If logging to stderr and/or syslog the -v option can be given one or
more times to increase the log verbosity. If mdev is used as hotplug
helper the log level is fixed set to 2 if mdev.log is found an appended
because there is no possiblity to pass arguments to the hotplug helper.
Signed-off-by: Jan Klötzke <jan@kloetzke.net>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
If mdev is run as daemon it should be possible to forward the debug
messages to syslog. This feature might be useful if mdev is run with -s
during boot too. OTOH it makes no sense for the daemon to log to
mdev.log. This can be handled by a syslog daemon way better. If the
daemon stays in the foreground due to -f, the messages are still written
to stderr as before.
Signed-off-by: Jan Klötzke <jan@kloetzke.net>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
If the netlink read() failed with ENOBUFS we know that we have missed at
least one message due to a socket receive buffer overrun. The only way
how to recover is to drop the old socket, open a fresh one and make a
cold-plug scan of the current system state.
Signed-off-by: Jan Klötzke <jan@kloetzke.net>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
The socket receive buffer turned out to be too small for real world
systems. Use the same size as udevd to be on the safe side. As this is
just a limit and the memory is not allocated by the kernel until really
needed there is actually no memory wasted.
Signed-off-by: Jan Klötzke <jan@kloetzke.net>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Starting with linux kernel v5.4 squashfs has a more strict parameter
checking implemented. Unlike util-linux mount, busybox never supported
the sizelimit option but simply forwards it to the kernel.
Since v5.4 mounting will fail with
squashfs: Unknown parameter 'sizelimit'
Support the sizelimit parameter by setting it in the LOOP_SET_STATUS64
structure before handing it to the kernel.
While at it also add support for the offset option, which currently will
always be set to 0.
function old new delta
cut_out_ull_opt - 167 +167
singlemount 1230 1266 +36
set_loop 834 862 +28
losetup_main 479 483 +4
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 3/0 up/down: 235/0) Total: 235 bytes
Signed-off-by: Steffen Trumtrar <s.trumtrar@pengutronix.de>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
The glibc implementation changed for settimeofday, resulting in "invalid
argument" error when attempting to set both timezone and time with a single
call. Fix this by calling settimeofday twice
Signed-off-by: Eddie James <eajames@linux.ibm.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
PLATFORM_LINUX is a hidden configuration option which is disabled by
default and enabled at over a hundred locations for features that are
deemed to be Linux specific.
The only effect of PLATFORM_LINUX is to control compilation of
libbb/match_fstype.c. This file is only needed by mount and umount.
Remove all references to PLATFORM_LINUX and compile match_fstype.c
if mount or umount is enabled.
Signed-off-by: Ron Yorston <rmy@pobox.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
stime() has been deprecated in glibc 2.31 and replaced with
clock_settime(). Let's replace the stime() function calls with
clock_settime() in preperation.
function old new delta
rdate_main 197 224 +27
clock_settime - 27 +27
date_main 926 941 +15
stime 37 - -37
------------------------------------------------------------------------------
(add/remove: 2/2 grow/shrink: 2/0 up/down: 69/-37) Total: 32 bytes
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
function old new delta
taskset_main 511 855 +344
Based on patch by Fryderyk Wrobel <frd1996@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Back in 2007, commit 0c97c9d437 ("'simple' error message functions by
Loic Grenie") introduced bb_simple_perror_msg() to allow for a lower
overhead call to bb_perror_msg() when only a string was being printed
with no parameters. This saves space for some CPU architectures because
it avoids the overhead of a call to a variadic function. However there
has never been a simple version of bb_error_msg(), and since 2007 many
new calls to bb_perror_msg() have been added that only take a single
parameter and so could have been using bb_simple_perror_message().
This changeset introduces 'simple' versions of bb_info_msg(),
bb_error_msg(), bb_error_msg_and_die(), bb_herror_msg() and
bb_herror_msg_and_die(), and replaces all calls that only take a
single parameter, or use something like ("%s", arg), with calls to the
corresponding 'simple' version.
Since it is likely that single parameter calls to the variadic functions
may be accidentally reintroduced in the future a new debugging config
option WARN_SIMPLE_MSG has been introduced. This uses some macro magic
which will cause any such calls to generate a warning, but this is
turned off by default to avoid use of the unpleasant macros in normal
circumstances.
This is a large changeset due to the number of calls that have been
replaced. The only files that contain changes other than simple
substitution of function calls are libbb.h, libbb/herror_msg.c,
libbb/verror_msg.c and libbb/xfuncs_printf.c. In miscutils/devfsd.c,
networking/udhcp/common.h and util-linux/mdev.c additonal macros have
been added for logging so that single parameter and multiple parameter
logging variants exist.
