Denys Vlasenko [Tue, 18 Jul 2017 20:01:24 +0000 (22:01 +0200)]
Update menuconfig items with approximate applet sizes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Tue, 18 Jul 2017 18:17:51 +0000 (20:17 +0200)]
Tweaks from mass recompile for 1.27.1 release
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Tue, 18 Jul 2017 16:14:42 +0000 (18:14 +0200)]
hush: tweak "help" output
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Ron Yorston [Tue, 18 Jul 2017 08:33:22 +0000 (09:33 +0100)]
printf: fix format string sanity check
One of the tests for printf checks for an invalid bare '%' in the
format string:
$ busybox printf '%' a b c
printf: %: invalid format
On x86_64 a slightly different test doesn't work correctly:
$ busybox printf '%' d e f
printf: invalid number 'd'
printf: invalid number 'e'
printf: invalid number 'f'
On other platforms the test fails randomly depending on how the
arguments are laid out in memory.
There are two places in the code where strchr is used to determine if
a character in the format string is valid. However, strchr also returns
a valid pointer if the character being searched for is the null terminator
thus causing the code to incorrectly suppose that a valid character has
been found.
Add explicit checks for the null terminator.
Signed-off-by: Ron Yorston <rmy@pobox.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Tue, 18 Jul 2017 13:58:02 +0000 (15:58 +0200)]
hush: fix readonly2.tests failure
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Tue, 18 Jul 2017 01:23:07 +0000 (03:23 +0200)]
hush: another testcase for "READONLY_VAR=VAL BLTIN ..."
Currently fails.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Tue, 18 Jul 2017 00:44:06 +0000 (02:44 +0200)]
hush: do not assign to readonly VAR in "VAR=VAL CMD" syntax too
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 17 Jul 2017 23:40:01 +0000 (01:40 +0200)]
hush: add readonly testcase, fix fallout
function old new delta
helper_export_local 185 214 +29
run_pipe 1549 1560 +11
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 2/0 up/down: 40/0) Total: 40 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 17 Jul 2017 23:05:24 +0000 (01:05 +0200)]
hush: convert exp/ro/local parameters to bitfields in one flag param
function old new delta
helper_export_local 174 185 +11
set_local_var 424 420 -4
run_list 1048 1044 -4
set_vars_and_save_old 88 83 -5
set_local_var_from_halves 27 22 -5
run_pipe 1554 1549 -5
builtin_export 173 168 -5
set_pwd_var 40 34 -6
builtin_readonly 70 64 -6
expand_one_var 1625 1618 -7
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 1/9 up/down: 11/-47) Total: -36 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 17 Jul 2017 19:47:27 +0000 (21:47 +0200)]
hush: HUSH_READONLY depends on HUSH
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 17 Jul 2017 19:31:17 +0000 (21:31 +0200)]
hush: forgot to emit error on (failing) second "readonly VAR=VAL"
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 17 Jul 2017 19:19:53 +0000 (21:19 +0200)]
hush: smaller code in !READONLY configs
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 17 Jul 2017 19:10:50 +0000 (21:10 +0200)]
hush: implement "readonly" builtin
function old new delta
builtin_readonly - 70 +70
helper_export_local 152 174 +22
bltins1 348 360 +12
expand_one_var 1620 1625 +5
builtin_export 168 173 +5
set_pwd_var 36 40 +4
set_local_var 410 414 +4
set_vars_and_save_old 85 88 +3
set_local_var_from_halves 24 27 +3
run_pipe 1551 1554 +3
run_list 1046 1048 +2
builtin_type 116 114 -2
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 10/1 up/down: 133/-2) Total: 131 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 17 Jul 2017 15:49:11 +0000 (17:49 +0200)]
ash: more general format ${var:EXPR:EXPR}
function old new delta
subevalvar 1171 1202 +31
localcmd 364 366 +2
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 17 Jul 2017 15:11:48 +0000 (17:11 +0200)]
ash: "you disabled math" is wrong: user did not disable it, builder of ash did
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 17 Jul 2017 14:50:20 +0000 (16:50 +0200)]
