summaryrefslogtreecommitdiff
path: root/meta/classes/syslinux.bbclass
diff options
context:
space:
mode:
authorChen Qi <Qi.Chen@windriver.com>2015-04-21 17:30:46 +0800
committerRichard Purdie <richard.purdie@linuxfoundation.org>2015-04-24 11:05:58 +0100
commit6820f05dad0b4f9b9bbcf7c2a0af8c34f66199ae (patch)
treed1dd12be5a3781aa8cbdc6fc6b4b45049b89c7c7 /meta/classes/syslinux.bbclass
parent6751ef78694783fb86e55c77afefae750ab1b610 (diff)
downloadopenembedded-core-6820f05dad0b4f9b9bbcf7c2a0af8c34f66199ae.tar.gz
openembedded-core-6820f05dad0b4f9b9bbcf7c2a0af8c34f66199ae.tar.bz2
openembedded-core-6820f05dad0b4f9b9bbcf7c2a0af8c34f66199ae.zip
shadow: fix `su' behaviour
0001-su.c-fix-to-exec-command-correctly.patch is removed. Below is the reason. This patch is introduced to solve the 'su: applet not found' problem when executing `su -l xxx -c env'. The patch references codes of previous release of shadow. However, this patch introduces bug#5359. So it's not correct. Let's first look at the root cause of 'su: applet not found' problem. This problem appears when /bin/sh is provided by busybox. When executing `su -l xxx -c env' command, the following function is invoked. execve("/bin/sh", ["-su", "-c", "env"], [/* 6 vars */]) Note that the argv[0] provided to new executable file (/bin/sh) is "-su". As /bin/sh is a symlink to /bin/busybox. It's /bin/busybox that is executed. In busybox's appletlib.c, it would examine argv[0], try to find an applet that has the same name, and then try to execute the main function of the applet. This logic results in `su' applet from busybox to be executed. However, we default to set 'BUSYBOX_SPLIT_SUID' to "1", so 'su' is not found. Further more, even if we set 'BUSYBOX_SPLIT_SUID' to "0", so that 'su' applet is found. The whole behaviour is still not correct. Because 'su' from shadow takes higher priority than that from busybox, so 'su' from busybox should never be executed on such system unless it's specified clearly by the end user. The logic of busybox's appletlib.c is totally correct from the point of busybox itself. It's an integration problem. To solve the above problem, this patch comment out SU_NAME in /etc/login.defs so that the final function executed in shadow's su is as below. execve("/bin/sh", ["-sh", "-c", "env"], [/* 6 vars */]) [YOCTO #5359] [YOCTO #7137] Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/classes/syslinux.bbclass')
0 files changed, 0 insertions, 0 deletions