The amount of space saved varies considerably by architecture, and was
found to be as follows (for 'defconfig' using GCC 7.4):
Arm: -92 bytes
MIPS: -52 bytes
PPC: -1836 bytes
x86_64: -938 bytes
Note that for the MIPS architecture only an exception had to be made
disabling the 'simple' calls for 'udhcp' (in networking/udhcp/common.h)
because it made these files larger on MIPS.
Signed-off-by: James Byrne <james.byrne@origamienergy.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Adds the -d option to run mdev in daemon mode handling hotplug events
from the kernel like udev. If the system generates many hotplug events
this mode of operation will consume less resources than registering
mdev as hotplug helper or using the uevent applet.
function old new delta
daemon_loop - 152 +152
initial_scan - 127 +127
open_mdev_log - 85 +85
mdev_main 255 314 +59
packed_usage 33284 33316 +32
process_action 1051 992 -59
------------------------------------------------------------------------------
(add/remove: 3/0 grow/shrink: 2/1 up/down: 455/-59) Total: 396 bytes
Signed-off-by: Jan Klötzke <jan@kloetzke.net>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
This purely moves code from main() to separate functions for better
extensibility.
Signed-off-by: Jan Klötzke <jan@kloetzke.net>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
cluster_count is compared against FAT16_MAX, which is defined as 0xfff4
That is the maximum number of cluster a FAT16 can have.
For reference also check the hardware whitepaper from Microsoft
FAT: General Overview of On-Disk Format, version 1.03 page 15
Signed-off-by: Thomas Frauendorfer <tf@miray.de>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Embedded scripts require a shell to be present in the BusyBox
binary. Allow either ash or hush to be used for this purpose.
If both are enabled ash takes precedence.
The size of the binary is unchanged in the default configuration:
both ash and hush are present but support for embedded scripts
isn't compiled into hush.
Signed-off-by: Ron Yorston <rmy@pobox.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
BusyBox has support for embedded shell scripts. Two types can be
distinguished: custom scripts and scripts implementing applets.
Custom scripts should be placed in the 'embed' directory at build
time. They are given a default applet configuration and appear
as applets to the user but no further configuration is possible.
Applet scripts are integrated with the BusyBox build system and
are intended to be used to ship standard applets that just happen
to be implemented as scripts. They can be configured at build time
and appear just like native applets.
Such scripts should be placed in the 'applets_sh' directory. A stub
C program should be written to provide the usual applet configuration
details and placed in a suitable subsystem directory. It may be
helpful to have a configuration option to enable any dependencies the
script requires: see the 'nologin' applet for an example.
function old new delta
scripted_main - 41 +41
applet_names 2773 2781 +8
applet_main 1600 1604 +4
i2cdetect_main 672 674 +2
applet_suid 100 101 +1
applet_install_loc 200 201 +1
applet_flags 100 101 +1
packed_usage 33180 33179 -1
tryexec 159 152 -7
evalcommand 1661 1653 -8
script_names 9 - -9
packed_scripts 123 114 -9
complete_cmd_dir_file 826 811 -15
shellexec 271 254 -17
find_command 1007 990 -17
busybox_main 642 624 -18
run_applet_and_exit 100 78 -22
find_script_by_name 51 - -51
------------------------------------------------------------------------------
(add/remove: 1/2 grow/shrink: 6/9 up/down: 58/-174) Total: -116 bytes
text data bss dec hex filename
950034 477 7296 957807 e9d6f busybox_old
949918 477 7296 957691 e9cfb busybox_unstripped
Signed-off-by: Ron Yorston <rmy@pobox.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
= display default is no longer in cylinders
= +sizeC is no longer supported
= add +sizeT suffix - terabytes are here
= K,M,G,T and k,m,g,t suffixes all are binary, not decimal
= +sizeM results in last sector +(size * 1Mbyte - 1), not +(size * 1Mbyte)
= fix comparison to "YES" answer for sgi/sun
function old new delta
read_int 492 519 +27
fdisk_main 2644 2640 -4
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 1/1 up/down: 27/-4) Total: 23 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Kconfig-language.txt was deleted in commit 4fa499a17b back in 2006.
Move to docs/ as suggested by Xabier Oneca:
http://lists.busybox.net/pipermail/busybox/2014-May/080914.html
Also update references to it everywhere.