hush: small fix to last commit
die_if_script() indeed dies only in scripts! Must handle the case where it continues.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 17 Jul 2017 14:46:57 +0000 (16:46 +0200)]
hush: support ${VAR:N:-M}
function old new delta
expand_one_var 1602 1615 +13
builtin_type 114 116 +2
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 17 Jul 2017 14:13:35 +0000 (16:13 +0200)]
shells: expand TODO comments, no code changes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sun, 16 Jul 2017 18:36:48 +0000 (20:36 +0200)]
ttysize: if stdin is not tty, try stdout, then stderr
function old new delta
ttysize_main 135 175 +40
packed_usage 31686 31672 -14
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sun, 16 Jul 2017 18:29:35 +0000 (20:29 +0200)]
hush: fix "cmd1 && cmd2 &" handling on NOMMU
function old new delta
done_pipe 234 238 +4
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sun, 16 Jul 2017 14:43:41 +0000 (16:43 +0200)]
arch: new applet (same as unmae -m). ~30 bytes.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sat, 15 Jul 2017 20:54:46 +0000 (22:54 +0200)]
shell: and_or_and_backgrounding.tests is no longer "UNFIXED BUG"
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sat, 15 Jul 2017 20:51:55 +0000 (22:51 +0200)]
hush: fix and_or_and_backgrounding.tests failure
function old new delta
done_pipe 133 218 +85
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sat, 15 Jul 2017 19:14:16 +0000 (21:14 +0200)]
config: reorder items in "Busybox Settings", improve help
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sat, 15 Jul 2017 18:49:32 +0000 (20:49 +0200)]
config: merge "Busybox Settings" and "Busybox Library Tuning" into one menu
Tweak a few help texts while at it
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sat, 15 Jul 2017 18:22:25 +0000 (20:22 +0200)]
Move get_unaligned_le32() macros to platform.h
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sat, 15 Jul 2017 17:18:58 +0000 (19:18 +0200)]
fix more instances of ": $((a++))" in shell scripts
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Kang-Che Sung [Sat, 15 Jul 2017 03:38:58 +0000 (11:38 +0800)]
make_single_applets: fix ": $((fail++))" expansion error
$((fail++)) is not a required expression in POSIX, and in "dash" it
could produce an error like this:
./make_single_applets.sh: 61: arithmetic expression: expecting primary: "fail++"
Replace this with something portable: fail=$((fail+1)) would work.
Signed-off-by: Kang-Che Sung <explorer09@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sat, 15 Jul 2017 15:34:33 +0000 (17:34 +0200)]
config: fix tab-damaged help text
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sat, 15 Jul 2017 15:19:38 +0000 (17:19 +0200)]
tls: remove last int16 local variables in pstm code
function old new delta
pstm_mul_comba 439 447 +8
pstm_sqr_comba 475 478 +3
pstm_montgomery_reduce 399 381 -18
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 2/1 up/down: 11/-18) Total: -7 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sat, 15 Jul 2017 15:13:08 +0000 (17:13 +0200)]
tls: fix pstm asm constraint problem
function old new delta
pstm_sqr_comba 551 475 -76
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sat, 15 Jul 2017 12:52:26 +0000 (14:52 +0200)]
build system: FEATURE_LIBBUSYBOX_STATIC - try to pull libc/libm into libbusybox
It variously fails with different toolchains I tried...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sat, 15 Jul 2017 11:53:41 +0000 (13:53 +0200)]
blkdiscard: provide our own BLK[SEC]DISCARD if necessary
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sat, 15 Jul 2017 11:42:19 +0000 (13:42 +0200)]
tls: fix build problem on non-static i386
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Thomas Petazzoni [Fri, 14 Jul 2017 21:08:38 +0000 (23:08 +0200)]
Makefile: include per-arch Makefile before Makefile.flags
Makefile.flags contains:
ARCH_FPIC ?= -fpic
ARCH_FPIE ?= -fpie
However, arch/$(ARCH)/Makefile gets included *after* Makefile.flags,
and therefore doesn't get the chance to provide its own value.
