Commit Graph

2076 Commits

Author SHA1 Message Date
Denys Vlasenko
12a4f9afe7 libbb: do not die if setgid/setuid(real_id) on startup fails
Based on a patch from Steven McDonald <steven@steven-mcdonald.id.au>:

This makes 'unshare --user' work correctly in the case where the user's
shell is provided by busybox itself.

'unshare --user' creates a new user namespace without any uid mappings.
As a result, /bin/busybox is setuid nobody:nogroup within the
namespace, as that is the only user. However, since no uids are mapped,
attempting to call setgid/setuid fails, even though this would do
nothing:

  $ unshare --user ./busybox.broken ash
  ash: setgid: Invalid argument

'unshare --map-root-user' still works, but because Linux only allows
uid/gid mappings to be set up once, creating a root mapping makes such
a namespace useless for creating multi-user containers.

With this patch, setgid and setuid will not be called in the case where
they would do nothing, which is always the case inside a new user
namespace because all uids are effectively mapped to nobody:

  $ id -u
  1000
  $ ls -lh busybox.fixed
  -rwsr-xr-x    1 root     root      826.2K May 21 00:33 busybox.fixed
  $ unshare --user ./busybox.fixed ash
  $ id -u
  65534

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-10 09:17:43 +02:00
Denys Vlasenko
69a5ec9dcc main: fix the case where user has "halt" as login shell. Closes 9986
halt::0:0::/:/sbin/halt

function                                             old     new   delta
run_applet_and_exit                                  748     751      +3
run_applet_no_and_exit                               467     459      -8

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-07 19:08:56 +02:00
Denys Vlasenko
a8cf9c5a3f libbb: new function bb_getgroups() - allocating wrapper around getgroups()
function                                             old     new   delta
bb_getgroups                                           -     111    +111
nexpr                                                843     757     -86
------------------------------------------------------------------------------
(add/remove: 2/0 grow/shrink: 0/1 up/down: 111/-86)            Total: 25 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-04 18:56:45 +02:00
Denys Vlasenko
d1f222c3b0 Change BB_EXTRA_VERSION: now it needs to contain any spaces/parenthesis
Before this change, BB_EXTRA_VERSION of "" resulted in:

	"BusyBox v1.28.0.git () multi-call binary"

message, after the fix it is:

	"BusyBox v1.28.0.git multi-call binary"

While at it, eliminate BB_BT and BANNER single-use macros.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-04 16:01:12 +02:00
Denys Vlasenko
d4e4fdb5ce fixes for bugs found by make_single_applets.sh
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-03 21:31:16 +02:00
Denys Vlasenko
10ad622dc2 Spelling fixes in comments, documentation, tests and examples
By klemens <ka7@github.com>

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-04-17 16:13:32 +02:00
Denys Vlasenko
44c0ab4102 libbb: fix "error: redefinition of 'is_tty_secure'"
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-04-13 17:55:05 +02:00
Denys Vlasenko
a3de0b3b86 libbb: make check_password() also return CHECKPASS_PW_HAS_EMPTY_PASSWORD
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-04-13 13:04:05 +02:00
Denys Vlasenko
335681ca8e su: FEATURE_SU_BLANK_PW_NEEDS_SECURE_TTY
When this feature is enabled, blank passwords are not accepted by su
unless the user is on a secure TTY defined in /etc/securetty. This
resembles the default PAM configuration of some Linux distros which
specify the nullok_secure option for pam_unix.so.