Signed-off-by: Kartik Agaram <akkartik@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
fdisk from util-linux 2.31 (maybe earlier) does not print this.
function old new delta
check_consistency 449 399 -50
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
-t, -S and -G each take mandatory integer arguments. getopt32long()'s
option string syntax for this type of argument is 'c:+', however nsenter's
opt_str uses 'c+', which specifies two options 'c' and '+' which do not
take arguments. This means that giving a target PID causes nsenter to
exit and print the usage string:
# nsenter -t1 sh
nsenter: unrecognized option: 1
BusyBox v1.27.2 (2017-12-12 10:41:50 GMT) multi-call binary.
...
The long form options are also broken:
# nsenter --setuid=1000 --setgid=1000 sh
BusyBox v1.29.0.git (2018-05-04 13:56:49 UTC) multi-call binary.
...
`nsenter --target=<pid> sh` parses correctly and appears to work, but
<pid> is ignored and set to 0. This doesn't raise an error unless one
of the namespace arguments is also given:
# ./busybox_unstripped nsenter --target=42 sh
# exit
# ./busybox_unstripped nsenter -n --target=42 sh
BusyBox v1.29.0.git (2018-05-04 13:56:49 UTC) multi-call binary.
...
This has caused problems in a couple of places:
https://github.com/linuxkit/linuxkit/issues/567https://github.com/gliderlabs/docker-alpine/issues/359https://github.com/kontena/pharos-cluster/pull/81
Signed-off-by: Euan Harris <euan.harris@docker.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
In nsenter from util-linux, the long version of the -n option is
--net=<path>. BusyBox's version expects --network=<path>, so scripts
and examples written for util-linux's version cause BusyBox's version
to exit with the usage message.
Confusingly, until commit 036585a911, the usage message erroneously
claimed that the long option was indeed called --net; after that commit
long options are not listed at all.
Signed-off-by: Euan Harris <euan.harris@docker.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Kernel will surely inform us in FITRIM does not make sense on a given file.
function old new delta
fstrim_main 241 221 -20
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
While at it, add -t to --help, and fix comments which say that -t is ignored
function old new delta
packed_usage 32427 32444 +17
umount_main 558 552 -6
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 1/1 up/down: 17/-6) Total: 11 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Add support for LittleFS to blkid. Not included if FEATURE_BLKID_TYPE
is not selected (neither UUID nor label).
LittleFS is a small fail-safe filesystem designed for embedded
systems. It has strong copy-on-write guarantees and storage on disk
is always kept in a valid state. It also provides a form of dynamic
wear levelling for systems that can not fit a full flash translation
layer. (https://github.com/geky/littlefs)
ARM has introduced it in its Mbed OS 5.7, so it starts to gain focus.
(https://os.mbed.com/blog/entry/littlefs-high-integrity-embedded-fs/)
function old new delta
volume_id_probe_lfs - 62 +62
fs1 20 24 +4
Signed-off-by: Sven-Göran Bergh <sgb@systemaxion.se>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
"-c, --no-canonicalize: Do not canonicalize paths."
As busybox doesn't canonicalize paths in the first place it is safe to ignore
this option.
See https://github.com/systemd/systemd/issues/7786
Signed-off-by: Shawn Landden <slandden@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
FEATURE_GETOPT_LONG made dependent on LONG_OPTS.
The folloving options are removed, now LONG_OPTS enables long options
for affected applets:
FEATURE_ENV_LONG_OPTIONS FEATURE_EXPAND_LONG_OPTIONS
FEATURE_UNEXPAND_LONG_OPTIONS FEATURE_MKDIR_LONG_OPTIONS
FEATURE_MV_LONG_OPTIONS FEATURE_RMDIR_LONG_OPTIONS
FEATURE_ADDGROUP_LONG_OPTIONS FEATURE_ADDUSER_LONG_OPTIONS
FEATURE_HWCLOCK_LONG_OPTIONS FEATURE_NSENTER_LONG_OPTS
FEATURE_CHCON_LONG_OPTIONS FEATURE_RUNCON_LONG_OPTIONS
They either had a small number of long options, or their long options are
essential.
Example: upstream addgroup and adduser have ONLY longopts,
we should probably go further and get rid
of non-standard short options.
To this end, make addgroup and adduser "select LONG_OPTS".
We had this breakage caused by us even in our own package!
#if ENABLE_LONG_OPTS || !ENABLE_ADDGROUP
/* We try to use --gid, not -g, because "standard" addgroup
* has no short option -g, it has only long --gid.
