[ELDK] [PATCH RFSB] Fix device and directory permissions
Wolfgang Denk
wd at denx.de
Thu Apr 29 22:15:15 CEST 2010
Some of the device permissions were incorrect; for example, loggin in
as a non-root user would produce an error message:
-sh: cannot create /dev/null: Permission denied
Also, the /tmp directory is required to be world writable.
Use more standard permissions on device nodes and some directories.
Signed-off-by: Wolfgang Denk <wd at denx.de>
Cc: Detlev Zundel <dzu at denx.de>
---
Makefile | 3 ++-
config/rootfs_devices.tab | 38 +++++++++++++++++++-------------------
custom/rootfs/etc/rc.sh | 3 ++-
custom/rootfs_devices.tab | 24 ++++++++++++------------
4 files changed, 35 insertions(+), 33 deletions(-)
diff --git a/Makefile b/Makefile
index 1264361..c1660d8 100644
--- a/Makefile
+++ b/Makefile
@@ -165,7 +165,8 @@ $(STAMP_ADD_DIRS):
rootfs/{usr,usr/sbin,usr/bin,var,var/log,var/run} ; \
do \
scripts/mkdir_safe $(BUILD)/$$dir ;\
- done
+ done ;\
+ chmod 01777 rootfs/tmp
@touch $(STAMP_ADD_DIRS)
$(STAMP_RFSB_SKEL): $(STAMP_CLEAN)
diff --git a/config/rootfs_devices.tab b/config/rootfs_devices.tab
index bb1006c..6b3a1d5 100644
--- a/config/rootfs_devices.tab
+++ b/config/rootfs_devices.tab
@@ -1,16 +1,14 @@
#<name> <type> <mode> <uid> <gid> <major> <minor> <start> <inc> <count>
/dev d 755 0 0 - - - - -
-/dev/console c 640 0 0 5 1 - - -
+/dev/console c 600 0 0 5 1 - - -
/dev/fb0 c 640 0 0 29 0 - - -
-/dev/full c 640 0 0 1 7 - - -
-/dev/hda b 640 0 0 3 0 - - -
-/dev/hda b 640 0 0 3 1 1 1 16
+/dev/full c 666 0 0 1 7 - - -
/dev/kmem c 640 0 0 1 2 - - -
/dev/mem c 640 0 0 1 1 - - -
/dev/mtd c 640 0 0 90 0 0 2 16
/dev/mtdblock b 640 0 0 31 0 0 1 16
/dev/mtdr c 640 0 0 90 1 0 2 16
-/dev/null c 640 0 0 1 3 - - -
+/dev/null c 666 0 0 1 3 - - -
/dev/ppp c 640 0 0 108 0 - - -
/dev/pts d 755 0 0 - - - - -
/dev/ptyp c 640 0 0 2 0 0 1 10
@@ -23,19 +21,21 @@
/dev/ram b 640 0 0 1 0 0 1 2
/dev/ram b 640 0 0 1 1 - - -
/dev/random c 666 0 0 1 8 - - -
-/dev/urandom c 444 0 0 1 9 - - -
+/dev/urandom c 666 0 0 1 9 - - -
/dev/rtc c 640 0 0 254 0 - - -
-/dev/tty c 640 0 0 4 0 0 1 4
-/dev/tty c 640 0 0 5 0 - - -
-/dev/ttyS c 640 0 0 4 64 0 1 8
-/dev/ttyCPM c 640 0 0 204 46 0 1 4
-/dev/ttyPSC c 640 0 0 204 148 0 1 4
-/dev/ttyp c 640 0 0 3 0 0 1 10
-/dev/ttypa c 640 0 0 3 10 - - -
-/dev/ttypb c 640 0 0 3 11 - - -
-/dev/ttypc c 640 0 0 3 12 - - -
-/dev/ttypd c 640 0 0 3 13 - - -
-/dev/ttype c 640 0 0 3 14 - - -
-/dev/ttypf c 640 0 0 3 15 - - -
+/dev/sda b 660 0 0 8 0 - - -
+/dev/sda b 660 0 0 8 1 1 1 16