Based on patch by Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi>

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-04-13 12:57:04 +02:00
Kaarle Ritvanen
517a82c5b6 login: move check_securetty to libbb
Signed-off-by: Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-04-13 12:39:03 +02:00
Kaarle Ritvanen
835ad3a984 libbb: GETOPT_RESET macro
Signed-off-by: Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-04-12 20:11:34 +02:00
Denys Vlasenko
d9eb40c185 fix errors found with make_single_applets.sh
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-04-12 15:48:19 +02:00
Denys Vlasenko
8a134ec680 libbb: move isqrt from factor, use it in diff too
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-04-11 07:34:56 +02:00
Denys Vlasenko
4f0b540d08 modprobe: do not descend into /etc/modprobe.d/DIR/. Closes 8686
Also expanded comments in recursive_action.c

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-04-06 15:23:26 +02:00
Denys Vlasenko
ab518eea9c mount: create loop devices with LO_FLAGS_AUTOCLEAR flag
The "autolooped" mount (mount [-oloop] IMAGE /DIR/DIR)
always creates AUTOCLEARed loopdevs, so that umounting
drops them (and this does not require any code in the
umount userspace).
This happens since circa linux-2.6.25:
	commit 96c5865559cee0f9cbc5173f3c949f6ce3525581
	Date:    Wed Feb 6 01:36:27 2008 -0800
	Subject: Allow auto-destruction of loop devices
IOW: in this case, umount does not have to use -d
to drop the loopdev.

The explicit loop mount (mount /dev/loopN /DIR/DIR)
does not do this. In this case, umount without -d
should not drop loopdev.
Unfortunately, bbox umount currently always implies -d,
this probably needs fixing.

function                                             old     new   delta
set_loop                                             537     597     +60
singlemount                                         1101    1138     +37
losetup_main                                         419     432     +13
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 3/0 up/down: 110/0)             Total: 110 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-03-16 16:55:47 +01:00
Rostislav Skudnov
8762512fdb Replace int -> uint to avoid signed integer overflow
An example of such an error (should be compiled with DEBUG_SANITIZE):

runtime error: left shift of 1 by 31 places cannot be represented in
type 'int'

Signed-off-by: Rostislav Skudnov <rostislav@tuxera.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-02-04 23:10:22 +01:00
Denys Vlasenko
b6871c1965 ps: avoid -o stat to contain spaces. Closes 9631
function                                             old     new   delta
procps_scan                                         1227    1236      +9

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-02-02 13:04:30 +01:00
Denys Vlasenko
35b54a3c24 libbb: match_fstype() is unreadable in the extreme, fixing it
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-30 00:45:05 +01:00
Denys Vlasenko
9967c9949e libbb: spawn_and_wait() fflushes before forking NOEXEC; child reinits logmode
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-26 01:13:58 +01:00
Denys Vlasenko
cb8e84e65a libbb: shrink sump.c
function                                             old     new   delta
dot_flags_width_chars                                  -      16     +16
int_convs                                              -       7      +7
lcc                                                    7       -      -7
index_str                                             16       -     -16
rewrite                                             1013     937     -76
------------------------------------------------------------------------------
(add/remove: 2/2 grow/shrink: 0/1 up/down: 23/-99)            Total: -76 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-25 16:21:00 +01:00
Denys Vlasenko
0f4364775f xxd: new applet
Yet Another Hexdumper

function                                             old     new   delta
xxd_main                                               -     364    +364
packed_usage                                       31046   31116     +70
applet_names                                        2560    2564      +4
applet_main                                         1476    1480      +4
rewrite                                             1022    1013      -9
------------------------------------------------------------------------------
(add/remove: 2/0 grow/shrink: 3/1 up/down: 442/-9)            Total: 433 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-25 01:58:00 +01:00
Denys Vlasenko
49ecee098d tls: add 2nd cipher_id, TLS_RSA_WITH_AES_128_CBC_SHA, so far it doesn't work
Good news that TLS_RSA_WITH_AES_256_CBC_SHA256 still works with new code ;)

This change adds inevitable extension to have different sized hashes and AES key sizes.
In libbb, md5_end() and shaX_end() are extended to return result size instead of void -
this helps *a lot* in tls (the cost is ~5 bytes per _end() function).

