From patchwork Thu Nov 27 22:41:49 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gustavo Zacarias X-Patchwork-Id: 415725 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from hemlock.osuosl.org (hemlock.osuosl.org [140.211.166.133]) by ozlabs.org (Postfix) with ESMTP id E88631401AD for ; Fri, 28 Nov 2014 09:43:49 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by hemlock.osuosl.org (Postfix) with ESMTP id AED6895BD7; Thu, 27 Nov 2014 22:43:48 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from hemlock.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KNphuLlyOkQQ; Thu, 27 Nov 2014 22:43:46 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by hemlock.osuosl.org (Postfix) with ESMTP id BEE0C95856; Thu, 27 Nov 2014 22:43:46 +0000 (UTC) X-Original-To: buildroot@lists.busybox.net Delivered-To: buildroot@osuosl.org Received: from whitealder.osuosl.org (whitealder.osuosl.org [140.211.166.138]) by ash.osuosl.org (Postfix) with ESMTP id E940F1C2207 for ; Thu, 27 Nov 2014 22:43:44 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by whitealder.osuosl.org (Postfix) with ESMTP id DE6DE91CC1 for ; Thu, 27 Nov 2014 22:43:44 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from whitealder.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ow0Y1TLETr4V for ; Thu, 27 Nov 2014 22:43:43 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from www.zacarias.com.ar (www.zacarias.com.ar [62.210.192.172]) by whitealder.osuosl.org (Postfix) with ESMTPS id 1068D91CD1 for ; Thu, 27 Nov 2014 22:43:42 +0000 (UTC) Received: from asgard (cpe-181-46-99-160.telecentro-reversos.com.ar [181.46.99.160] (may be forged)) (authenticated bits=0) by www.zacarias.com.ar (8.14.9/8.14.9) with ESMTP id sARMha7C013425 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Thu, 27 Nov 2014 22:43:39 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=zacarias.com.ar; s=dkey; t=1417128220; bh=neTEDQ3eidamcV4MOxJexF9g2fpohW/OUXoVKzrhBNQ=; h=From:To:Cc:Subject:Date; b=S3G/s056eO7JKxcqo6WNZM7X8x/t3PsT5odHjizySGeT3hUrIQpsswMtlBWPCtrcX ji0F+YjkbXY/eZq0E93MBJfrakzX+9SJ0Hor2BN4zXTu1skLYJSVT9NsGFBxRN3Q2J LfP3Fm9qVvD/r0gwcs8M635yzZfFbinmpEIok+ko= Received: by asgard (sSMTP sendmail emulation); Thu, 27 Nov 2014 19:41:49 -0300 From: Gustavo Zacarias To: buildroot@busybox.net Date: Thu, 27 Nov 2014 19:41:49 -0300 Message-Id: <1417128109-25880-1-git-send-email-gustavo@zacarias.com.ar> X-Mailer: git-send-email 2.0.4 X-Virus-Scanned: clamav-milter 0.98.4 at www X-Virus-Status: Clean Subject: [Buildroot] [PATCH] skeleton: make /run a proper directory/filesystem X-BeenThere: buildroot@busybox.net X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Discussion and development of buildroot List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: buildroot-bounces@busybox.net Sender: "buildroot" Making /var/run and /run symlinks to /tmp is bad since the underlying tmpfs filesystem is mode 1777 which leads to possible security attack vectors via badly owned/mask-mode pidfiles and state files residing there. So make /run a proper directory with /var/run symlinked to it. Eventually all startup scripts and state info should be pointed to /run directly as per the linux fhs and good practice. Add a tmpfs filesystem entry for /run so that busybox inittab, systemv inittab and systemd automount mounts it there to avoid breaking the system. While at it fix inconsistent spacing in /etc/fstab by using tabs and drop the "static file system information" header whatever that means. Signed-off-by: Gustavo Zacarias --- system/skeleton/etc/fstab | 17 ++++++++--------- system/skeleton/run | 1 - system/skeleton/run/.empty | 0 system/skeleton/var/run | 2 +- 4 files changed, 9 insertions(+), 11 deletions(-) delete mode 120000 system/skeleton/run create mode 100644 system/skeleton/run/.empty \ No newline at end of file diff --git a/system/skeleton/etc/fstab b/system/skeleton/etc/fstab index e000aad..2b418a0 100644 --- a/system/skeleton/etc/fstab +++ b/system/skeleton/etc/fstab @@ -1,9 +1,8 @@ -# /etc/fstab: static file system information. -# -# -/dev/root / ext2 rw,noauto 0 1 -proc /proc proc defaults 0 0 -devpts /dev/pts devpts defaults,gid=5,mode=620 0 0 -tmpfs /dev/shm tmpfs mode=0777 0 0 -tmpfs /tmp tmpfs mode=1777 0 0 -sysfs /sys sysfs defaults 0 0 +# +/dev/root / ext2 rw,noauto 0 1 +proc /proc proc defaults 0 0 +devpts /dev/pts devpts defaults,gid=5,mode=620 0 0 +tmpfs /dev/shm tmpfs mode=0777 0 0 +tmpfs /tmp tmpfs mode=1777 0 0 +tmpfs /run tmpfs mode=0755,nosuid,nodev 0 0 +sysfs /sys sysfs defaults 0 0 diff --git a/system/skeleton/run b/system/skeleton/run deleted file mode 120000 index 1c2f433..0000000 --- a/system/skeleton/run +++ /dev/null @@ -1 +0,0 @@ -tmp \ No newline at end of file diff --git a/system/skeleton/run/.empty b/system/skeleton/run/.empty new file mode 100644 index 0000000..e69de29 diff --git a/system/skeleton/var/run b/system/skeleton/var/run index 1431b0e..84ba55b 120000 --- a/system/skeleton/var/run +++ b/system/skeleton/var/run @@ -1 +1 @@ -../tmp \ No newline at end of file +../run