Fix this by including arch/$(ARCH)/Makefile *before* Makefile.flags.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Johannes Schindelin [Fri, 14 Jul 2017 14:11:43 +0000 (16:11 +0200)]
copyfd: guard use of munmap() with #if (windows builds need this)
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Johannes Schindelin [Fri, 14 Jul 2017 20:25:58 +0000 (22:25 +0200)]
ash: protect WIFSTOPPED use with #if JOBS
This change fixes the build in setups where there are
no headers defining WIFSTOPPED and WSTOPSIG (where JOBS has to be
set to 0).
This partially reverts
4700fb5be (ash: make dowait() a bit more
readable. Logic is unchanged, 2015-10-09).
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 14 Jul 2017 18:17:17 +0000 (20:17 +0200)]
libbb: hide getnetbyaddr() inside "#if ENABLE_FEATURE_ETC_NETWORKS" block
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 14 Jul 2017 17:58:46 +0000 (19:58 +0200)]
hush: make "wait %1" work even if the job is dead
Example script:
sleep 1 | (sleep 1;exit 3) &
sleep 2
echo Zero:$?
wait %1
echo Three:$?
function old new delta
clean_up_last_dead_job - 24 +24
process_wait_result 426 447 +21
builtin_wait 285 293 +8
insert_job_into_table 264 269 +5
builtin_jobs 68 73 +5
remove_job_from_table 59 57 -2
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 4/1 up/down: 63/-2) Total: 61 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 14 Jul 2017 17:27:03 +0000 (19:27 +0200)]
hush: remove superfluous comparison
function old new delta
builtin_wait 291 285 -6
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 14 Jul 2017 15:24:59 +0000 (17:24 +0200)]
uuencode: allow space instead of "`" as padding char. Closes 10046
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 14 Jul 2017 14:29:30 +0000 (16:29 +0200)]
xxd: allow "-" as file name meaning stdin
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 14 Jul 2017 14:18:16 +0000 (16:18 +0200)]
libbb/dump: allow skipping over stdin too
function old new delta
next 294 265 -29
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 14 Jul 2017 14:03:43 +0000 (16:03 +0200)]
libbb/dump: fix a few broken commits and shrink code
function old new delta
next 310 294 -16
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 14 Jul 2017 12:22:09 +0000 (14:22 +0200)]
libbb: safe_write should not return EINTR
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 14 Jul 2017 11:44:30 +0000 (13:44 +0200)]
dd: fix status=none. Closes 10066
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 14 Jul 2017 11:36:48 +0000 (13:36 +0200)]
hush: add support for "set -e"
function old new delta
run_list 978 1046 +68
o_opt_strings 24 32 +8
reset_traps_to_defaults 136 142 +6
pick_sighandler 57 60 +3
packed_usage 31772 31770 -2
hush_main 983 961 -22
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 4/2 up/down: 85/-24) Total: 61 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 14 Jul 2017 08:47:18 +0000 (10:47 +0200)]
cat: fix "cat -An" ignoring -n; make numbering go througn all files
function old new delta
cat_main 418 428 +10
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Timo Teräs [Fri, 14 Jul 2017 07:59:52 +0000 (09:59 +0200)]
add-remove-shell: fix crash when shell is already added
Avoid dereferencing 'don_add' in strcmp since it is invalid
pointer.
Signed-off-by: Timo Teräs <timo.teras@iki.fi>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Kang-Che Sung [Fri, 14 Jul 2017 07:56:13 +0000 (09:56 +0200)]
cat: allow compiling out -n and -b
When these options were introduced in
d88f94a5df3a2edb8ba56fab5c13674b452f87ab
it provides no config options to compile them out. Now provide one.
Introduce config FEATURE_CATN.
