[ELDK] [PATCH RFSB v2] Fix device and directory permissions

Wolfgang Denk wd at denx.de
Thu Apr 29 22:48:25 CEST 2010


Some of the device permissions were incorrect; for example, loggin in
as a non-root user would produce an error message:

-sh: cannot create /dev/null: Permission denied

Also, the /tmp directory is required to be world writable.

Use more standard permissions on device nodes and some directories.

Signed-off-by: Wolfgang Denk <wd at denx.de>
Cc: Detlev Zundel <dzu at denx.de>
---
v2: Make sure to chmod /tmp only in case it is a directory.

 Makefile                  |    3 ++-
 config/rootfs_devices.tab |   38 +++++++++++++++++++-------------------
 custom/rootfs/etc/rc.sh   |    3 ++-
 custom/rootfs_devices.tab |   24 ++++++++++++------------
 4 files changed, 35 insertions(+), 33 deletions(-)

diff --git a/Makefile b/Makefile
index 1264361..fefbd8d 100644
--- a/Makefile
+++ b/Makefile
@@ -165,7 +165,8 @@ $(STAMP_ADD_DIRS):
            rootfs/{usr,usr/sbin,usr/bin,var,var/log,var/run} ; \
 	do \
 	    scripts/mkdir_safe $(BUILD)/$$dir ;\
-	done
+	done ;\
+	if [ -d rootfs/tmp ] ; then chmod 01777 rootfs/tmp ; else : ; fi
 	@touch $(STAMP_ADD_DIRS)
 
 $(STAMP_RFSB_SKEL):	$(STAMP_CLEAN)
diff --git a/config/rootfs_devices.tab b/config/rootfs_devices.tab
index bb1006c..6b3a1d5 100644
--- a/config/rootfs_devices.tab
+++ b/config/rootfs_devices.tab
@@ -1,16 +1,14 @@
 #<name>    <type> <mode> <uid> <gid> <major> <minor> <start>  <inc>  <count>
 /dev            d  755  0       0        -      -       -       -       -
-/dev/console    c  640  0       0        5      1       -       -       -
+/dev/console    c  600  0       0        5      1       -       -       -
 /dev/fb0        c  640  0       0       29      0       -       -       -
-/dev/full       c  640  0       0        1      7       -       -       -
-/dev/hda        b  640  0       0        3      0       -       -       -
-/dev/hda        b  640  0       0        3      1       1       1       16
+/dev/full       c  666  0       0        1      7       -       -       -
 /dev/kmem       c  640  0       0        1      2       -       -       -
 /dev/mem        c  640  0       0        1      1       -       -       -
 /dev/mtd        c  640  0       0       90      0       0       2       16
 /dev/mtdblock   b  640  0       0       31      0       0       1       16
 /dev/mtdr       c  640  0       0       90      1       0       2       16
-/dev/null       c  640  0       0        1      3       -       -       -
+/dev/null       c  666  0       0        1      3       -       -       -
 /dev/ppp	c  640	0	0      108	0	-	-	-
 /dev/pts        d  755  0       0        -      -       -       -       -
 /dev/ptyp       c  640  0       0        2      0       0       1       10
@@ -23,19 +21,21 @@
 /dev/ram        b  640  0       0        1      0       0       1       2
 /dev/ram        b  640  0       0        1      1       -       -       -
 /dev/random	c  666	0	0	 1	8	-	-	-
-/dev/urandom	c  444	0	0	 1	9	-	-	-
+/dev/urandom	c  666	0	0	 1	9	-	-	-
 /dev/rtc        c  640  0       0      254	0	-       -       -
-/dev/tty        c  640  0       0        4      0       0       1       4
-/dev/tty        c  640  0       0        5      0       -       -       -
-/dev/ttyS       c  640  0       0        4      64      0       1       8
-/dev/ttyCPM	c  640  0	0      204	46	0	1	4
-/dev/ttyPSC	c  640	0	0      204	148	0	1	4
-/dev/ttyp       c  640  0       0        3      0       0       1       10
-/dev/ttypa      c  640  0       0        3      10      -       -       -
-/dev/ttypb      c  640  0       0        3      11      -       -       -
-/dev/ttypc      c  640  0       0        3      12      -       -       -
-/dev/ttypd      c  640  0       0        3      13      -       -       -
-/dev/ttype      c  640  0       0        3      14      -       -       -
-/dev/ttypf      c  640  0       0        3      15      -       -       -
+/dev/sda        b  660  0       0        8      0       -       -       -
+/dev/sda        b  660  0       0        8      1       1       1       16
+/dev/tty        c  620  0       0        4      0       0       1       4
+/dev/tty        c  620  0       0        5      0       -       -       -
+/dev/ttyS       c  660  0       0        4      64      0       1       8
+/dev/ttyCPM	c  660  0	0      204	46	0	1	4
+/dev/ttyPSC	c  660	0	0      204	148	0	1	4
+/dev/ttyp       c  620  0       0        3      0       0       1       10
+/dev/ttypa      c  620  0       0        3      10      -       -       -
+/dev/ttypb      c  620  0       0        3      11      -       -       -
+/dev/ttypc      c  620  0       0        3      12      -       -       -
+/dev/ttypd      c  620  0       0        3      13      -       -       -
+/dev/ttype      c  620  0       0        3      14      -       -       -
+/dev/ttypf      c  620  0       0        3      15      -       -       -
 /dev/watchdog	c  640	0	0	10	130	-	-	-
-/dev/zero       c  640  0       0        1      5       -       -       -
+/dev/zero       c  666  0       0        1      5       -       -       -
diff --git a/custom/rootfs/etc/rc.sh b/custom/rootfs/etc/rc.sh
index cfe8e71..22beb59 100755
--- a/custom/rootfs/etc/rc.sh
+++ b/custom/rootfs/etc/rc.sh
@@ -8,8 +8,9 @@
 # mount TMPFS because root-fs is readonly
 /bin/mount -t tmpfs -o size=4M tmpfs /tmpfs
 
