commands from shadow package

Rob Landley rob at landley.net
Sun Feb 21 23:54:55 UTC 2010 

On Sunday 21 February 2010 05:09:00 Denys Vlasenko wrote:
> On Sunday 21 February 2010 02:58, Harald Becker wrote:
> > Hi!
> >
> > I'm just thinking about removing the shadow package from my desktop
> > system and replacing it with busybox ...
> >
> > /bin/groups -> like: id -Gn (provide a script wrapper?)
> > /bin/login -> already in busybox
> > /bin/passwd -> already in busybox
> > /bin/su -> already in busybox
> > /sbin/nologin -> like: echo "Not available."; sleep 3s; exit 1 (provide
> > a script wrapper?)
> > /usr/bin/chage -> missing
> > /usr/bin/chfn -> missing
> > /usr/bin/chsh -> missing
> > /usr/bin/expiry -> missing, required?
> > /usr/bin/gpasswd -> missing (required!)
> > /usr/bin/newgrp -> missing (required!)
> > /usr/bin/passwd -> already in busybox
> > /usr/bin/sg -> missing (required!)
> > /usr/sbin/chgpasswd -> missing, like chpasswd
> > /usr/sbin/chpasswd -> already in busybox
> > /usr/sbin/groupadd -> busybox has addgroup
> > /usr/sbin/groupdel -> busybox has delgroup
> > /usr/sbin/groupmems -> missing, required?
> > /usr/sbin/groupmod -> missing, required?
> > /usr/sbin/grpck -> not required or external program like awk script (?)
> > /usr/sbin/grpconv -> not required or external program like awk script (?)
> > /usr/sbin/grpunconv -> not required or external program like awk script
> > (?) /usr/sbin/logoutd -> not required
> > /usr/sbin/newusers -> not required or external program like awk script
> > (?) /usr/sbin/pwck -> not required or external program like awk script
> > (?) /usr/sbin/pwconv -> not required or external program like awk script
> > (?) /usr/sbin/pwunconv -> not required or external program like awk
> > script (?) /usr/sbin/useradd -> busybox has adduser
> > /usr/sbin/userdel -> busybox has deluser
> > /usr/sbin/usermod -> missing, required?
> >
> > ... so there is a large list of missing commands in busybox. Has anybody
> > considered yet about those or is there anything wrong with using busybox
> > instead of the shadow package on a (small or thin) desktop system?

I use it to replace the shadow stuff on embedded systems.  Works fine for me.

> I don't see why any of "missing" commands are vital,
> but if you do need some of them (e.g. "distro foo fails to do bar
> if command baz is missing"), please describe.

usermod or moduser might be nice.  (Query: how do you change the login shell 
of an existing user with the busybox tools?  I suppose "use vi" is one 
answer... :)

Most of the rest are essentially shell script wrappers around one tool or 
another.  It might be nice if busybox had an examples/scripts directory with 
little shell wrappers that people might find useful.  (Of course every time I 
suggest that and give a specific example, people start bikeshedding it and then 
implement it in C and busybox gets just a little bit bigger.  Note that shell 
script is ascii text that compresses REALLY WELL...)

> > At least gpasswd, newgrp and sg are commands that I consider to be
> > required. gpasswd is like passwd, could possibly share code with it.
> > newgrp needs to be implemented as a shell builtin.
> >
> > If there is interest, I can contribute and throw in some work on those
> > and possibly the other login utilities, if they need any further work or
> > cleanup.
>
> Sure, why not?
> Whoever doesn't need then could always disable then in .config...

I do point out that configuring busybox gets more and more complicated every 
year, and fewer and fewer people actually bother to do it (grabbing defconfig 
instead).  Thus "people who want it can always disable it" is only partly 
true.

Increasing the configuration overhead of the project isn't free on system 
developers.  There are now 793 CONFIG_* options in .config.  If each of those 
takes five seconds to evaluate, then sitting down and figuring out what busybox 
config options are best for a system, from scratch, now takes over an hour.  
(3965 seconds, just over 66 minutes without a break.)

Five seconds per config symbol assumes you're already an expert.  It means you 
never have to look at any of the busybox help entries because you already know 
what they all are.  It means you're also extremely familiar with putting 
together your own Linux userspace, so you know what all the commands do 
without looking them up, and can evaluate off the top of your head the 
ramifications of including or excluding a given command (or option to a 
command).

I.E. it would probably take me, or you, more than an hour to sit down and 
configure busybox from scratch to the fullest granularity it currently offers.

The more attention we demand from developers to configure this thing, the more 
likely they are to just grab "defconfig" and be done with it.  You might want 
to evaluate your "Sure, why not?" in that context.

Just a cautionary note...

Rob
-- 
Latency is more important than throughput. It's that simple. - Linus Torvalds

More information about the busybox mailing list