[PATCH] busybox: backport sulogin empty root password fix

[PATCH] busybox: backport sulogin empty root password fix

[Jonathan Liu]

This allows system maintenance login if the root password is empty.

Signed-off-by: Jonathan Liu <net147@gmail.com>
---
 .../busybox-sulogin-empty-root-password.patch      | 58 ++++++++++++++++++++++
 meta/recipes-core/busybox/busybox_1.20.2.bb        |  3 +-
 2 files changed, 60 insertions(+), 1 deletion(-)
 create mode 100644 meta/recipes-core/busybox/busybox-1.20.2/busybox-sulogin-empty-root-password.patch

diff --git a/meta/recipes-core/busybox/busybox-1.20.2/busybox-sulogin-empty-root-password.patch b/meta/recipes-core/busybox/busybox-1.20.2/busybox-sulogin-empty-root-password.patch
new file mode 100644
index 0000000..baad298
--- /dev/null
+++ b/meta/recipes-core/busybox/busybox-1.20.2/busybox-sulogin-empty-root-password.patch
@@ -0,0 +1,58 @@
+Upstream-Status: Backport
+Signed-off-by: Jonathan Liu <net147@gmail.com>
+
+From b6dc13c2d3754704b1bf5af4e6b957b48585102f Mon Sep 17 00:00:00 2001
+From: Jonathan Liu <net147@gmail.com>
+Date: Tue, 21 May 2013 17:01:55 +0200
+Subject: [PATCH] sulogin: allow system maintenance login if root password is
+ empty
+
+The current password checking is unable to distinguish between the user
+entering an empty password or pressing Control-D. As a result, an empty
+password always results in normal startup.
+
+We modify bb_ask to return NULL if Control-D is pressed without entering
+a password. The sulogin applet is then modified to only proceed to
+normal startup if bb_ask returns NULL. This covers EOF with no password,
+interrupt by timeout and ^C.
+
+Signed-off-by: Jonathan Liu <net147@gmail.com>
+Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
+---
+ libbb/bb_askpass.c   | 4 +++-
+ loginutils/sulogin.c | 4 ++--
+ 2 files changed, 5 insertions(+), 3 deletions(-)
+
+diff --git a/libbb/bb_askpass.c b/libbb/bb_askpass.c
+index fe2b506..77c1bcd 100644
+--- a/libbb/bb_askpass.c
++++ b/libbb/bb_askpass.c
+@@ -65,7 +65,9 @@ char* FAST_FUNC bb_ask(const int fd, int timeout, const char *prompt)
+ 	i = 0;
+ 	while (1) {
+ 		int r = read(fd, &ret[i], 1);
+-		if (r < 0) {
++		if ((i == 0 && r == 0) /* EOF (^D) with no password */
++		 || r < 0
++		) {
+ 			/* read is interrupted by timeout or ^C */
+ 			ret = NULL;
+ 			break;
+diff --git a/loginutils/sulogin.c b/loginutils/sulogin.c
+index f79802a..65e6384 100644
+--- a/loginutils/sulogin.c
++++ b/loginutils/sulogin.c
+@@ -83,8 +83,8 @@ int sulogin_main(int argc UNUSED_PARAM, char **argv)
+ 		cp = bb_ask(STDIN_FILENO, timeout,
+ 				"Give root password for system maintenance\n"
+ 				"(or type Control-D for normal startup):");
+-
+-		if (!cp || !*cp) {
++		if (!cp) {
++			/* ^D, ^C, timeout, or read error */
+ 			bb_info_msg("Normal startup");
+ 			return 0;
+ 		}
+-- 
+1.8.2.3
+
diff --git a/meta/recipes-core/busybox/busybox_1.20.2.bb b/meta/recipes-core/busybox/busybox_1.20.2.bb
index 1445a5e..91510d6 100644
--- a/meta/recipes-core/busybox/busybox_1.20.2.bb
+++ b/meta/recipes-core/busybox/busybox_1.20.2.bb
@@ -1,5 +1,5 @@
 require busybox.inc
-PR = "r7"
+PR = "r8"
 
 SRC_URI = "http://www.busybox.net/downloads/busybox-${PV}.tar.bz2;name=tarball \
            file://B921600.patch \
@@ -33,6 +33,7 @@ SRC_URI = "http://www.busybox.net/downloads/busybox-${PV}.tar.bz2;name=tarball \
            file://testsuite-du-du-k-works-fix-false-positive.patch \
            file://strict-atime.patch \
            file://fail_on_no_media.patch \
+           file://busybox-sulogin-empty-root-password.patch \
            file://inetd.conf \
            file://inetd"
 
-- 
1.8.2.3

Re: [PATCH] busybox: backport sulogin empty root password fix

[Saul Wold]

