$((fail++)) is not a required expression in POSIX, and in "dash" it
could produce an error like this:
./make_single_applets.sh: 61: arithmetic expression: expecting primary: "fail++"
Replace this with something portable: fail=$((fail+1)) would work.
Signed-off-by: Kang-Che Sung <explorer09@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Makefile.flags contains:
ARCH_FPIC ?= -fpic
ARCH_FPIE ?= -fpie
However, arch/$(ARCH)/Makefile gets included *after* Makefile.flags,
and therefore doesn't get the chance to provide its own value.
Fix this by including arch/$(ARCH)/Makefile *before* Makefile.flags.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
This change fixes the build in setups where there are
no headers defining WIFSTOPPED and WSTOPSIG (where JOBS has to be
set to 0).
This partially reverts 4700fb5be (ash: make dowait() a bit more
readable. Logic is unchanged, 2015-10-09).
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Avoid dereferencing 'don_add' in strcmp since it is invalid
pointer.
Signed-off-by: Timo Teräs <timo.teras@iki.fi>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
When these options were introduced in d88f94a5df3a2edb8ba56fab5c13674b452f87ab
it provides no config options to compile them out. Now provide one.
Introduce config FEATURE_CATN.
Signed-off-by: Kang-Che Sung <explorer09@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Based on a patch from Steven McDonald <steven@steven-mcdonald.id.au>:
This makes 'unshare --user' work correctly in the case where the user's
shell is provided by busybox itself.
'unshare --user' creates a new user namespace without any uid mappings.
As a result, /bin/busybox is setuid nobody:nogroup within the
namespace, as that is the only user. However, since no uids are mapped,
attempting to call setgid/setuid fails, even though this would do
nothing:
$ unshare --user ./busybox.broken ash
ash: setgid: Invalid argument
'unshare --map-root-user' still works, but because Linux only allows
uid/gid mappings to be set up once, creating a root mapping makes such
a namespace useless for creating multi-user containers.
With this patch, setgid and setuid will not be called in the case where
they would do nothing, which is always the case inside a new user
namespace because all uids are effectively mapped to nobody:
$ id -u
1000
$ ls -lh busybox.fixed
-rwsr-xr-x 1 root root 826.2K May 21 00:33 busybox.fixed
$ unshare --user ./busybox.fixed ash
$ id -u
65534
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
"""
For example, given input file:
foo
bar
baz
after shuffling the input file, foo will never end up back on the first line.
This came to light when I ran into a use-case where someone was selecting
a random line from a file using shuf | head -n 1, and the results on busybox
were showing a statistical anomaly (as in, the first line would never ever
be picked) vs the same process running on environments that had gnu coreutils
installed.
On line https://git.busybox.net/busybox/tree/coreutils/shuf.c#n56 it uses
r %= i, which will result in 0 <= r < i, while the algorithm specifies
0 <= r <= i.
"""
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Some watchdog implementations may do things other than issue
a reboot on a watchdog timeout. In this case, there's the
possibility of restarting this program from the state of
the watchdog device not being properly stopped (done by writing
a 'V' and closing the device). Since it wasn't stopped, the
driver may not be able to restart the watchdog when this program
reopens it and starts pinging it.
To fix this, the code will always first issue the stop when it
starts up.
function old new delta
shutdown_on_signal - 32 +32
watchdog_main 268 298 +30
shutdown_watchdog - 25 +25
watchdog_shutdown 41 - -41
------------------------------------------------------------------------------
(add/remove: 2/1 grow/shrink: 1/0 up/down: 87/-41) Total: 46 bytes
Signed-off-by: Matt Spinler <spinler@us.ibm.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
With Linux 4.3, a new set of capabilities has been introduced with the
ambient capabilities. These aim to solve the problem that it was
impossible to grant run programs with elevated privileges across
non-root users. Quoting from capabilities(7):
This is a set of capabilities that are preserved across an execve(2)
of a program that is not privileged. The ambient capability set
obeys the invariant that no capability can ever be ambient if it is
not both permitted and inheritable.
With this new set of capabilities it is now possible to run an
executable with elevated privileges as a different user, making it much
easier to do proper privilege separation.
Note though that the `--ambient-caps` switch is not part of any released
version of util-linux, yet. It has been applied in 0c92194ee (setpriv:
support modifying the set of ambient capabilities, 2017-06-24) and will
probably be part of v2.31.
function old new delta
parse_cap - 174 +174
setpriv_main 1246 1301 +55
.rodata 146307 146347 +40
static.setpriv_longopts 40 55 +15
packed_usage 32092 32079 -13
Signed-off-by: Patrick Steinhardt <ps@pks.im>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>