Based on a patch from Steven McDonald <steven@steven-mcdonald.id.au>:
This makes 'unshare --user' work correctly in the case where the user's
shell is provided by busybox itself.
'unshare --user' creates a new user namespace without any uid mappings.
As a result, /bin/busybox is setuid nobody:nogroup within the
namespace, as that is the only user. However, since no uids are mapped,
attempting to call setgid/setuid fails, even though this would do
nothing:
$ unshare --user ./busybox.broken ash
ash: setgid: Invalid argument
'unshare --map-root-user' still works, but because Linux only allows
uid/gid mappings to be set up once, creating a root mapping makes such
a namespace useless for creating multi-user containers.
With this patch, setgid and setuid will not be called in the case where
they would do nothing, which is always the case inside a new user
namespace because all uids are effectively mapped to nobody:
$ id -u
1000
$ ls -lh busybox.fixed
-rwsr-xr-x 1 root root 826.2K May 21 00:33 busybox.fixed
$ unshare --user ./busybox.fixed ash
$ id -u
65534
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Before this change, BB_EXTRA_VERSION of "" resulted in:
"BusyBox v1.28.0.git () multi-call binary"
message, after the fix it is:
"BusyBox v1.28.0.git multi-call binary"
While at it, eliminate BB_BT and BANNER single-use macros.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
When this feature is enabled, blank passwords are not accepted by su
unless the user is on a secure TTY defined in /etc/securetty. This
resembles the default PAM configuration of some Linux distros which
specify the nullok_secure option for pam_unix.so.
Based on patch by Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
The "autolooped" mount (mount [-oloop] IMAGE /DIR/DIR)
always creates AUTOCLEARed loopdevs, so that umounting
drops them (and this does not require any code in the
umount userspace).
This happens since circa linux-2.6.25:
commit 96c5865559cee0f9cbc5173f3c949f6ce3525581
Date: Wed Feb 6 01:36:27 2008 -0800
Subject: Allow auto-destruction of loop devices
IOW: in this case, umount does not have to use -d
to drop the loopdev.
The explicit loop mount (mount /dev/loopN /DIR/DIR)
does not do this. In this case, umount without -d
should not drop loopdev.
Unfortunately, bbox umount currently always implies -d,
this probably needs fixing.
function old new delta
set_loop 537 597 +60
singlemount 1101 1138 +37
losetup_main 419 432 +13
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 3/0 up/down: 110/0) Total: 110 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
An example of such an error (should be compiled with DEBUG_SANITIZE):
runtime error: left shift of 1 by 31 places cannot be represented in
type 'int'
Signed-off-by: Rostislav Skudnov <rostislav@tuxera.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Good news that TLS_RSA_WITH_AES_256_CBC_SHA256 still works with new code ;)
This change adds inevitable extension to have different sized hashes and AES key sizes.
In libbb, md5_end() and shaX_end() are extended to return result size instead of void -
this helps *a lot* in tls (the cost is ~5 bytes per _end() function).
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Many other appletw don't - they unconditionally use get_terminal_wodth(),
and here the amount of code saved by FEATURE_AUTOWIDTH=n is tiny.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Redundant help texts (one which only repeats the description)
are deleted.
Descriptions and help texts are trimmed.
Some config options are moved, even across menus.
No config option _names_ are changed.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
libbb/appletlib.c:558:12: warning: 'ingroup' defined but
not used [-Wunused-function]
static int ingroup(uid_t u, gid_t g)
^~~~~~~
That function is used only if FEATURE_SUID_CONFIG is also enabled.
Signed-off-by: Cristian Ionescu-Idbohrn <cristian.ionescu-idbohrn@axis.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
The selinux guys want you to get class values at runtime by converting
textual names into constants. Drop the deprecated headers and switch
to the new format.
This API has been around for years, so there shouldn't be an issue
with backwards compatibility.
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
(1) restore entire sigaction, not only signal handler function
(2) do not use stdio when not sure WINCH did not interrupt a printf() or such.
function old new delta
cmdedit_setwidth - 81 +81
read_line_input 3682 3722 +40
lineedit_read_key 138 155 +17
put_prompt 55 51 -4
win_changed 93 47 -46
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 2/2 up/down: 138/-50) Total: 88 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
These key combinations should repeat correctly when the keys are
pressed and held.
Before this change, they do this erratically - many repeats are "eaten"
because they are treated as unrecognized ESC seqs:
ESC 0x7f is treated by Alt+baskspace, but ESC 0x7f ESC 0x7f ESC 0x7f
is unrecognized.
Escape sequences corresponding to these key combinations are moved from
read_line_input to lineedit_read_key.
Also, these key sequences are now enabled regardless of whether
FEATURE_EDITING_VI is set, since Vim does not actually support these key
combinations, but they are present in readline library.
function old new delta
static.esccmds 93 103 +10
read_line_input 3737 3687 -50
Signed-off-by: Rostislav Skudnov <rostislav@tuxera.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Allocation addresses of malloc() are jittery,
thought I had a mem leak in hush, but it was malloc variability.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Gives "mount -t cifs //fe80::6a05:caff:fe3e:dbf5%eth0/test test"
a chance to work: mount must pass "ip=numeric_IPv6%numeric_iface_id"
in the omunt option string. Currently, it does not.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Lauri Kasanen:
:: Over at TinyCore, we receive a huge number of questions of the type "I
:: got "short write", what does it mean?". Mostly for the rpi port and when
:: using bb wget.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Run this in a "sh SCRIPT":
sha256sum /dev/null
echo END
sha256sum is a NOEXEC applet. It runs in a forked child. Then child exit()s.
