summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2017-07-15blkdiscard: provide our own BLK[SEC]DISCARD if necessaryDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-15tls: fix build problem on non-static i386Denys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-15Makefile: include per-arch Makefile before Makefile.flagsThomas Petazzoni
Makefile.flags contains: ARCH_FPIC ?= -fpic ARCH_FPIE ?= -fpie However, arch/$(ARCH)/Makefile gets included *after* Makefile.flags, and therefore doesn't get the chance to provide its own value. Fix this by including arch/$(ARCH)/Makefile *before* Makefile.flags. Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-15copyfd: guard use of munmap() with #if (windows builds need this)Johannes Schindelin
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-15ash: protect WIFSTOPPED use with #if JOBSJohannes Schindelin
This change fixes the build in setups where there are no headers defining WIFSTOPPED and WSTOPSIG (where JOBS has to be set to 0). This partially reverts 4700fb5be (ash: make dowait() a bit more readable. Logic is unchanged, 2015-10-09). Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-14libbb: hide getnetbyaddr() inside "#if ENABLE_FEATURE_ETC_NETWORKS" blockDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-14hush: make "wait %1" work even if the job is deadDenys Vlasenko
Example script: sleep 1 | (sleep 1;exit 3) & sleep 2 echo Zero:$? wait %1 echo Three:$? function old new delta clean_up_last_dead_job - 24 +24 process_wait_result 426 447 +21 builtin_wait 285 293 +8 insert_job_into_table 264 269 +5 builtin_jobs 68 73 +5 remove_job_from_table 59 57 -2 ------------------------------------------------------------------------------ (add/remove: 1/0 grow/shrink: 4/1 up/down: 63/-2) Total: 61 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-14hush: remove superfluous comparisonDenys Vlasenko
function old new delta builtin_wait 291 285 -6 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-14uuencode: allow space instead of "`" as padding char. Closes 10046Denys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-14xxd: allow "-" as file name meaning stdinDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-14libbb/dump: allow skipping over stdin tooDenys Vlasenko
function old new delta next 294 265 -29 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-14libbb/dump: fix a few broken commits and shrink codeDenys Vlasenko
function old new delta next 310 294 -16 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-14libbb: safe_write should not return EINTRDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-14dd: fix status=none. Closes 10066Denys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-14hush: add support for "set -e"Denys Vlasenko
function old new delta run_list 978 1046 +68 o_opt_strings 24 32 +8 reset_traps_to_defaults 136 142 +6 pick_sighandler 57 60 +3 packed_usage 31772 31770 -2 hush_main 983 961 -22 ------------------------------------------------------------------------------ (add/remove: 0/0 grow/shrink: 4/2 up/down: 85/-24) Total: 61 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-14cat: fix "cat -An" ignoring -n; make numbering go througn all filesDenys Vlasenko
function old new delta cat_main 418 428 +10 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-14add-remove-shell: fix crash when shell is already addedTimo Teräs
Avoid dereferencing 'don_add' in strcmp since it is invalid pointer. Signed-off-by: Timo Teräs <timo.teras@iki.fi> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-14cat: allow compiling out -n and -bKang-Che Sung
When these options were introduced in d88f94a5df3a2edb8ba56fab5c13674b452f87ab it provides no config options to compile them out. Now provide one. Introduce config FEATURE_CATN. Signed-off-by: Kang-Che Sung <explorer09@gmail.com> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-11unzip: TODO for symlink supportDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-10inetd,mount: do not die if uclibc without RPC is detectedDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-10hush: add TODO for "set -e"Denys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-10hush: simplify insert_job_into_table() a bitDenys Vlasenko
function old new delta done_word 767 761 -6 insert_job_into_table 325 264 -61 ------------------------------------------------------------------------------ (add/remove: 0/0 grow/shrink: 0/2 up/down: 59/-126) Total: -67 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-10hush: rename a few functionsDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-10libbb: do not die if setgid/setuid(real_id) on startup failsDenys Vlasenko