*/
argv[1] = (char*)"--gid";
#else
/* Breaks if system in fact does NOT use busybox addgroup */
argv[1] = (char*)"-g";
#endif
xargs: its lone longopt no longer depends on DESKTOP, only on LONG_OPTS.
hwclock TODO: get rid of incompatible -t, -l aliases to --systz, --localtime
Shorten help texts by omitting long option when short opt alternative exists.
Reduction of size comes from the fact that store of an immediate
(an address of longopts) to a fixed address (global variable)
is a longer insn than pushing that immediate or passing it in a register.
This effect is CPU-agnostic.
function old new delta
getopt32 1350 22 -1328
vgetopt32 - 1318 +1318
getopt32long - 24 +24
tftpd_main 562 567 +5
scan_recursive 376 380 +4
collect_cpu 545 546 +1
date_main 1096 1095 -1
hostname_main 262 259 -3
uname_main 259 255 -4
setpriv_main 362 358 -4
rmdir_main 191 187 -4
mv_main 562 558 -4
ipcalc_main 548 544 -4
ifenslave_main 641 637 -4
gzip_main 192 188 -4
gunzip_main 77 73 -4
fsfreeze_main 81 77 -4
flock_main 318 314 -4
deluser_main 337 333 -4
cp_main 374 370 -4
chown_main 175 171 -4
applet_long_options 4 - -4
xargs_main 894 889 -5
wget_main 2540 2535 -5
udhcpc_main 2767 2762 -5
touch_main 436 431 -5
tar_main 1014 1009 -5
start_stop_daemon_main 1033 1028 -5
sed_main 682 677 -5
script_main 1082 1077 -5
run_parts_main 330 325 -5
rtcwake_main 459 454 -5
od_main 2169 2164 -5
nl_main 201 196 -5
modprobe_main 773 768 -5
mkdir_main 160 155 -5
ls_main 568 563 -5
install_main 773 768 -5
hwclock_main 411 406 -5
getopt_main 622 617 -5
fstrim_main 256 251 -5
env_main 198 193 -5
dumpleases_main 635 630 -5
dpkg_main 3991 3986 -5
diff_main 1355 1350 -5
cryptpw_main 233 228 -5
cpio_main 593 588 -5
conspy_main 1135 1130 -5
chpasswd_main 313 308 -5
adduser_main 887 882 -5
addgroup_main 416 411 -5
ftpgetput_main 351 345 -6
get_terminal_width_height 242 234 -8
expand_main 690 680 -10
static.expand_longopts 18 - -18
static.unexpand_longopts 27 - -27
mkdir_longopts 28 - -28
env_longopts 30 - -30
static.ifenslave_longopts 34 - -34
mv_longopts 46 - -46
static.rmdir_longopts 48 - -48
packed_usage 31739 31687 -52
------------------------------------------------------------------------------
(add/remove: 2/8 grow/shrink: 3/49 up/down: 1352/-1840) Total: -488 bytes
text data bss dec hex filename
915681 485 6880 923046 e15a6 busybox_old
915428 485 6876 922789 e14a5 busybox_unstripped
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
The applets with "<applet> [opts] PROG ARGS" API very quickly exec
another program, noexec is okay for them:
chpst/envdir/envuidgid/softlimit/setuidgid
chroot
chrt
ionice
nice
nohup
setarch/linux32/linux64
taskset
cttyhack
"reset" and "sulogin" applets don't have this form, but also exec
another program at once, thus made noexec too.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Noticed while auditing nofork/noexec status
function old new delta
packed_usage 31777 31747 -30
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
With Linux 4.3, a new set of capabilities has been introduced with the
ambient capabilities. These aim to solve the problem that it was
impossible to grant run programs with elevated privileges across
non-root users. Quoting from capabilities(7):
This is a set of capabilities that are preserved across an execve(2)
of a program that is not privileged. The ambient capability set
obeys the invariant that no capability can ever be ambient if it is
not both permitted and inheritable.
With this new set of capabilities it is now possible to run an
executable with elevated privileges as a different user, making it much
easier to do proper privilege separation.
Note though that the `--ambient-caps` switch is not part of any released
version of util-linux, yet. It has been applied in 0c92194ee (setpriv:
support modifying the set of ambient capabilities, 2017-06-24) and will
probably be part of v2.31.
function old new delta
parse_cap - 174 +174
setpriv_main 1246 1301 +55
.rodata 146307 146347 +40
static.setpriv_longopts 40 55 +15
packed_usage 32092 32079 -13
Signed-off-by: Patrick Steinhardt <ps@pks.im>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
The main use case of setpriv is to modify the current state of
privileges available to the calling process and spawn a new executable
with the modified, new state. Next to the already supported case of
modifying the no-new-privs flag, util-linux also supports to modify
capability sets.