By this time, entire script is read, and buffered in a FILE object
from fopen("SCRIPT"). But fgetc() did not consume entire input.
exit() lseeks back by -9 bytes, from <eof> to 'e' in 'echo'.
(this may be libc-specific).
This change of fd position *is shared with the parent*!
Now parent can read more, and it thinks there is another "echo END".
End result: two "echo END"s are run.
Fix this by _exit()ing instead.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
On user request.
I thought enabling/disabling them all together is more consistent.
Evidently, some people do want them to be separately selectable.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
When busybox is configured to contain a single applet an unnecessary
declaration of run_applet_and_exit results in a warning. Move the
declaration to avoid this.
Reported-by: Lauri Kasanen <curaga@operamail.com>
Signed-off-by: Ron Yorston <rmy@pobox.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Both calls to run_applet_and_exit are followed by the same code
to print an error message and return status 127. Remove this
duplication and make run_applet_and_exit static.
function old new delta
run_applet_and_exit 675 667 -8
main 119 92 -27
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 0/2 up/down: 0/-35) Total: -35 bytes
Signed-off-by: Ron Yorston <rmy@pobox.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
A recent commit made it possible to disable BusyBox's --install
and --list options. However it also stopped "busybox <applet>
<params>" from working.
Signed-off-by: Ron Yorston <rmy@pobox.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
If it's disabled, code shrinks by about 900 bytes:
function old new delta
usr_bin 10 - -10
usr_sbin 11 - -11
install_dir 20 - -20
applet_install_loc 184 - -184
run_applet_and_exit 686 21 -665
------------------------------------------------------------------------------
(add/remove: 0/4 grow/shrink: 0/1 up/down: 0/-890) Total: -890 bytes
text data bss dec hex filename
911327 493 7336 919156 e0674 busybox_old
909848 493 7336 917677 e00ad busybox_unstripped
but busybox executable by itself does not say anything useful:
$ busybox
busybox: applet not found
Based on the patch by Ron Yorston <rmy@pobox.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
The result of looking at "grep -F -B2 '*fill*' busybox_unstripped.map"
text data bss dec hex filename
829901 4086 1904 835891 cc133 busybox_before
829665 4086 1904 835655 cc047 busybox
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
The loop
for (j = ARRAY_SIZE(applet_nameofs)-1; j >= 0; j--) {
was intended to terminate when j goes negative, so j needs to be signed.
Signed-off-by: Ron Yorston <rmy@pobox.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
The array applet_nameofs consumes two bytes per applet. It encodes
nofork/noexec flags
suid flags
the offset of the applet name in the applet_name string
Change the applet_table build tool to store the flags in two separate
arrays (applet_flags and applet_suid). Replace applet_nameofs[] with a
smaller version that only stores a limited number of offsets.
This requires changes to the macros APPLET_IS_NOFORK, APPLET_IS_NOEXEC
and APPLET_SUID.
According to Valgrind the original find_applet_by_name required
353 cycles per call, averaged over all names. Adjusting the number
of known offsets allows space to be traded off against execution time:
KNOWN_OFFSETS cycles bytes (wrt KNOWN_OFFSETS = 0)
0 9057 -
2 4604 32
4 2407 75
8 1342 98
16 908 130
32 884 194
This patch uses KNOWN_OFFSETS = 8.
v2:
Remove some dead code from the applet_table tool;
Treat the applet in the middle of the table as a special case.
v3:
Use the middle applet to adjust the start of the linear search as
well as the last applet found.
v4:
Use an augmented linear search in find_applet_by_name.
Drop the special treatment of the middle name from get_applet_name:
most of the advantage now derives from the last stored value.
v5:
Don't store index in applet_nameofs, it can be calculated.
v6:
Tweaks by Denys
function old new delta
find_applet_by_name 25 125 +100
applet_suid - 92 +92
run_applet_no_and_exit 452 460 +8
run_applet_and_exit 695 697 +2
applet_name_compare 31 - -31
applet_nameofs 734 14 -720
------------------------------------------------------------------------------
(add/remove: 1/1 grow/shrink: 3/1 up/down: 202/-751) Total: -549 bytes
text data bss dec hex filename
925464 906 17160 943530 e65aa busybox_old
924915 906 17160 942981 e6385 busybox_unstripped
Signed-off-by: Ron Yorston <rmy@pobox.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
In standalone shell mode search the applet table as well as PATH
when tab completing a command.
Use a stupid linear search: we're also about to read all the
directories on PATH so efficiency isn't a big concern.
function old new delta
add_match - 53 +53
complete_cmd_dir_file 687 724 +37
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 1/0 up/down: 90/0) Total: 90 bytes
Signed-off-by: Ron Yorston <rmy@frippery.org>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
MONOTONIC_SYSCALL=y by default
FEATURE_LAST_SMALL is gone: now FEATURE_LAST_FANCY is a "bool", not a "choice".
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>