Signed-off-by: Kang-Che Sung <explorer09@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Tue, 11 Jul 2017 20:10:52 +0000 (22:10 +0200)]
unzip: TODO for symlink support
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 10 Jul 2017 12:43:22 +0000 (14:43 +0200)]
inetd,mount: do not die if uclibc without RPC is detected
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 10 Jul 2017 08:33:10 +0000 (10:33 +0200)]
hush: add TODO for "set -e"
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 10 Jul 2017 08:01:12 +0000 (10:01 +0200)]
hush: simplify insert_job_into_table() a bit
function old new delta
done_word 767 761 -6
insert_job_into_table 325 264 -61
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 0/2 up/down: 59/-126) Total: -67 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 10 Jul 2017 08:00:28 +0000 (10:00 +0200)]
hush: rename a few functions
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 10 Jul 2017 07:17:43 +0000 (09:17 +0200)]
libbb: do not die if setgid/setuid(real_id) on startup fails
Based on a patch from Steven McDonald <steven@steven-mcdonald.id.au>:
This makes 'unshare --user' work correctly in the case where the user's
shell is provided by busybox itself.
'unshare --user' creates a new user namespace without any uid mappings.
As a result, /bin/busybox is setuid nobody:nogroup within the
namespace, as that is the only user. However, since no uids are mapped,
attempting to call setgid/setuid fails, even though this would do
nothing:
$ unshare --user ./busybox.broken ash
ash: setgid: Invalid argument
'unshare --map-root-user' still works, but because Linux only allows
uid/gid mappings to be set up once, creating a root mapping makes such
a namespace useless for creating multi-user containers.
With this patch, setgid and setuid will not be called in the case where
they would do nothing, which is always the case inside a new user
namespace because all uids are effectively mapped to nobody:
$ id -u
1000
$ ls -lh busybox.fixed
-rwsr-xr-x 1 root root 826.2K May 21 00:33 busybox.fixed
$ unshare --user ./busybox.fixed ash
$ id -u
65534
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sat, 8 Jul 2017 22:39:15 +0000 (00:39 +0200)]
shuf: fix random line selection. Closes 9971
"""
For example, given input file:
foo
bar
baz
after shuffling the input file, foo will never end up back on the first line.
This came to light when I ran into a use-case where someone was selecting
a random line from a file using shuf | head -n 1, and the results on busybox
were showing a statistical anomaly (as in, the first line would never ever
be picked) vs the same process running on environments that had gnu coreutils
installed.
On line https://git.busybox.net/busybox/tree/coreutils/shuf.c#n56 it uses
r %= i, which will result in 0 <= r < i, while the algorithm specifies
0 <= r <= i.
"""
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sat, 8 Jul 2017 22:08:13 +0000 (00:08 +0200)]
crond: code shrink
function old new delta
load_crontab 936 925 -11
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sat, 8 Jul 2017 22:00:39 +0000 (00:00 +0200)]
crond: move misplaced comment
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sat, 8 Jul 2017 18:53:11 +0000 (20:53 +0200)]
crond: support @daily etc
function old new delta
start_jobs - 348 +348
load_crontab 766 936 +170
static.SpecAry - 96 +96
crond_main 1424 1134 -290
------------------------------------------------------------------------------
(add/remove: 2/0 grow/shrink: 1/1 up/down: 614/-290) Total: 324 bytes
Based on patch by Jonathan Kolb <kolbyjack@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sat, 8 Jul 2017 16:53:49 +0000 (18:53 +0200)]
watchdog: do not use argc, other cleanups
function old new delta
watchdog_main 298 291 -7
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Matt Spinler [Sat, 8 Jul 2017 16:35:25 +0000 (18:35 +0200)]
watchdog: stop watchdog first on startup
Some watchdog implementations may do things other than issue
a reboot on a watchdog timeout. In this case, there's the
possibility of restarting this program from the state of
the watchdog device not being properly stopped (done by writing
a 'V' and closing the device). Since it wasn't stopped, the
driver may not be able to restart the watchdog when this program
reopens it and starts pinging it.