Based on a patch from Steven McDonald <steven@steven-mcdonald.id.au>: This makes 'unshare --user' work correctly in the case where the user's shell is provided by busybox itself. 'unshare --user' creates a new user namespace without any uid mappings. As a result, /bin/busybox is setuid nobody:nogroup within the namespace, as that is the only user. However, since no uids are mapped, attempting to call setgid/setuid fails, even though this would do nothing: $ unshare --user ./busybox.broken ash ash: setgid: Invalid argument 'unshare --map-root-user' still works, but because Linux only allows uid/gid mappings to be set up once, creating a root mapping makes such a namespace useless for creating multi-user containers. With this patch, setgid and setuid will not be called in the case where they would do nothing, which is always the case inside a new user namespace because all uids are effectively mapped to nobody: $ id -u 1000 $ ls -lh busybox.fixed -rwsr-xr-x 1 root root 826.2K May 21 00:33 busybox.fixed $ unshare --user ./busybox.fixed ash $ id -u 65534 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-09shuf: fix random line selection. Closes 9971Denys Vlasenko
""" For example, given input file: foo bar baz after shuffling the input file, foo will never end up back on the first line. This came to light when I ran into a use-case where someone was selecting a random line from a file using shuf | head -n 1, and the results on busybox were showing a statistical anomaly (as in, the first line would never ever be picked) vs the same process running on environments that had gnu coreutils installed. On line https://git.busybox.net/busybox/tree/coreutils/shuf.c#n56 it uses r %= i, which will result in 0 <= r < i, while the algorithm specifies 0 <= r <= i. """ Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-09crond: code shrinkDenys Vlasenko
function old new delta load_crontab 936 925 -11 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-09crond: move misplaced commentDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-08crond: support @daily etcDenys Vlasenko
function old new delta start_jobs - 348 +348 load_crontab 766 936 +170 static.SpecAry - 96 +96 crond_main 1424 1134 -290 ------------------------------------------------------------------------------ (add/remove: 2/0 grow/shrink: 1/1 up/down: 614/-290) Total: 324 bytes Based on patch by Jonathan Kolb <kolbyjack@gmail.com> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-08watchdog: do not use argc, other cleanupsDenys Vlasenko
function old new delta watchdog_main 298 291 -7 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-08watchdog: stop watchdog first on startupMatt Spinler
Some watchdog implementations may do things other than issue a reboot on a watchdog timeout. In this case, there's the possibility of restarting this program from the state of the watchdog device not being properly stopped (done by writing a 'V' and closing the device). Since it wasn't stopped, the driver may not be able to restart the watchdog when this program reopens it and starts pinging it. To fix this, the code will always first issue the stop when it starts up. function old new delta shutdown_on_signal - 32 +32 watchdog_main 268 298 +30 shutdown_watchdog - 25 +25 watchdog_shutdown 41 - -41 ------------------------------------------------------------------------------ (add/remove: 2/1 grow/shrink: 1/0 up/down: 87/-41) Total: 46 bytes Signed-off-by: Matt Spinler <spinler@us.ibm.com> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-08beep: disallow FEATURE_BEEP_FREQ = 0 in configurationDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-08hush: explain why wait5.tests is failingDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-07hush: fix "(sleep 1; exit 3) & sleep 2; echo $?; wait $!; echo $?"Denys Vlasenko
function old new delta process_wait_result 414 426 +12 builtin_wait 283 291 +8 run_list 974 978 +4 ------------------------------------------------------------------------------ (add/remove: 0/0 grow/shrink: 3/0 up/down: 24/0) Total: 24 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-07hush: fix two redirection testcase failuresDenys Vlasenko
function old new delta save_fds_on_redirect 183 256 +73 fcntl_F_DUPFD - 46 +46 restore_redirects 74 96 +22 xdup_and_close 51 72 +21 setup_redirects 196 200 +4 hush_main 988 983 -5 static.C 12 - -12 run_pipe 1595 1551 -44 ------------------------------------------------------------------------------ (add/remove: 1/1 grow/shrink: 4/2 up/down: 166/-61) Total: 105 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-07main: fix the case where user has "halt" as login shell. Closes 9986Denys Vlasenko
halt::0:0::/:/sbin/halt function old new delta run_applet_and_exit 748 751 +3 run_applet_no_and_exit 467 459 -8 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-07setpriv: remove dependency on libcap headersDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-07setpriv: factor out capability name printingDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-07setpriv: code shrink, and grouping capability code togetherDenys Vlasenko
function old new delta static.versions - 3 +3 getcaps 174 149 -25 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-07setpriv: allow modifying ambient capabilitiesPatrick Steinhardt
