dev/console catch 22
Mike Frysinger
vapier at gentoo.org
Tue Jun 19 13:52:27 UTC 2007
On Tuesday 19 June 2007, Michael Cashwell wrote:
> So the file hierarchy served by the NFS server must be written by the a
> host process and I still have the issue of needing elevated privileges
> to do that for the special console node.
i dont really buy this ... only the root user can set up NFS exports and in
order for it to be usable by the embedded machine, it has to have root
access ... so basically, your system is already insecure so giving away sudo
to everyone is exactly the same
> The odd part is that all this worked under the 2.4.20 kernel and an
> earlier version of Busybox. My hunch is that the now-deprecated devfs
> was handling the console node for me without me even knowing it.
correct
> Under
> the new sysfs / mdev we must get further into init before the console
> works. That's all just supposition on my part but it's the largest
> different from what used to work that I can see.
not really, /dev is assumed to at least have /dev/console before userspace
even starts ... if it doesnt, you're right back where i said and that's
patching init to open /dev/console and re-exec itself
you could also do init=/sbin/pre_init which is a small piece of code that
simply creates /dev/console and then opens it up for std{in,out,err} before
doing execv(/sbin/init)
-mike
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 827 bytes
Desc: This is a digitally signed message part.
Url : http://lists.busybox.net/pipermail/busybox/attachments/20070619/eff8fccc/attachment-0002.pgp
More information about the busybox
mailing list