To fix this, the code will always first issue the stop when it
starts up.
function old new delta
shutdown_on_signal - 32 +32
watchdog_main 268 298 +30
shutdown_watchdog - 25 +25
watchdog_shutdown 41 - -41
------------------------------------------------------------------------------
(add/remove: 2/1 grow/shrink: 1/0 up/down: 87/-41) Total: 46 bytes
Signed-off-by: Matt Spinler <spinler@us.ibm.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sat, 8 Jul 2017 10:21:45 +0000 (12:21 +0200)]
beep: disallow FEATURE_BEEP_FREQ = 0 in configuration
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 7 Jul 2017 22:24:32 +0000 (00:24 +0200)]
hush: explain why wait5.tests is failing
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 7 Jul 2017 20:56:02 +0000 (22:56 +0200)]
hush: fix "(sleep 1; exit 3) & sleep 2; echo $?; wait $!; echo $?"
function old new delta
process_wait_result 414 426 +12
builtin_wait 283 291 +8
run_list 974 978 +4
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 3/0 up/down: 24/0) Total: 24 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 7 Jul 2017 20:07:28 +0000 (22:07 +0200)]
hush: fix two redirection testcase failures
function old new delta
save_fds_on_redirect 183 256 +73
fcntl_F_DUPFD - 46 +46
restore_redirects 74 96 +22
xdup_and_close 51 72 +21
setup_redirects 196 200 +4
hush_main 988 983 -5
static.C 12 - -12
run_pipe 1595 1551 -44
------------------------------------------------------------------------------
(add/remove: 1/1 grow/shrink: 4/2 up/down: 166/-61) Total: 105 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 7 Jul 2017 17:08:56 +0000 (19:08 +0200)]
main: fix the case where user has "halt" as login shell. Closes 9986
halt::0:0::/:/sbin/halt
function old new delta
run_applet_and_exit 748 751 +3
run_applet_no_and_exit 467 459 -8
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 7 Jul 2017 15:59:40 +0000 (17:59 +0200)]
setpriv: remove dependency on libcap headers
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 7 Jul 2017 14:09:45 +0000 (16:09 +0200)]
setpriv: factor out capability name printing
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 7 Jul 2017 14:00:07 +0000 (16:00 +0200)]
setpriv: code shrink, and grouping capability code together
function old new delta
static.versions - 3 +3
getcaps 174 149 -25
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Patrick Steinhardt [Fri, 7 Jul 2017 00:14:23 +0000 (02:14 +0200)]
setpriv: allow modifying ambient capabilities
With Linux 4.3, a new set of capabilities has been introduced with the
ambient capabilities. These aim to solve the problem that it was
impossible to grant run programs with elevated privileges across
non-root users. Quoting from capabilities(7):
This is a set of capabilities that are preserved across an execve(2)
of a program that is not privileged. The ambient capability set
obeys the invariant that no capability can ever be ambient if it is
not both permitted and inheritable.
With this new set of capabilities it is now possible to run an
executable with elevated privileges as a different user, making it much
easier to do proper privilege separation.
Note though that the `--ambient-caps` switch is not part of any released
version of util-linux, yet. It has been applied in
0c92194ee (setpriv:
support modifying the set of ambient capabilities, 2017-06-24) and will
probably be part of v2.31.
function old new delta
parse_cap - 174 +174
setpriv_main 1246 1301 +55
.rodata 146307 146347 +40
static.setpriv_longopts 40 55 +15
packed_usage 32092 32079 -13
Signed-off-by: Patrick Steinhardt <ps@pks.im>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Patrick Steinhardt [Thu, 6 Jul 2017 23:59:45 +0000 (01:59 +0200)]
setpriv: allow modifying inheritable caps
The main use case of setpriv is to modify the current state of
privileges available to the calling process and spawn a new executable
with the modified, new state. Next to the already supported case of
modifying the no-new-privs flag, util-linux also supports to modify
capability sets.
This commit introduces to add or drop capabilities from the set of
inheritable capabilities. Quoting from capabilities(7):
This is a set of capabilities preserved across an execve(2).
