquely identify a file on a system with
multiple mount namespaces. We could conceivably change this to dedup on
(lo_rdevice, lo_inode), but, as the comment above the deleted code notes, this
whole approach of reusing devices is racy anyway, so it seems better to stop
doing it entirely.
Signed-off-by: Kevin Wallace <k@igneous.io>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
function old new delta
INET_rresolve 274 214 -60
INET6_rresolve 168 85 -83
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
function old new delta
update_utmp_DEAD_PROCESS - 17 +17
telnetd_main 1685 1674 -11
mark_terminated 56 45 -11
handle_sigchld 74 63 -11
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
This removed buffer size limitations.
function old new delta
convert_to_struct - 269 +269
getXXnam_r - 204 +204
parse_common - 185 +185
getXXnam - 164 +164
tokenize - 126 +126
bb_internal_getpwent_r 102 167 +65
get_S 30 88 +58
getgrouplist_internal 195 240 +45
const_sp_db - 20 +20
const_pw_db - 20 +20
const_gr_db - 20 +20
bb_internal_endpwent 27 36 +9
bb_internal_endgrent 27 36 +9
decode_one_format 726 734 +8
bb_internal_setpwent 17 24 +7
volume_id_probe_iso9660 319 322 +3
scriptreplay_main 204 207 +3
mkfs_minix_main 2684 2687 +3
id_main 478 480 +2
hash_find 233 235 +2
pstree_main 321 322 +1
gr_off 3 4 +1
expand_one_var 1579 1578 -1
pwf 4 - -4
grf 4 - -4
pack_gzip 1787 1780 -7
addattr32 67 56 -11
buffer_fill_and_print 191 178 -13
dpkg_main 2944 2927 -17
bb_internal_setgrent 17 - -17
bb_internal_getpwuid 38 19 -19
bb_internal_getgrgid 44 19 -25
bb_internal_getpwnam 38 11 -27
bb_internal_getgrnam 44 14 -30
bb_internal_fgetpwent_r 51 - -51
bb_internal_fgetgrent_r 51 - -51
bb_internal_getspnam_r 121 42 -79
bb_internal_getpwnam_r 121 39 -82
bb_internal_getgrent_r 102 - -102
bb__parsepwent 110 - -110
bb_internal_getpwuid_r 113 - -113
bb_internal_getgrgid_r 113 - -113
bb__parsespent 120 - -120
bb_internal_getgrnam_r 121 - -121
bb__pgsreader 213 - -213
bb__parsegrent 226 - -226
------------------------------------------------------------------------------
(add/remove: 8/13 grow/shrink: 14/11 up/down: 1224/-1556) Total: -332 bytes
text data bss dec hex filename
923471 928 17684 942083 e6003 busybox_old
923167 928 17676 941771 e5ecb busybox_unstripped
Signed-off-by: Tito Ragusa <farmatito@tiscali.it>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
In vi-mode lineedit tries to detect some escape sequences.
After the ESC it reads the next character to check for certain
values. This read should have a timeout or a user-entered ESC to
switch to command mode doesn't properly handle the next character.
Signed-off-by: Ron Yorston <rmy@tigress.co.uk>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Testcase: shell command input after python ^Z should still work
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Busybox already uses sendfile in httpd. This patch proposes to use it
globally to copy data between file descriptors.
It speeds up the copying on slow systems a lot - below are the times needed
to copy a 450Mb file with and without this option enabled on a BeagleBone
Black:
sendfile:
user 0m0.000s
sys 0m8.170s
read/write 4k:
user 0m0.470s
sys 0m16.300s
function old new delta
bb_full_fd_action 394 474 +80
Signed-off-by: Bartosz Golaszewski <bartekgola@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Sometimes ARG_MAX is small (like 32k) yet sysconf(_SC_ARG_MAX)
is big, and people prefer using the bigger value.
OTOH, with sufficiently large ARG_MAX, further wins from
sysconf(_SC_ARG_MAX) being bigger are exponentially smaller:
you can see 4 times fewer fork+execs when you run find, but
when each execed process already takes a thousand parameters
it's likely execution time is dominated by what that process
does with each parameter.