On 05/21/2013 10:10 PM, Jonathan Liu wrote:
> This allows system maintenance login if the root password is empty.
>
> Signed-off-by: Jonathan Liu <net147@gmail.com>
> ---
>   .../busybox-sulogin-empty-root-password.patch      | 58 ++++++++++++++++++++++
>   meta/recipes-core/busybox/busybox_1.20.2.bb        |  3 +-
>   2 files changed, 60 insertions(+), 1 deletion(-)
>   create mode 100644 meta/recipes-core/busybox/busybox-1.20.2/busybox-sulogin-empty-root-password.patch
>
> diff --git a/meta/recipes-core/busybox/busybox-1.20.2/busybox-sulogin-empty-root-password.patch b/meta/recipes-core/busybox/busybox-1.20.2/busybox-sulogin-empty-root-password.patch
> new file mode 100644
> index 0000000..baad298
> --- /dev/null
> +++ b/meta/recipes-core/busybox/busybox-1.20.2/busybox-sulogin-empty-root-password.patch
> @@ -0,0 +1,58 @@
> +Upstream-Status: Backport
> +Signed-off-by: Jonathan Liu <net147@gmail.com>
> +
> +From b6dc13c2d3754704b1bf5af4e6b957b48585102f Mon Sep 17 00:00:00 2001
> +From: Jonathan Liu <net147@gmail.com>
> +Date: Tue, 21 May 2013 17:01:55 +0200
> +Subject: [PATCH] sulogin: allow system maintenance login if root password is
> + empty
> +
> +The current password checking is unable to distinguish between the user
> +entering an empty password or pressing Control-D. As a result, an empty
> +password always results in normal startup.
> +
> +We modify bb_ask to return NULL if Control-D is pressed without entering
> +a password. The sulogin applet is then modified to only proceed to
> +normal startup if bb_ask returns NULL. This covers EOF with no password,
> +interrupt by timeout and ^C.
> +
> +Signed-off-by: Jonathan Liu <net147@gmail.com>
> +Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
> +---
> + libbb/bb_askpass.c   | 4 +++-
> + loginutils/sulogin.c | 4 ++--
> + 2 files changed, 5 insertions(+), 3 deletions(-)
> +
> +diff --git a/libbb/bb_askpass.c b/libbb/bb_askpass.c
> +index fe2b506..77c1bcd 100644
> +--- a/libbb/bb_askpass.c
> ++++ b/libbb/bb_askpass.c
> +@@ -65,7 +65,9 @@ char* FAST_FUNC bb_ask(const int fd, int timeout, const char *prompt)
> + 	i = 0;
> + 	while (1) {
> + 		int r = read(fd, &ret[i], 1);
> +-		if (r < 0) {
> ++		if ((i == 0 && r == 0) /* EOF (^D) with no password */
> ++		 || r < 0
> ++		) {
> + 			/* read is interrupted by timeout or ^C */
> + 			ret = NULL;
> + 			break;
> +diff --git a/loginutils/sulogin.c b/loginutils/sulogin.c
> +index f79802a..65e6384 100644
> +--- a/loginutils/sulogin.c
> ++++ b/loginutils/sulogin.c
> +@@ -83,8 +83,8 @@ int sulogin_main(int argc UNUSED_PARAM, char **argv)
> + 		cp = bb_ask(STDIN_FILENO, timeout,
> + 				"Give root password for system maintenance\n"
> + 				"(or type Control-D for normal startup):");
> +-
> +-		if (!cp || !*cp) {
> ++		if (!cp) {
> ++			/* ^D, ^C, timeout, or read error */
> + 			bb_info_msg("Normal startup");
> + 			return 0;
> + 		}
> +--
> +1.8.2.3
> +
> diff --git a/meta/recipes-core/busybox/busybox_1.20.2.bb b/meta/recipes-core/busybox/busybox_1.20.2.bb
> index 1445a5e..91510d6 100644
> --- a/meta/recipes-core/busybox/busybox_1.20.2.bb
> +++ b/meta/recipes-core/busybox/busybox_1.20.2.bb
> @@ -1,5 +1,5 @@
>   require busybox.inc
> -PR = "r7"
> +PR = "r8"
>
You don't need to do PR bumps anymore.

Otherwise this looks good.

Sau!

>   SRC_URI = "http://www.busybox.net/downloads/busybox-${PV}.tar.bz2;name=tarball \
>              file://B921600.patch \
> @@ -33,6 +33,7 @@ SRC_URI = "http://www.busybox.net/downloads/busybox-${PV}.tar.bz2;name=tarball \
>              file://testsuite-du-du-k-works-fix-false-positive.patch \
>              file://strict-atime.patch \
>              file://fail_on_no_media.patch \
> +           file://busybox-sulogin-empty-root-password.patch \
>              file://inetd.conf \
>              file://inetd"
>
>