• Skip to sidebar navigation
  • Skip to content

Bitbucket

  • More
    ProjectsRepositories
  • Help
    • Online help
    • Learn Git
    • Welcome to Bitbucket
    • Keyboard shortcuts
  • Log In
fli4l
  1. fli4l

busybox

Public
Actions
  • Clone
  • Compare

Learn more about cloning repositories

You have read-only access

Navigation
  • Source
  • Commits
  • Branches
  • All Branches Graph
  • Forks

Commits

Daniel Thompson
7ca5c51cc8c
Download this commit
Daniel Thompson committed a818777d42412 May 2015
libbb: Enable support for !CONFIG_MULTIUSER

Linux recently gained a new config option, CONFIG_MULTIUSER, that makes
support for non-root users optional. This results in a number of syscalls
being disabled: setuid, setregid, setgid, setreuid, setresuid, getresuid,
setresgid, getresgid, setgroups, getgroups, setfsuid, setfsgid, capget,
capset.

Currently a number of busybox applets, including login, struggle to run
when CONFIG_MULTIUSER is disabled. Even the root user is unable to login:
  login: can't set groups: Functi

This patch adds code to make change_identity() a nop on single user
systems. It works by recognising the signature errno value (ENOSYS, due
to the system calls being disabled) and, to avoid security risks, only
deploys when the current uid and target uid is the same.

After the patch is applied any attempt to switch to a non-root user will
fail. Thus a badly configured userspace (for example, one that tries to
start a daemon as a non-root user when the kernel cannot support this)
will report errors as one would expect.

Signed-off-by: Daniel Thompson <daniel.thompson@linaro.org>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
  • Git repository management for enterprise teams powered by Atlassian Bitbucket
  • Atlassian Bitbucket v6.7.2
  • Documentation
  • Request a feature
  • About
  • Contact Atlassian
Atlassian
»

Everything looks good. We'll let you know here if there's anything you should know about.