Inheritable capabilities remain inheritable when executing any
program, and inheritable capabilities are added to the permitted set
when executing a program that has the corresponding bits set in the
file inheritable set.
As such, inheritable capabilities enable executing files with certain
privileges if the file itself has these privileges set. Note though that
inheritable capabilities are dropped across execve when running as a
non-root user.
function old new delta
getcaps - 237 +237
setpriv_main 1129 1246 +117
.rodata 146198 146307 +109
static.setpriv_longopts 29 40 +11
packed_usage 32107 32092 -15
Signed-off-by: Patrick Steinhardt <ps@pks.im>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Patrick Steinhardt [Thu, 6 Jul 2017 21:02:33 +0000 (23:02 +0200)]
setpriv: dump ambient capabilities
As with the previous commit, this commit introduces the ability to dump
the set of ambient capabilities.
function old new delta
setpriv_main 982 1129 +147
.rodata 146148 146198 +50
Signed-off-by: Patrick Steinhardt <ps@pks.im>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Patrick Steinhardt [Thu, 6 Jul 2017 20:59:23 +0000 (22:59 +0200)]
setpriv: dump capability bounding set
As with the previous commit, this one implements the ability to dump the
capability bounding set.
function old new delta
setpriv_main 838 982 +144
.rodata 146101 146148 +47
Signed-off-by: Patrick Steinhardt <ps@pks.im>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Patrick Steinhardt [Thu, 6 Jul 2017 20:47:16 +0000 (22:47 +0200)]
setpriv: dump inheritable capability set
The setpriv executable from util-linux also dumps out information on the
different capability sets known by the kernel. By default, these are the
inheritable capabilities, bounding capabilities and (not yet released)
the ambient capabilities, which have been introduced with Linux 4.3.
This patch introduces the ability to dump the set of inheritable
capabilities.
By default, setpriv(1) identifies capabilities by their human-readable
name, for example 'net_admin'. For unknown capabilities, though, it does
instead use the capability's value, for example 'cap_12', which is
equivalent to 'net_admin'. As there is no kernel interface to retrieve
capability names by their index, we have to declare these ourselves,
which adds to setpriv's size.
To counteract, using the human-readble name has been made configurable.
The following sizes are with the 'FEATURE_SETPRIV_CAPABILITY_NAMES'
enabled:
function old new delta
.rodata 145969 146405 +436
setpriv_main 467 842 +375
capabilities - 304 +304
And with 'FEATURE_SETPRIV_CAPABILITY_NAMES' disabled:
function old new delta
setpriv_main 467 838 +371
.rodata 145969 146101 +132
Signed-off-by: Patrick Steinhardt <ps@pks.im>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Patrick Steinhardt [Thu, 6 Jul 2017 13:21:43 +0000 (15:21 +0200)]
setpriv: dump no-new-privs info
Introduce the ability to dump the state of the no-new-privs flag, which
states whethere it is allowed to grant new privileges.