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-24 16:00:54 +01:00
Denys Vlasenko
16e7f697f8 libbb: eliminate redundant variable in sha_crypt
function                                             old     new   delta
sha_crypt                                           1136    1130      -6

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-15 20:59:32 +01:00
Denys Vlasenko
b8935d00b0 sha512: use larger constant table only if sha512 is in fact selected
function                                             old     new   delta
sha_K                                                640     256    -384

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-15 20:16:27 +01:00
Denys Vlasenko
01ccdd1d3c libbb: consolidate the code to set termios unbuffered mode
function                                             old     new   delta
set_termios_to_raw                                     -     116    +116
count_lines                                           72      74      +2
powertop_main                                       1458    1430     -28
top_main                                             943     914     -29
more_main                                            759     714     -45
fsck_minix_main                                     2969    2921     -48
conspy_main                                         1197    1135     -62
rawmode                                               99      36     -63
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 1/6 up/down: 118/-275)         Total: -157 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-11 16:17:59 +01:00
Denys Vlasenko
a8a075acfe busybox: stop depending on FEATURE_AUTOWIDTH for applet list
Many other appletw don't - they unconditionally use get_terminal_wodth(),
and here the amount of code saved by FEATURE_AUTOWIDTH=n is tiny.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-11 10:52:24 +01:00
Denys Vlasenko
f560422fa0 Big cleanup in config help and description
Redundant help texts (one which only repeats the description)
are deleted.

Descriptions and help texts are trimmed.

Some config options are moved, even across menus.

No config option _names_ are changed.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-10 14:58:54 +01:00
Denys Vlasenko
fe93624fb6 Automatically disable FEATURE_COMPRESS_USAGE for small builds.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-06 19:16:36 +01:00
Cristian Ionescu-Idbohrn
f1d76b64a0 appletlib: avoid warning on unused function ingroup
libbb/appletlib.c:558:12: warning: 'ingroup' defined but
                                   not used [-Wunused-function]
 static int ingroup(uid_t u, gid_t g)
            ^~~~~~~

That function is used only if FEATURE_SUID_CONFIG is also enabled.

Signed-off-by: Cristian Ionescu-Idbohrn <cristian.ionescu-idbohrn@axis.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-03 12:01:15 +01:00
Denys Vlasenko
1afa494fd1 Make FEATURE_USERNAME_COMPLETION=y by default
This matches bash behavior on Fedora

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-12-23 13:40:24 +01:00
Denys Vlasenko
9cc3d3ab21 fix breakage found by mass one-applet builds
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-12-23 02:42:26 +01:00
Denys Vlasenko
e184a88356 df: implement -B n<suff> and -B <suff> formats of -B option
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-12-12 19:56:31 +01:00
Denys Vlasenko
ac5d324540 randomconfig fixes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-12-10 20:57:00 +01:00
Mike Frysinger
c6f35241b3 selinux: drop deprecated headers
The selinux guys want you to get class values at runtime by converting
textual names into constants.  Drop the deprecated headers and switch
to the new format.

This API has been around for years, so there shouldn't be an issue
with backwards compatibility.

Signed-off-by: Mike Frysinger <vapier@gentoo.org>
2016-12-09 18:30:30 -05:00
Denys Vlasenko
548620c18b randomconfig fixes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-12-08 12:24:48 +01:00
Denys Vlasenko
4bd0c2ab38 fix musl problem with dirname, now for all users of bb_make_directory()
function                                             old     new   delta
bb_make_directory                                    412     419      +7
install_main                                         793     769     -24
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 1/1 up/down: 7/-24)             Total: -17 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-12-04 10:42:07 +01:00
Denys Vlasenko
7d877fc931 Do not print useless empty line after list of applets
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-11-28 01:29:28 +01:00
Denys Vlasenko
038a977d47 lineedit: simplify code a bit
function                                             old     new   delta
lineedit_read_key                                    155     162      +7
put_prompt                                            51      46      -5
read_line_input                                     3722    3715      -7
cmdedit_setwidth                                      81      50     -31
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 1/3 up/down: 7/-43)             Total: -36 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-11-28 01:10:16 +01:00
Denys Vlasenko
bff71d3b9d lineedit: fix two bugs in SIGWINCH signal handling
(1) restore entire sigaction, not only signal handler function
(2) do not use stdio when not sure WINCH did not interrupt a printf() or such.