Thus, with this change ARG_MAX is used if it's sufficiently big,
otherwise sysconf(_SC_ARG_MAX) is used.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
function old new delta
bb_logenv_override - 70 +70
packed_usage 29969 30033 +64
zcip_main 1426 1431 +5
------------------------------------------------------------------------------
(add/remove: 2/0 grow/shrink: 2/0 up/down: 139/0) Total: 139 bytes
Signed-off-by: Michel Stam <m.stam@fugro.nl>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
This makes "G" (goto end of input) command work as well as
/search_for_nonexistent_string: both will read to EOF now
even from somewhat slow input (such as kernel's "git log").
function old new delta
ndelay_on 35 43 +8
ndelay_off 35 43 +8
read_lines 695 691 -4
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 2/1 up/down: 16/-4) Total: 12 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
function old new delta
run_applet_no_and_exit 447 445 -2
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
It is not clear why we were excluding init from this.
The "getpid() != 1" clause was there from the beginning (2001)
but not explained.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
function old new delta
cmdio_get_cmd_and_arg - 237 +237
get_passwd - 97 +97
check_password - 82 +82
ftpd_main 2297 2178 -119
ask_and_check_password_extended 206 84 -122
------------------------------------------------------------------------------
(add/remove: 3/0 grow/shrink: 0/2 up/down: 416/-241) Total: 175 bytes
Signed-off-by: Morten Kvistgaard <MK@pch-engineering.dk>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
function old new delta
sha3_process_block72 1454 1359 -95
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
It is an interesting trick, but so far I only managed to make it work
correctly, not to make it faster and/or smaller.
The code is ifdefed out for now.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
This set of patches adds a simple unit-testing framework to Busybox
unit-tests: add some helper macros for unit-test framework implementation
unit-tests: implement the unit-testing framework
unit-tests: add basic documentation on writing the unit test cases
unit-tests: modify the Makefile 'test' target to run unit-tests too
unit-tests: add two example test cases
unit-tests: modify the existing strrstr test code to use the unit-test framework
Signed-off-by: Bartosz Golaszewski <bartekgola@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
function old new delta
bb_sc_clk_tck - 10 +10
timescmd 118 113 -5
print_route 1763 1758 -5
mpstat_main 1288 1283 -5
iostat_main 1947 1942 -5
INET_setroute 879 871 -8
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 0/5 up/down: 10/-28) Total: -18 bytes
Signed-off-by: Bartosz Golaszewski <bartekgola@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
The find utility uses a hardcoded value of 32 * 1024 as the limit of
the command-line length when calling 'find -exec ... {} +'. This results
in over 4 times more execve() calls than in coreutils' find.
This patch uses the limit defined in system headers.
Based on the patch by Bartosz Golaszewski <bartekgola@gmail.com>.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
With FEATURE_VERBOSE off, practically no size change.
With it on:
function old new delta
remove_file 493 556 +63
install_main 719 765 +46
bb_make_directory 383 419 +36
rmdir_main 162 191 +29
copy_file 1516 1544 +28
mv_main 502 525 +23
cmp_main 677 693 +16
bbconfig_config_bz2 5264 5279 +15
mkdir_main 158 168 +10
install_longopts 66 76 +10
rm_main 167 175 +8
nexpr 840 846 +6
scan_tree 275 280 +5
fsck_main 1807 1811 +4
ed_main 2541 2545 +4
expand_one_var 1574 1575 +1
swap_on_off_main 420 418 -2
parse_command 1443 1440 -3
redirect 1279 1274 -5
do_load 946 918 -28
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 16/4 up/down: 304/-38) Total: 266 bytes
Based on the patch by Igor Živković.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
English speakers complained that it sounded awfully broken.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
function old new delta
find_execable 81 86 +5
exists_execable 71 66 -5
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
function old new delta
rtc_xopen 77 139 +62
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
function old new delta
bb_verror_msg 380 386 +6
syslog_level - 1 +1
crondlog 165 108 -57
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
function old new delta
string_checker 97 92 -5
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
POSIX.1-2008 removed the usleep function, provide a fallback
implementaion using the recommended nanosleep().
Signed-off-by: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Testcase:
script -q -c "echo hey" /dev/null 0>&-
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
function old new delta
process_stdin_with_replace - 195 +195
xmalloc_substitute_string - 145 +145
xargs_main 808 884 +76
count_strstr - 45 +45
packed_usage 29580 29571 -9
parse_params 1445 1416 -29
func_exec 285 138 -147
------------------------------------------------------------------------------
(add/remove: 4/0 grow/shrink: 1/3 up/down: 461/-185) Total: 276 bytes
text data bss dec hex filename
922156 932 17692 940780 e5aec busybox_old
922440 932 17692 941064 e5c08 busybox_unstripped
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
function old new delta
is_in_ino_dev_hashtable 88 108 +20
add_to_ino_dev_hashtable 150 142 -8
reset_ino_dev_hashtable 84 75 -9
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 1/2 up/down: 20/-17) Total: 3 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|