+/dev/tty c 620 0 0 4 0 0 1 4
+/dev/tty c 620 0 0 5 0 - - -
+/dev/ttyS c 660 0 0 4 64 0 1 8
+/dev/ttyCPM c 660 0 0 204 46 0 1 4
+/dev/ttyPSC c 660 0 0 204 148 0 1 4
+/dev/ttyp c 620 0 0 3 0 0 1 10
+/dev/ttypa c 620 0 0 3 10 - - -
+/dev/ttypb c 620 0 0 3 11 - - -
+/dev/ttypc c 620 0 0 3 12 - - -
+/dev/ttypd c 620 0 0 3 13 - - -
+/dev/ttype c 620 0 0 3 14 - - -
+/dev/ttypf c 620 0 0 3 15 - - -
/dev/watchdog c 640 0 0 10 130 - - -
-/dev/zero c 640 0 0 1 5 - - -
+/dev/zero c 666 0 0 1 5 - - -
diff --git a/custom/rootfs/etc/rc.sh b/custom/rootfs/etc/rc.sh
index cfe8e71..22beb59 100755
--- a/custom/rootfs/etc/rc.sh
+++ b/custom/rootfs/etc/rc.sh
@@ -8,8 +8,9 @@
# mount TMPFS because root-fs is readonly
/bin/mount -t tmpfs -o size=4M tmpfs /tmpfs
-mkdir -p /tmpfs/tmp /tmpfs/dev \
+mkdir -p /tmpfs/etc /tmpfs/dev /tmpfs/tmp \
/tmpfs/var/lib/dhcp /tmpfs/var/lock /tmpfs/var/run
+chmod 01777 /tmpfs/tmp /tmpfs/var/lock
while read name minor
do
diff --git a/custom/rootfs_devices.tab b/custom/rootfs_devices.tab
index 48b0685..614f4f5 100644
--- a/custom/rootfs_devices.tab
+++ b/custom/rootfs_devices.tab
@@ -1,28 +1,28 @@
#<name> <type> <mode> <uid> <gid> <major> <minor> <start> <inc> <count>
/dev d 755 0 0 - - - - -
-/dev/console c 640 0 0 5 1 - - -
+/dev/console c 600 0 0 5 1 - - -
/dev/fb0 c 640 0 0 29 0 - - -
-/dev/full c 640 0 0 1 7 - - -
-/dev/hda b 640 0 0 3 0 - - -
-/dev/hda b 640 0 0 3 1 1 1 16
+/dev/full c 666 0 0 1 7 - - -
/dev/kmem c 640 0 0 1 2 - - -
/dev/mem c 640 0 0 1 1 - - -
/dev/mtd c 640 0 0 90 0 0 2 16
/dev/mtdblock b 640 0 0 31 0 0 1 16
/dev/mtdr c 640 0 0 90 1 0 2 16
-/dev/null c 640 0 0 1 3 - - -
+/dev/null c 666 0 0 1 3 - - -
/dev/ppp c 640 0 0 108 0 - - -
/dev/pts d 755 0 0 - - - - -
/dev/ram b 640 0 0 1 0 0 1 2
/dev/ram b 640 0 0 1 1 - - -
/dev/random c 666 0 0 1 8 - - -
-/dev/urandom c 444 0 0 1 9 - - -
+/dev/urandom c 666 0 0 1 9 - - -
/dev/rtc c 640 0 0 254 0 - - -
-/dev/tty c 640 0 0 4 0 0 1 4
-/dev/tty c 640 0 0 5 0 - - -
-/dev/ttyS c 640 0 0 4 64 0 1 8
-/dev/ttyCPM c 640 0 0 204 46 0 1 4
-/dev/ttyPSC c 640 0 0 204 148 0 1 4
+/dev/sda b 660 0 0 8 0 - - -
+/dev/sda b 660 0 0 8 1 1 1 16
+/dev/tty c 620 0 0 4 0 0 1 4
+/dev/tty c 620 0 0 5 0 - - -
+/dev/ttyS c 660 0 0 4 64 0 1 8
+/dev/ttyCPM c 660 0 0 204 46 0 1 4
+/dev/ttyPSC c 660 0 0 204 148 0 1 4
/dev/watchdog c 640 0 0 10 130 - - -
-/dev/zero c 640 0 0 1 5 - - -
+/dev/zero c 666 0 0 1 5 - - -
/dev/input/event c 640 0 0 13 64 0 1 4
--
1.6.2.5
More information about the eldk
mailing list