This commit introduces to add or drop capabilities from the set of
inheritable capabilities. Quoting from capabilities(7):
This is a set of capabilities preserved across an execve(2).
Inheritable capabilities remain inheritable when executing any
program, and inheritable capabilities are added to the permitted set
when executing a program that has the corresponding bits set in the
file inheritable set.
As such, inheritable capabilities enable executing files with certain
privileges if the file itself has these privileges set. Note though that
inheritable capabilities are dropped across execve when running as a
non-root user.
function old new delta
getcaps - 237 +237
setpriv_main 1129 1246 +117
.rodata 146198 146307 +109
static.setpriv_longopts 29 40 +11
packed_usage 32107 32092 -15
Signed-off-by: Patrick Steinhardt <ps@pks.im>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
As with the previous commit, this commit introduces the ability to dump
the set of ambient capabilities.
function old new delta
setpriv_main 982 1129 +147
.rodata 146148 146198 +50
Signed-off-by: Patrick Steinhardt <ps@pks.im>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
As with the previous commit, this one implements the ability to dump the
capability bounding set.
function old new delta
setpriv_main 838 982 +144
.rodata 146101 146148 +47
Signed-off-by: Patrick Steinhardt <ps@pks.im>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
The setpriv executable from util-linux also dumps out information on the
different capability sets known by the kernel. By default, these are the
inheritable capabilities, bounding capabilities and (not yet released)
the ambient capabilities, which have been introduced with Linux 4.3.
This patch introduces the ability to dump the set of inheritable
capabilities.
By default, setpriv(1) identifies capabilities by their human-readable
name, for example 'net_admin'. For unknown capabilities, though, it does
instead use the capability's value, for example 'cap_12', which is
equivalent to 'net_admin'. As there is no kernel interface to retrieve
capability names by their index, we have to declare these ourselves,
which adds to setpriv's size.
To counteract, using the human-readble name has been made configurable.
The following sizes are with the 'FEATURE_SETPRIV_CAPABILITY_NAMES'
enabled:
function old new delta
.rodata 145969 146405 +436
setpriv_main 467 842 +375
capabilities - 304 +304
And with 'FEATURE_SETPRIV_CAPABILITY_NAMES' disabled:
function old new delta
setpriv_main 467 838 +371
.rodata 145969 146101 +132
Signed-off-by: Patrick Steinhardt <ps@pks.im>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Introduce the ability to dump the state of the no-new-privs flag, which
states whethere it is allowed to grant new privileges.
function old new delta
setpriv_main 419 467 +48
.rodata 145926 145969 +43
Signed-off-by: Patrick Steinhardt <ps@pks.im>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
setpriv from util-linux has an option to dump the current state
regarding privilege settings via '--dump'. It prints out information on
the real and effective user and group IDs, supplementary groups, the
no-new-privs flag, the capability sets as well as secure bits.
This patch is the start of supporting this mode. To make introduction of
the '--dump' easier to reason about, its introduction has been split
into multiple patches. This particular one introduces the ability to
print out user and group information of the current process.
function old new delta
setpriv_main 89 322 +233
getresuid - 41 +41
getresgid - 41 +41
static.setpriv_longopts 22 29 +7
packed_usage 31675 31669 -6
------------------------------------------------------------------------------
(add/remove: 4/0 grow/shrink: 2/1 up/down: 322/-6) Total: 316 bytes
Patch by Patrick Steinhardt <ps@pks.im>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
The current option parsing logic of setpriv only supports the case where
we want to execute a sub-program and have at most one argument. Refactor
handling of options to solve these shortcomings to make it easy to
support 'setpriv --dump', which does not accept any additional
arguments, as well as the case where additional options are passed to
setpriv. This is done by handling 'argc' ourselves, throwing an error
when no program is specified, as well as introducing an enum for the
different option bitmasks.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
By default, the 'getopt32' call will continue parsing the command line
even after hitting a non-option string. But in setpriv, this should be
avoided, as all parameters following the initial non-option argument are
in fact arguments to the binary that is to be executed by setpriv.
Otherwise, calling e.g. 'busybox setpriv ls -l' would result in an error
due to the unknown parameter "-l".
Fix the issue by passing "+" as the first character in the options
string. This will cause 'getopt32' to stop processing after hitting the
first non-option.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>