ExternalVendorCode/openwrt
1
0
Fork 0
mirror of https://github.com/openwrt/openwrt.git synced 2024-12-19 13:48:06 +00:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity
8eab0a0036
openwrt/package/utils/busybox/Makefile
Henrique de Moraes Holschuh ad7c6102f2 busybox: fix missing install with suid bit set if FEATURE_SUID=y 
With FEATURE_SUID=y one can install busybox binary belonging to root
with the suid bit set, enabling some applets to perform root-level
operations even when run by ordinary users. Busybox then drops
privileges for applets that don't need root access, before entering
their main() function.

Currently we don't install busybox binary with suid bit set, rendering
this feature unusable.

Note that we can't just "chmod u+s /bin/busybox" at runtime as a
"cheaper" solution: it would waste approximately 200KiB of FLASH (the
whole /bin/busybox binary gets copied into the overlay).

Ref: PR#2502
Signed-off-by: Henrique de Moraes Holschuh <henrique@nic.br>
[commit title/description facelift, use INSTALL_SUID variable]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-11-07 22:50:16 +01:00

124 lines
3.3 KiB
Makefile
Raw Blame History

#
# Copyright (C) 2006-2016 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
include $(TOPDIR)/rules.mk
PKG_NAME:=busybox
PKG_VERSION:=1.31.0
PKG_RELEASE:=1
PKG_FLAGS:=essential
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=https://www.busybox.net/downloads \
http://sources.buildroot.net
PKG_HASH:=0e4925392fd9f3743cc517e031b68b012b24a63b0cf6c1ff03cce7bb3846cc99
PKG_BUILD_DEPENDS:=BUSYBOX_CONFIG_PAM:libpam
PKG_BUILD_PARALLEL:=1
PKG_CHECK_FORMAT_SECURITY:=0
#Busybox use it's own PIE config flag and LDFLAGS are used with ld, not gcc.
PKG_ASLR_PIE:=0
PKG_LICENSE:=GPL-2.0
PKG_LICENSE_FILES:=LICENSE archival/libarchive/bz/LICENSE
PKG_CPE_ID:=cpe:/a:busybox:busybox
include $(INCLUDE_DIR)/package.mk
ifeq ($(DUMP),)
STAMP_CONFIGURED:=$(strip $(STAMP_CONFIGURED))_$(shell grep '^CONFIG_BUSYBOX_' $(TOPDIR)/.config | mkhash md5)
endif
BUSYBOX_SYM=$(if $(CONFIG_BUSYBOX_CUSTOM),CONFIG,DEFAULT)
BUSYBOX_IF_ENABLED=$(if $(CONFIG_BUSYBOX_$(BUSYBOX_SYM)_$(1)),$(2))
# All files provided by busybox will serve as fallback alternatives by opkg.
# There should be no need to enumerate ALTERNATIVES entries here
define Package/busybox
SECTION:=base
CATEGORY:=Base system
MAINTAINER:=Felix Fietkau <nbd@nbd.name>
TITLE:=Core utilities for embedded Linux
URL:=http://busybox.net/
DEPENDS:=+BUSYBOX_CONFIG_PAM:libpam +BUSYBOX_CONFIG_NTPD:jsonfilter
MENU:=1
endef
define Package/busybox/description
The Swiss Army Knife of embedded Linux.
It slices, it dices, it makes Julian Fries.
endef
define Package/busybox/config
source "$(SOURCE)/Config.in"
endef
ifdef CONFIG_BUSYBOX_CONFIG_FEATURE_SYSLOG
define Package/busybox/conffiles
/etc/syslog.conf
endef
endif
# don't create a version string containing the actual timestamp
export KCONFIG_NOTIMESTAMP=1
ifndef CONFIG_USE_MUSL
LDLIBS:=m crypt
endif
LDLIBS += $(call BUSYBOX_IF_ENABLED,PAM,pam pam_misc pthread)
ifeq ($(CONFIG_USE_GLIBC),y)
LDLIBS += $(call BUSYBOX_IF_ENABLED,NSLOOKUP_OPENWRT,resolv)
endif
TARGET_CFLAGS += -flto
TARGET_LDFLAGS += -flto=jobserver -fuse-linker-plugin
MAKE_VARS :=
MAKE_FLAGS += \
EXTRA_CFLAGS="$(TARGET_CFLAGS) $(TARGET_CPPFLAGS)" \
EXTRA_LDFLAGS="$(TARGET_LDFLAGS)" \
LDLIBS="$(LDLIBS)" \
LD="$(TARGET_CC)" \
SKIP_STRIP=y
ifneq ($(findstring c,$(OPENWRT_VERBOSE)),)
MAKE_FLAGS += V=1
endif
define Build/Configure
grep 'CONFIG_BUSYBOX_$(BUSYBOX_SYM)' $(TOPDIR)/.config | sed -e "s,\\(# \)\\?CONFIG_BUSYBOX_$(BUSYBOX_SYM)_\\(.*\\),\\1CONFIG_\\2,g" > $(PKG_BUILD_DIR)/.config
yes 'n' | $(MAKE) -C $(PKG_BUILD_DIR) $(MAKE_FLAGS) oldconfig
endef
define Build/Compile
$(call Build/Compile/Default, \
CONFIG_PREFIX="$(PKG_INSTALL_DIR)" \
all install \
)
endef
define Package/busybox/install
$(INSTALL_DIR) $(1)/etc/init.d
$(INSTALL_DIR) $(1)/usr/sbin
$(CP) $(PKG_INSTALL_DIR)/* $(1)/
ifneq ($(CONFIG_BUSYBOX_$(BUSYBOX_SYM)_CROND),)
$(INSTALL_BIN) ./files/cron $(1)/etc/init.d/cron
endif
ifneq ($(CONFIG_BUSYBOX_$(BUSYBOX_SYM)_NTPD),)
$(INSTALL_BIN) ./files/sysntpd $(1)/etc/init.d/sysntpd
$(INSTALL_BIN) ./files/ntpd-hotplug $(1)/usr/sbin/ntpd-hotplug
endif
ifneq ($(CONFIG_BUSYBOX_$(BUSYBOX_SYM)_FEATURE_SUID),)
$(INSTALL_SUID) $(PKG_INSTALL_DIR)/bin/busybox $(1)/bin/busybox
endif
-rm -rf $(1)/lib64
endef
$(eval $(call BuildPackage,busybox))
Reference in New Issue View Git Blame Copy Permalink