function                                             old     new   delta
cmdedit_setwidth                                       -      81     +81
read_line_input                                     3682    3722     +40
lineedit_read_key                                    138     155     +17
put_prompt                                            55      51      -4
win_changed                                           93      47     -46
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 2/2 up/down: 138/-50)            Total: 88 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-11-27 22:25:07 +01:00
Denys Vlasenko
4b89d512b1 ash,hush: make ^C in interactive mode visually much closer to bash behavior
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-11-25 03:41:03 +01:00
Denys Vlasenko
24860fa09c Move FEATURE_BUFFERS_USE_foo options to library tuning
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-11-24 22:30:52 +01:00
Denys Vlasenko
1255925a61 Move locale, unicode, and "use sendfile?" options to library tuning
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-11-24 22:18:55 +01:00
Rostislav Skudnov
2e4ef38743 lineedit: fix handling of repeating Alt-b, Alt-f, Alt-d, Alt-Backspace
These key combinations should repeat correctly when the keys are
pressed and held.

Before this change, they do this erratically - many repeats are "eaten"
because they are treated as unrecognized ESC seqs:
ESC 0x7f is treated by Alt+baskspace, but ESC 0x7f ESC 0x7f ESC 0x7f
is unrecognized.

Escape sequences corresponding to these key combinations are moved from
read_line_input to lineedit_read_key.

Also, these key sequences are now enabled regardless of whether
FEATURE_EDITING_VI is set, since Vim does not actually support these key
combinations, but they are present in readline library.

function                                             old     new   delta
static.esccmds                                        93     103     +10
read_line_input                                     3737    3687     -50

Signed-off-by: Rostislav Skudnov <rostislav@tuxera.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-11-24 15:04:00 +01:00
Denys Vlasenko
7e8218f9b2 Fix allnoconfig warnings
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-11-18 21:42:44 +01:00
Denys Vlasenko
834aba3b72 comment and readme updates
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-11-04 14:13:58 +01:00
Denys Vlasenko
79e2598c48 su: expand help; simplify passing of -c CMD to run_shell()
Also, added a comment about bug 9401 (TIOCSTI input injection).

function                                             old     new   delta
packed_usage                                       30909   30932     +23
su_main                                              470     487     +17
sulogin_main                                         260     258      -2
run_applet_and_exit                                  681     678      -3
run_shell                                            166     126     -40

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-11-03 22:13:08 +01:00
Denys Vlasenko
7c3c92c533 man: make width selection more thorough; explain how to override it
Fedora's "man CMD >file" still uses terminal width, not 80 (but disables formatting),
this change mimics that.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-31 01:52:18 +01:00
Denys Vlasenko
1336052a49 lineedit: fix completion with applet names. closes 9361
Patch by Ron Yorston <rmy@pobox.com>

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-24 01:25:05 +02:00
Denys Vlasenko
7f0ebbc69e hush: add commented-out debug printouts in "memleak" built-in
Allocation addresses of malloc() are jittery,
thought I had a mem leak in hush, but it was malloc variability.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-03 17:42:53 +02:00
Denys Vlasenko
3c18e3051d libbb: make xmalloc_sockaddr2dotted use NI_NUMERICSCOPE
Gives "mount -t cifs //fe80::6a05:caff:fe3e:dbf5%eth0/test test"
a chance to work: mount must pass "ip=numeric_IPv6%numeric_iface_id"
in the omunt option string. Currently, it does not.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-09-26 19:53:04 +02:00