dev/console catch 22

Mike Frysinger vapier at gentoo.org
Tue Jun 19 13:52:27 UTC 2007


On Tuesday 19 June 2007, Michael Cashwell wrote:
> So the file hierarchy served by the NFS server must be written by the a
> host process and I still have the issue of needing elevated privileges
> to do that for the special console node.

i dont really buy this ... only the root user can set up NFS exports and in 
order for it to be usable by the embedded machine, it has to have root 
access ... so basically, your system is already insecure so giving away sudo 
to everyone is exactly the same

> The odd part is that all this worked under the 2.4.20 kernel and an
> earlier version of Busybox. My hunch is that the now-deprecated devfs
> was handling the console node for me without me even knowing it.

correct

> Under 
> the new sysfs / mdev we must get further into init before the console
> works. That's all just supposition on my part but it's the largest
> different from what used to work that I can see.

not really, /dev is assumed to at least have /dev/console before userspace 
even starts ... if it doesnt, you're right back where i said and that's 
patching init to open /dev/console and re-exec itself

you could also do init=/sbin/pre_init which is a small piece of code that 
simply creates /dev/console and then opens it up for std{in,out,err} before 
doing execv(/sbin/init)
-mike
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 827 bytes
Desc: This is a digitally signed message part.
Url : http://lists.busybox.net/pipermail/busybox/attachments/20070619/eff8fccc/attachment-0002.pgp 


More information about the busybox mailing list