-mkdir -p /tmpfs/tmp /tmpfs/dev \
+mkdir -p /tmpfs/etc /tmpfs/dev /tmpfs/tmp \
 	 /tmpfs/var/lib/dhcp /tmpfs/var/lock /tmpfs/var/run
+chmod 01777 /tmpfs/tmp /tmpfs/var/lock
 
 while read name minor
 do
diff --git a/custom/rootfs_devices.tab b/custom/rootfs_devices.tab
index 48b0685..614f4f5 100644
--- a/custom/rootfs_devices.tab
+++ b/custom/rootfs_devices.tab
@@ -1,28 +1,28 @@
 #<name>    <type> <mode> <uid> <gid> <major> <minor> <start>  <inc>  <count>
 /dev            d  755  0       0        -      -       -       -       -
-/dev/console    c  640  0       0        5      1       -       -       -
+/dev/console    c  600  0       0        5      1       -       -       -
 /dev/fb0        c  640  0       0       29      0       -       -       -
-/dev/full       c  640  0       0        1      7       -       -       -
-/dev/hda        b  640  0       0        3      0       -       -       -
-/dev/hda        b  640  0       0        3      1       1       1       16
+/dev/full       c  666  0       0        1      7       -       -       -
 /dev/kmem       c  640  0       0        1      2       -       -       -
 /dev/mem        c  640  0       0        1      1       -       -       -
 /dev/mtd        c  640  0       0       90      0       0       2       16
 /dev/mtdblock   b  640  0       0       31      0       0       1       16
 /dev/mtdr       c  640  0       0       90      1       0       2       16
-/dev/null       c  640  0       0        1      3       -       -       -
+/dev/null       c  666  0       0        1      3       -       -       -
 /dev/ppp	c  640	0	0      108	0	-	-	-
 /dev/pts        d  755  0       0        -      -       -       -       -
 /dev/ram        b  640  0       0        1      0       0       1       2
 /dev/ram        b  640  0       0        1      1       -       -       -
 /dev/random	c  666	0	0	 1	8	-	-	-
-/dev/urandom	c  444	0	0	 1	9	-	-	-
+/dev/urandom	c  666	0	0	 1	9	-	-	-
 /dev/rtc        c  640  0       0      254	0	-       -       -
-/dev/tty        c  640  0       0        4      0       0       1       4
-/dev/tty        c  640  0       0        5      0       -       -       -
-/dev/ttyS       c  640  0       0        4      64      0       1       8
-/dev/ttyCPM	c  640  0	0      204	46	0	1	4
-/dev/ttyPSC	c  640	0	0      204	148	0	1	4
+/dev/sda        b  660  0       0        8      0       -       -       -
+/dev/sda        b  660  0       0        8      1       1       1       16
+/dev/tty        c  620  0       0        4      0       0       1       4
+/dev/tty        c  620  0       0        5      0       -       -       -
+/dev/ttyS       c  660  0       0        4      64      0       1       8
+/dev/ttyCPM	c  660  0	0      204	46	0	1	4
+/dev/ttyPSC	c  660	0	0      204	148	0	1	4
 /dev/watchdog	c  640	0	0	10	130	-	-	-
-/dev/zero       c  640  0       0        1      5       -       -       -
+/dev/zero       c  666  0       0        1      5       -       -       -
 /dev/input/event c 640	0	0	13	64	0	1	4
-- 
1.6.2.5



More information about the eldk mailing list