| Message ID | CABhNV21G9hPsHpATOeXUnyPuCpT71XGhVsgXW_Uniq88WUuqSQ@mail.gmail.com |
|---|---|
| State | Changes Requested |
| Headers | show |
| Series | Iputils not setting suid root? | expand |
Hello, On Fri, 12 Jan 2018 10:29:35 +0100, Einar Jón wrote: > I just changed my setup from using busybox to using iputils. > Now I can't ping/traceroute6 anymore unless I use sudo. Is that normal? > In my ubuntu the suid bit is set, so I just copied that behaviour, and > that works. > > I added the patch below to package/iputils/iputils.mk to set the permissions. > Is there any reason why it's not done? > > diff --git a/package/iputils/iputils.mk b/package/iputils/iputils.mk > index b20cd12..13e3389 100644 > --- a/package/iputils/iputils.mk > +++ b/package/iputils/iputils.mk > @@ -69,4 +69,9 @@ define IPUTILS_INSTALL_TARGET_CMDS > $(INSTALL) -D -m 755 $(@D)/traceroute6 $(TARGET_DIR)/bin/traceroute6 > endef > > +define IPUTILS_PERMISSIONS > + /bin/ping f 4755 0 0 - - - - - > + /bin/traceroute6 f 4755 0 0 - - - - - > +endef > + > $(eval $(generic-package)) That's a bug. Could you submit a proper patch that fixes this ? Thanks! Thomas
OK On 12 January 2018 at 10:50, Thomas Petazzoni <thomas.petazzoni@free-electrons.com> wrote: > Hello, > > On Fri, 12 Jan 2018 10:29:35 +0100, Einar Jón wrote: > >> I just changed my setup from using busybox to using iputils. >> Now I can't ping/traceroute6 anymore unless I use sudo. Is that normal? >> In my ubuntu the suid bit is set, so I just copied that behaviour, and >> that works. >> >> I added the patch below to package/iputils/iputils.mk to set the permissions. >> Is there any reason why it's not done? >> >> diff --git a/package/iputils/iputils.mk b/package/iputils/iputils.mk >> index b20cd12..13e3389 100644 >> --- a/package/iputils/iputils.mk >> +++ b/package/iputils/iputils.mk >> @@ -69,4 +69,9 @@ define IPUTILS_INSTALL_TARGET_CMDS >> $(INSTALL) -D -m 755 $(@D)/traceroute6 $(TARGET_DIR)/bin/traceroute6 >> endef >> >> +define IPUTILS_PERMISSIONS >> + /bin/ping f 4755 0 0 - - - - - >> + /bin/traceroute6 f 4755 0 0 - - - - - >> +endef >> + >> $(eval $(generic-package)) > > That's a bug. Could you submit a proper patch that fixes this ? > Attached one below, done against current master (84e835e) I hope that's the way you want it. > Thanks! > > Thomas > -- > Thomas Petazzoni, CTO, Free Electrons > Embedded Linux and Kernel engineering > http://free-electrons.com
Hello, On Fri, 12 Jan 2018 11:54:40 +0100, Einar Jón wrote: > > That's a bug. Could you submit a proper patch that fixes this ? > > > > Attached one below, done against current master (84e835e) > I hope that's the way you want it. It is almost good :) Things to adjust: - We need your Signed-off-by at the end of the commit log. - Please send the patch inline, using "git send-email". This makes review easier, and allows our patchwork tracking tool (http://patchwork.ozlabs.org/project/buildroot/list/) to properly record the patch. - You could slightly tweak the commit log, with something like: "The ping and traceroute6 programs need to be SUID-root to work correctly." Could you fix those minor details and send an updated version? Thanks! Thomas
OK. I installed git-email, and followed https://buildroot.org/downloads/manual/manual.html#submitting-patches but my workplace blocks emails that are not sent via Outlook, and my work email is not on the buldroot mailing list, so I don't think could get it through. Sending an update with the cc-s suggested.
diff --git a/package/iputils/iputils.mk b/package/iputils/iputils.mk index b20cd12..13e3389 100644 --- a/package/iputils/iputils.mk +++ b/package/iputils/iputils.mk @@ -69,4 +69,9 @@ define IPUTILS_INSTALL_TARGET_CMDS $(INSTALL) -D -m 755 $(@D)/traceroute6 $(TARGET_DIR)/bin/traceroute6 endef +define IPUTILS_PERMISSIONS + /bin/ping f 4755 0 0 - - - - - + /bin/traceroute6 f 4755 0 0 - - - - - +endef + $(eval $(generic-package))