diff options
author | Denys Vlasenko <vda.linux@googlemail.com> | 2017-08-05 01:51:12 +0200 |
---|---|---|
committer | Denys Vlasenko <vda.linux@googlemail.com> | 2017-08-05 01:51:12 +0200 |
commit | fdb92359e47eee8ccd57092928cedccb28ce2f11 (patch) | |
tree | caa1adb92b38b8af04a34c8be145b40206e232df | |
parent | 9c49d6e11b54bd0695240119f5f28672173f6300 (diff) |
pivot_root: make it NOFORK
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
-rw-r--r-- | NOFORK_NOEXEC.lst | 2 | ||||
-rw-r--r-- | util-linux/pivot_root.c | 6 |
2 files changed, 5 insertions, 3 deletions
diff --git a/NOFORK_NOEXEC.lst b/NOFORK_NOEXEC.lst index 0e1fb1f55..2fc280596 100644 --- a/NOFORK_NOEXEC.lst +++ b/NOFORK_NOEXEC.lst @@ -261,7 +261,7 @@ pidof - nofork candidate(uses find_pid_by_name, is that ok?) ping - suid, runner ping6 - suid, runner pipe_progress - longterm -pivot_root - nofork candidate? the code is trivial +pivot_root - NOFORK pkill - nofork candidate(xregcomp, procps_scan - are they ok?) pmap - noexec candidate, leaks: open+xstrdup popmaildir - runner diff --git a/util-linux/pivot_root.c b/util-linux/pivot_root.c index 331038057..d6a26b912 100644 --- a/util-linux/pivot_root.c +++ b/util-linux/pivot_root.c @@ -21,7 +21,7 @@ //config: Note: This is for initrd in linux 2.4. Under initramfs (introduced //config: in linux 2.6) use switch_root instead. -//applet:IF_PIVOT_ROOT(APPLET(pivot_root, BB_DIR_SBIN, BB_SUID_DROP)) +//applet:IF_PIVOT_ROOT(APPLET_NOFORK(pivot_root, pivot_root, BB_DIR_SBIN, BB_SUID_DROP, pivot_root)) //kbuild:lib-$(CONFIG_PIVOT_ROOT) += pivot_root.o @@ -33,7 +33,7 @@ #include "libbb.h" -extern int pivot_root(const char * new_root,const char * put_old); +extern int pivot_root(const char *new_root, const char *put_old); int pivot_root_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE; int pivot_root_main(int argc, char **argv) @@ -41,6 +41,8 @@ int pivot_root_main(int argc, char **argv) if (argc != 3) bb_show_usage(); + /* NOFORK applet. Hardly matters wrt performance, but code is trivial */ + if (pivot_root(argv[1], argv[2]) < 0) { /* prints "pivot_root: <strerror text>" */ bb_perror_nomsg_and_die(); |