With Linux 4.3, a new set of capabilities has been introduced with the ambient capabilities. These aim to solve the problem that it was impossible to grant run programs with elevated privileges across non-root users. Quoting from capabilities(7): This is a set of capabilities that are preserved across an execve(2) of a program that is not privileged. The ambient capability set obeys the invariant that no capability can ever be ambient if it is not both permitted and inheritable. With this new set of capabilities it is now possible to run an executable with elevated privileges as a different user, making it much easier to do proper privilege separation. Note though that the `--ambient-caps` switch is not part of any released version of util-linux, yet. It has been applied in 0c92194ee (setpriv: support modifying the set of ambient capabilities, 2017-06-24) and will probably be part of v2.31. function old new delta parse_cap - 174 +174 setpriv_main 1246 1301 +55 .rodata 146307 146347 +40 static.setpriv_longopts 40 55 +15 packed_usage 32092 32079 -13 Signed-off-by: Patrick Steinhardt <ps@pks.im> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-07setpriv: allow modifying inheritable capsPatrick Steinhardt
The main use case of setpriv is to modify the current state of privileges available to the calling process and spawn a new executable with the modified, new state. Next to the already supported case of modifying the no-new-privs flag, util-linux also supports to modify capability sets. This commit introduces to add or drop capabilities from the set of inheritable capabilities. Quoting from capabilities(7): This is a set of capabilities preserved across an execve(2). Inheritable capabilities remain inheritable when executing any program, and inheritable capabilities are added to the permitted set when executing a program that has the corresponding bits set in the file inheritable set. As such, inheritable capabilities enable executing files with certain privileges if the file itself has these privileges set. Note though that inheritable capabilities are dropped across execve when running as a non-root user. function old new delta getcaps - 237 +237 setpriv_main 1129 1246 +117 .rodata 146198 146307 +109 static.setpriv_longopts 29 40 +11 packed_usage 32107 32092 -15 Signed-off-by: Patrick Steinhardt <ps@pks.im> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-06setpriv: dump ambient capabilitiesPatrick Steinhardt
As with the previous commit, this commit introduces the ability to dump the set of ambient capabilities. function old new delta setpriv_main 982 1129 +147 .rodata 146148 146198 +50 Signed-off-by: Patrick Steinhardt <ps@pks.im> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-06setpriv: dump capability bounding setPatrick Steinhardt
As with the previous commit, this one implements the ability to dump the capability bounding set. function old new delta setpriv_main 838 982 +144 .rodata 146101 146148 +47 Signed-off-by: Patrick Steinhardt <ps@pks.im> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-06setpriv: dump inheritable capability setPatrick Steinhardt
The setpriv executable from util-linux also dumps out information on the different capability sets known by the kernel. By default, these are the inheritable capabilities, bounding capabilities and (not yet released) the ambient capabilities, which have been introduced with Linux 4.3. This patch introduces the ability to dump the set of inheritable capabilities. By default, setpriv(1) identifies capabilities by their human-readable name, for example 'net_admin'. For unknown capabilities, though, it does instead use the capability's value, for example 'cap_12', which is equivalent to 'net_admin'. As there is no kernel interface to retrieve capability names by their index, we have to declare these ourselves, which adds to setpriv's size. To counteract, using the human-readble name has been made configurable. The following sizes are with the 'FEATURE_SETPRIV_CAPABILITY_NAMES' enabled: function old new delta .rodata 145969 146405 +436 setpriv_main 467 842 +375 capabilities - 304 +304 And with 'FEATURE_SETPRIV_CAPABILITY_NAMES' disabled: function old new delta setpriv_main 467 838 +371 .rodata 145969 146101 +132 Signed-off-by: Patrick Steinhardt <ps@pks.im> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-06setpriv: dump no-new-privs infoPatrick Steinhardt
Introduce the ability to dump the state of the no-new-privs flag, which states whethere it is allowed to grant new privileges. function old new delta setpriv_main 419 467 +48 .rodata 145926 145969 +43 Signed-off-by: Patrick Steinhardt <ps@pks.im> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-06shell: sync redir/* testsDenys Vlasenko
Note: hush-redir/redir_to_bad_fd.tests currently fails Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-06ash: rename redir5.tests (hush has redir5.tests which is different)Denys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-06hush: add a TODO about redir3.tests failureDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-06hush: rename hush-redir/redir3.tests (ash has redir3.tests which id different)Denys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-06hush: Print error messages on shift -1Denys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-06typo fixDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>