Linux recently gained a new config option, CONFIG_MULTIUSER, that makes
support for non-root users optional. This results in a number of syscalls
being disabled: setuid, setregid, setgid, setreuid, setresuid, getresuid,
setresgid, getresgid, setgroups, getgroups, setfsuid, setfsgid, capget,
capset.
Currently a number of busybox applets, including login, struggle to run
when CONFIG_MULTIUSER is disabled. Even the root user is unable to login:
login: can't set groups: Functi
This patch adds code to make change_identity() a nop on single user
systems. It works by recognising the signature errno value (ENOSYS, due
to the system calls being disabled) and, to avoid security risks, only
deploys when the current uid and target uid is the same.
After the patch is applied any attempt to switch to a non-root user will
fail. Thus a badly configured userspace (for example, one that tries to
start a daemon as a non-root user when the kernel cannot support this)
will report errors as one would expect.
Signed-off-by: Daniel Thompson <daniel.thompson@linaro.org>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
This also removes their help texts.
function old new delta
run_applet_no_and_exit 442 452 +10
packed_usage 30713 30625 -88
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Copyright years seem to be out of date, e.g. coreutils/truncate.c
has Copyright (C) 2015.
Signed-off-by: Aaro Koskinen <aaro.koskinen@iki.fi>
Signed-off-by: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com>
UTMP is SVID legacy, UTMPX is mandated by POSIX.
Glibc and uClibc have identical layout of UTMP and UTMPX, both of these
libc treat _PATH_UTMPX as _PATH_UTMP so from a user-perspective nothing
changes except the names of the API entrypoints.
Signed-off-by: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com>
This way it can be used by other applets without duplication.
Signed-off-by: Ari Sundholm <ari@tuxera.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
loopinfo.lo_file_name is not enough to uniquely identify a file on a system with
multiple mount namespaces. We could conceivably change this to dedup on
(lo_rdevice, lo_inode), but, as the comment above the deleted code notes, this
whole approach of reusing devices is racy anyway, so it seems better to stop
doing it entirely.
Signed-off-by: Kevin Wallace <k@igneous.io>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
In vi-mode lineedit tries to detect some escape sequences.
After the ESC it reads the next character to check for certain
values. This read should have a timeout or a user-entered ESC to
switch to command mode doesn't properly handle the next character.
Signed-off-by: Ron Yorston <rmy@tigress.co.uk>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Busybox already uses sendfile in httpd. This patch proposes to use it
globally to copy data between file descriptors.
It speeds up the copying on slow systems a lot - below are the times needed
to copy a 450Mb file with and without this option enabled on a BeagleBone
Black:
sendfile:
user 0m0.000s
sys 0m8.170s
read/write 4k:
user 0m0.470s
sys 0m16.300s
function old new delta
bb_full_fd_action 394 474 +80
Signed-off-by: Bartosz Golaszewski <bartekgola@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Sometimes ARG_MAX is small (like 32k) yet sysconf(_SC_ARG_MAX)
is big, and people prefer using the bigger value.
OTOH, with sufficiently large ARG_MAX, further wins from
sysconf(_SC_ARG_MAX) being bigger are exponentially smaller:
you can see 4 times fewer fork+execs when you run find, but
when each execed process already takes a thousand parameters
it's likely execution time is dominated by what that process
does with each parameter.
Thus, with this change ARG_MAX is used if it's sufficiently big,
otherwise sysconf(_SC_ARG_MAX) is used.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
This makes "G" (goto end of input) command work as well as
/search_for_nonexistent_string: both will read to EOF now
even from somewhat slow input (such as kernel's "git log").
function old new delta
ndelay_on 35 43 +8
ndelay_off 35 43 +8
read_lines 695 691 -4
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 2/1 up/down: 16/-4) Total: 12 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
It is not clear why we were excluding init from this.
The "getpid() != 1" clause was there from the beginning (2001)
but not explained.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
It is an interesting trick, but so far I only managed to make it work
correctly, not to make it faster and/or smaller.
The code is ifdefed out for now.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
This set of patches adds a simple unit-testing framework to Busybox
unit-tests: add some helper macros for unit-test framework implementation
unit-tests: implement the unit-testing framework
unit-tests: add basic documentation on writing the unit test cases
unit-tests: modify the Makefile 'test' target to run unit-tests too
unit-tests: add two example test cases
unit-tests: modify the existing strrstr test code to use the unit-test framework
Signed-off-by: Bartosz Golaszewski <bartekgola@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
The find utility uses a hardcoded value of 32 * 1024 as the limit of
the command-line length when calling 'find -exec ... {} +'. This results
in over 4 times more execve() calls than in coreutils' find.
This patch uses the limit defined in system headers.
Based on the patch by Bartosz Golaszewski <bartekgola@gmail.com>.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
POSIX.1-2008 removed the usleep function, provide a fallback
implementaion using the recommended nanosleep().
Signed-off-by: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>