function old new delta
setpriv_main 419 467 +48
.rodata 145926 145969 +43
Signed-off-by: Patrick Steinhardt <ps@pks.im>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Thu, 6 Jul 2017 19:01:50 +0000 (21:01 +0200)]
shell: sync redir/* tests
Note: hush-redir/redir_to_bad_fd.tests currently fails
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Thu, 6 Jul 2017 19:00:19 +0000 (21:00 +0200)]
ash: rename redir5.tests (hush has redir5.tests which is different)
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Thu, 6 Jul 2017 18:57:37 +0000 (20:57 +0200)]
hush: add a TODO about redir3.tests failure
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Thu, 6 Jul 2017 18:36:40 +0000 (20:36 +0200)]
hush: rename hush-redir/redir3.tests (ash has redir3.tests which id different)
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Thu, 6 Jul 2017 18:12:44 +0000 (20:12 +0200)]
hush: Print error messages on shift -1
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Thu, 6 Jul 2017 17:50:42 +0000 (19:50 +0200)]
typo fix
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Thu, 6 Jul 2017 17:48:20 +0000 (19:48 +0200)]
hush: implement negative start in the ${v: -n[:m]} idiom
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Thu, 6 Jul 2017 17:29:23 +0000 (19:29 +0200)]
hush: "adopt" ash var-utf8-length.tests
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Thu, 6 Jul 2017 16:40:45 +0000 (18:40 +0200)]
hush: "adopt" ash signal4.tests
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Thu, 6 Jul 2017 16:37:30 +0000 (18:37 +0200)]
shell: remove duplicate sigint1.tests (another copies are in signals/)
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Thu, 6 Jul 2017 16:31:47 +0000 (18:31 +0200)]
hush: add tickquote1.tests from ash testsuite
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Thu, 6 Jul 2017 16:19:35 +0000 (18:19 +0200)]
shell: syncronize ash and hush heredoc3.tests
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Thu, 6 Jul 2017 16:16:18 +0000 (18:16 +0200)]
shell: syncronize ash and hush heredoc1.tests
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Thu, 6 Jul 2017 15:59:25 +0000 (17:59 +0200)]
shell: syncronize ash_test/run-all and hush_test/run-all a bit
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Thu, 6 Jul 2017 00:17:24 +0000 (02:17 +0200)]
makedevs: code shrink
function old new delta
makedevs_main 1071 1052 -19
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Thu, 6 Jul 2017 00:04:32 +0000 (02:04 +0200)]
makedevs: allow much longer filenames
function old new delta
makedevs_main 1056 1071 +15
Patch by Kang-Che Sung <explorer09@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Wed, 5 Jul 2017 23:52:23 +0000 (01:52 +0200)]
hush: correctly handle quoting in "case" even if !BASH_PATTERN_SUBST
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Peter Korsgaard [Wed, 5 Jul 2017 09:53:58 +0000 (11:53 +0200)]
dpkg: fix CONFIG_FEATURE_CLEAN_UP handling
dpkg moved to away from dynamically allocating the hashtables in commit
c87339d584 (dpkg: trivial code shrinkage, and redo G trick correctly) almost
ten years ago, but the cleanup code was never adjusted to match.
Glibc loudly complains about this:
*** Error in `dpkg': free(): invalid pointer: 0x0000007fac3478c0 ***
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Wed, 5 Jul 2017 21:12:15 +0000 (23:12 +0200)]
hush: fix quoted_punct.tests failure
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Wed, 5 Jul 2017 20:19:28 +0000 (22:19 +0200)]
ash: fix escaping of a few characters (broken by last commits)
Add a testcase which tests all ASCII punctuation escapes.
NB: hush is failing this test!
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Wed, 5 Jul 2017 17:20:43 +0000 (19:20 +0200)]
ash: tweak in comment
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Wed, 5 Jul 2017 17:13:44 +0000 (19:13 +0200)]
ash: note which versions of glibc exhibit "rho bug"
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Wed, 5 Jul 2017 17:10:21 +0000 (19:10 +0200)]
ash: fix matching of unicode greek letter rho (cf 81) and similar cases
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Tue, 4 Jul 2017 16:49:24 +0000 (18:49 +0200)]
setpriv: dump user and group info
setpriv from util-linux has an option to dump the current state
regarding privilege settings via '--dump'. It prints out information on
the real and effective user and group IDs, supplementary groups, the
no-new-privs flag, the capability sets as well as secure bits.
This patch is the start of supporting this mode. To make introduction of
the '--dump' easier to reason about, its introduction has been split
into multiple patches. This particular one introduces the ability to
print out user and group information of the current process.
function old new delta
setpriv_main 89 322 +233
getresuid - 41 +41
getresgid - 41 +41
static.setpriv_longopts 22 29 +7
packed_usage 31675 31669 -6
------------------------------------------------------------------------------
(add/remove: 4/0 grow/shrink: 2/1 up/down: 322/-6) Total: 316 bytes
Patch by Patrick Steinhardt <ps@pks.im>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>