Home
Reading
Searching
Subscribe
Sponsors
Statistics
Posting
Contact
Spam
Lists
Links
About
Hosting
Filtering
Features Download
Marketing
Archives
FAQ
Blog
 
Gmane
From: <Qi.Chen-CWA4WttNNZF54TAoqtyWWQ <at> public.gmane.org>
Subject: [PATCH 0/8] busybox miscellaneous fixes
Newsgroups: gmane.comp.handhelds.openembedded.core
Date: Friday 7th June 2013 06:13:54 UTC (over 4 years ago)
From: Chen Qi 

This patchset mainly serves two purposes.
1) Switch to using busybox as the default login manager.
2) Fix to support FEATURE_INDIVIDUAL in busybox.

I'd really appreciate it if you could review it. And any comment or suggest
is
really welcome.

In this cover letter, I'll describe why we switch to using busybox instead
of
tiny login, how we do it and the final result of this change.

The reason is well explaned by Saul's comment in bug#4207.
(https://bugzilla.yoctoproject.org/show_bug.cgi?id=4207)
So I quote it here.
'''
tinylogin has been deprecated and the functionality ported into busybox,
the
size is smaller than tinybox. The issue to be concerned about is having
busybox
being setuid, a possibility is to use busybox as a separate binary.
'''

That's exactly what this patchset does.
*) switch to using busybox as the default login manager
*) remove tinylogin as it's deprecated
*) add the ability to split the busybox binary into two parts, one with
suid and the other not.

Following's a brief design. You could also see it on the bugzilla.
(https://bugzilla.yoctoproject.org/show_bug.cgi?id=4207)
Design:
1) Add a configuration fragment to the SRC_URI. The configuration fragment
will
   be called login-utilities.cfg, as its main purpose is to enable the
login utility
   of busybox.

2) set the default login manager to 'busybox' instead of 'tinylogin'

3) Add a variable, BUSYBOX_SPLIT_SUID, to control whether to split the
busybox
   binary into two parts, one with suid and the other not. We default it to
"1"
   to enable the splitting, but users could still override it to disable
the
   splitting. After all, busybox has no internal support for this suid apps
splitting,
   so there might be users out there who trust busybox and want just one
busybox binary.

4) Add a configuration file, suid_config_list, to control which
applications
   should be split into the suid binary. This list is first derived from
the
   command below (splitted into three lines here for readability).
   for i in `grep -E "APPLET.*BB_SUID_((MAYBE|REQUIRE))" include/applets.h
|
   grep -v _BB_SUID_DROP | cut -f 3 -d '(' | cut -f 1 -d ','`; do grep -i
-E
   "config_(feature_|)$i(_| )" .config; done | cut -d' ' -f2

5) Busybox supports building individual apps, so the change above should
still
   support this feature.

Here's the final result of this change:
1) FEATURE_INDIVIDUAL enabled
   We'll have links on target like below.
   /bin/ls -> /bin/ls.busybox
   /bin/cat -> /bin/cat.busybox
   /bin/su -> /bin/su.busybox
2) FEATURE_INDIVIDUAL disabled (this is the default behavior) and
BUSYBOX_SPLIT_SUID enabled
   /bin/ls -> /bin/busybox.nosuid
   /bin/cat -> /bin/busybox.nosuid
   /bin/su -> /bin/busybox.suid
3) FEATURE_INDIVIDUAL disabled and BUSYBOX_SPLIT_SUID disabled
   /bin/ls -> /bin/busybox
   /bin/cat -> /bin/busybox
   /bin/su -> /bin/busybox

//Chen Qi

The following changes since commit
a62aed41f2d8f874f7ae24d0e5be5dbc66ea2199:

  lrzsz: check locale.h in configure (2013-06-04 15:55:46 +0100)

are available in the git repository at:

  git://git.pokylinux.org/poky-contrib
ChenQi/busybox-fixes
  http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=ChenQi/busybox-fixes

Chen Qi (8):
  busybox: remove the postinst part of the recipe
  busybox: add support for CONFIG_FEATURE_INDIVIDUAL
  busybox: add a config fragment to enable login utilities
  busybox: add the ability to split the busybox binary
  packagegroup-core-boot: use busybox as the default login manager
  packagegroup-core-basic: set the default login manager
  mingetty: lower the ALTERNATIVE_PRIORITY
  tinylogin: remove recipe

 .../busybox/busybox-1.20.2/login-utilities.cfg     |   13 +
 .../busybox/busybox-1.20.2/suid_config_list        |   48 ++
 meta/recipes-core/busybox/busybox.inc              |  113 ++-
 meta/recipes-core/busybox/busybox_1.20.2.bb        |    4 +-
 .../packagegroups/packagegroup-core-boot.bb        |    2 +-
 .../tinylogin/tinylogin-1.4/add-system.patch       |  117 ---
 .../tinylogin-1.4/adduser-empty_pwd.patch          |   45 --
 .../tinylogin/tinylogin-1.4/avoid_static.patch     |   33 -
 .../tinylogin/tinylogin-1.4/cvs-20040608.patch     |  823
--------------------
 .../tinylogin/tinylogin-1.4/glibc_crypt_fix.patch  |   23 -
 .../tinylogin-1.4/passwd_rotate_check.patch        |   41 -
 .../tinylogin/tinylogin-1.4/remove-index.patch     |   13 -
 .../tinylogin/tinylogin-1.4/use_O2_option.patch    |   21 -
 meta/recipes-core/tinylogin/tinylogin_1.4.bb       |   45 --
 meta/recipes-extended/mingetty/mingetty_1.08.bb    |    2 +-
 .../packagegroups/packagegroup-core-basic.bb       |    3 +-
 16 files changed, 146 insertions(+), 1200 deletions(-)
 create mode 100644
meta/recipes-core/busybox/busybox-1.20.2/login-utilities.cfg
 create mode 100644
meta/recipes-core/busybox/busybox-1.20.2/suid_config_list
 delete mode 100644
meta/recipes-core/tinylogin/tinylogin-1.4/add-system.patch
 delete mode 100644
meta/recipes-core/tinylogin/tinylogin-1.4/adduser-empty_pwd.patch
 delete mode 100644
meta/recipes-core/tinylogin/tinylogin-1.4/avoid_static.patch
 delete mode 100644
meta/recipes-core/tinylogin/tinylogin-1.4/cvs-20040608.patch
 delete mode 100644
meta/recipes-core/tinylogin/tinylogin-1.4/glibc_crypt_fix.patch
 delete mode 100644
meta/recipes-core/tinylogin/tinylogin-1.4/passwd_rotate_check.patch
 delete mode 100644
meta/recipes-core/tinylogin/tinylogin-1.4/remove-index.patch
 delete mode 100644
meta/recipes-core/tinylogin/tinylogin-1.4/use_O2_option.patch
 delete mode 100644 meta/recipes-core/tinylogin/tinylogin_1.4.bb

-- 
1.7.9.5
 
CD: 4ms