diff --git a/package/busybox/Config.in b/package/busybox/Config.in index 116a72e945..ca8fe68eea 100644 --- a/package/busybox/Config.in +++ b/package/busybox/Config.in @@ -56,6 +56,22 @@ config BR2_PACKAGE_BUSYBOX_SELINUX crond, then individual binaries have to be enabled for the SELinux type transitions to occur properly. +config BR2_PACKAGE_BUSYBOX_INDIVIDUAL_BINARIES + bool "Individual binaries" + depends on !BR2_STATIC_LIBS + depends on !BR2_bfin # libbusybox.so link issue + help + By default (i.e with this option disabled), Busybox is + installed as a single binary in /bin/busybox and all applets + are a symbolic link to /bin/busybox. + + With this option enabled, each applet is a separate binary, + which is needed for proper operation with SELinux. + +comment "Busybox individual binaries need a toolchain w/ dynamic library" + depends on BR2_STATIC_LIBS + depends on !BR2_bfin + config BR2_PACKAGE_BUSYBOX_WATCHDOG bool "Install the watchdog daemon startup script" help diff --git a/package/busybox/busybox.mk b/package/busybox/busybox.mk index a536ed2953..2231730aa8 100644 --- a/package/busybox/busybox.mk +++ b/package/busybox/busybox.mk @@ -60,9 +60,32 @@ BUSYBOX_KCONFIG_FRAGMENT_FILES = $(call qstrip,$(BR2_PACKAGE_BUSYBOX_CONFIG_FRAG BUSYBOX_KCONFIG_EDITORS = menuconfig xconfig gconfig BUSYBOX_KCONFIG_OPTS = $(BUSYBOX_MAKE_OPTS) +ifeq ($(BR2_PACKAGE_BUSYBOX_INDIVIDUAL_BINARIES),y) +define BUSYBOX_PERMISSIONS +# Set permissions on all applets with BB_SUID_REQUIRE and BB_SUID_MAYBE. +# 12 Applets are pulled from applets.h using grep command : +# grep -r -e "APPLET.*BB_SUID_REQUIRE\|APPLET.*BB_SUID_MAYBE" \ +# $(@D)/include/applets.h +# These applets are added to the device table and the makedev file +# ignores the files with type 'F' ( optional files). + /usr/bin/wall F 4755 0 0 - - - - - + /bin/ping F 4755 0 0 - - - - - + /bin/ping6 F 4755 0 0 - - - - - + /usr/bin/crontab F 4755 0 0 - - - - - + /sbin/findfs F 4755 0 0 - - - - - + /bin/login F 4755 0 0 - - - - - + /bin/mount F 4755 0 0 - - - - - + /usr/bin/passwd F 4755 0 0 - - - - - + /bin/su F 4755 0 0 - - - - - + /usr/bin/traceroute F 4755 0 0 - - - - - + /usr/bin/traceroute6 F 4755 0 0 - - - - - + /usr/bin/vlock F 4755 0 0 - - - - - +endef +else define BUSYBOX_PERMISSIONS /bin/busybox f 4755 0 0 - - - - - endef +endif # If mdev will be used for device creation enable it and copy S10mdev to /etc/init.d ifeq ($(BR2_ROOTFS_DEVICE_CREATION_DYNAMIC_MDEV),y) @@ -171,6 +194,17 @@ define BUSYBOX_SET_SELINUX endef endif +ifeq ($(BR2_PACKAGE_BUSYBOX_INDIVIDUAL_BINARIES),y) +define BUSYBOX_SET_INDIVIDUAL_BINARIES + $(call KCONFIG_ENABLE_OPT,CONFIG_BUILD_LIBBUSYBOX,$(BUSYBOX_BUILD_CONFIG)) + $(call KCONFIG_ENABLE_OPT,CONFIG_FEATURE_INDIVIDUAL,$(BUSYBOX_BUILD_CONFIG)) +endef + +define BUSYBOX_INSTALL_INDIVIDUAL_BINARIES + rm -f $(TARGET_DIR)/bin/busybox +endef +endif + define BUSYBOX_INSTALL_LOGGING_SCRIPT if grep -q CONFIG_SYSLOGD=y $(@D)/.config; then \ $(INSTALL) -m 0755 -D package/busybox/S01logging \ @@ -228,6 +262,7 @@ define BUSYBOX_KCONFIG_FIXUP_CMDS $(BUSYBOX_SET_INIT) $(BUSYBOX_SET_WATCHDOG) $(BUSYBOX_SET_SELINUX) + $(BUSYBOX_SET_INDIVIDUAL_BINARIES) $(BUSYBOX_MUSL_TWEAKS) endef @@ -251,6 +286,7 @@ define BUSYBOX_INSTALL_INIT_SYSV $(BUSYBOX_INSTALL_LOGGING_SCRIPT) $(BUSYBOX_INSTALL_WATCHDOG_SCRIPT) $(BUSYBOX_INSTALL_TELNET_SCRIPT) + $(BUSYBOX_INSTALL_INDIVIDUAL_BINARIES) endef # Checks to give errors that the user can understand