busybox.conf fixes shutdown

Continuing from previous blog post:
http://bkhome.org/blog/?viewDetailed=02240

In Wary I now have the suid bit set in /bin/busybox, but apparently that does not mean all the applets can run as root when invoked by a non-root user. In the case of 'reboot', 'poweroff' and 'halt' they won't run.

There is a solution though, a "poor man's sudo", that allows permissions to be set on a per-applet basis. Busybox has to be configured with CONFIG_FEATURE_SUID_CONFIG. I have done this and uploaded the PET. Compiled in Wary, but should work in other puppies (368K):
http://distro.ibiblio.org/quirky/pet_packages-wary5/busybox-1.17.2-1-w5.pet

My script /usr/sbin/root2user now creates /etc/busybox.conf, that allows 'reboot' and 'poweroff' to be run by fido.

The contents of /etc/busybox.conf is explained here:
http://www.softforge.de/bb/suid.html
...can't say that I really understand that 'ssx' field yet!

A distro that uses Busybox is Slitaz, and they also use this mechanism:
http://www.slitaz.org/en/doc/scratchbook/base-system.html

I can now shutdown. Other things still broken though (audio for example), will tackle those soon.


Posted on 1 May 2011, 11:15


Comments:

Posted on 1 May 2011, 21:08 by L18L
missing root2user
would be nice to have that script too.
It is not in the pet so /etc/busybox.conf is empty


Posted on 2 May 2011, 7:24 by BarryK
No sound
Hmmm, I can't get sound to work.

I am using the same technique as kirk in FatDog64, all audio device nodes are dynamically created, with some udev rules. This, as I understand it, should create audio device nodes with root:audio ownership:

SUBSYSTEM=="sound", GROUP="audio"

Kirk has USER="spot" GROUP="spot".

However, for me the device nodes get created root:root.

Well, I will download latest FatDog64, see if that works for as I expect.



Posted on 2 May 2011, 8:43 by BarryK
Re FatDog64
Um, I did download FatDog64, but then realised I don't have a PC with 64-bit CPU.



Posted on 2 May 2011, 15:37 by L18L
Re sound
Not sure whether this is helpful but maybe useful as testing scenario.
seamonkey file:///usr/share/audio/2barks.au using browser as spot.
2barks heard.

Or in console

# whoami
root
# ps | grep seamonkey
16555 spot 0:00 /bin/sh /usr/bin/seamonkey -UILocale de
16588 spot 0:00 /bin/sh /usr/lib/seamonkey/run-mozilla.sh /usr/lib/seamonk ey/seamonkey-bin -UILocale de
16592 spot 0:20 /usr/lib/seamonkey/seamonkey-bin -UILocale de
19175 root 0:00 grep seamonkey
# su spot
# whoami
spot
# cat /usr/share/audio/2barks.au > /dev/audio
#
same good result, heard it loud and clear.
My regards
spot on wary503q