On Sun, Oct 21, 2018 at 6:49 PM Rob Landley <[email protected]> wrote: > > On 10/17/2018 06:24 PM, enh wrote: > > $ ./toybox su --help > > toybox: Not root (see "toybox --help") > > > > not sure what the fix is there though. > > Ok, dug into it some more. > > If you "chown root:root toybox" and "chmod +s toybox", the su command then > works > as advertised. Including su --help. What's it's _complaining_ about is this > command needs suid root to function, and toybox is not installed with that. > > The fact --help doesn't work in that case is still a problem, but it sounds > like > the "Not installed suid root" error message a couple lines earlier is what it > should be printing in this case. (It's guarded by TOYBOX_DEBUG because it's > "your system is built wrong", not runtime user error, but you have that on so > should have seen it.)
Android doesn't actually build any of the TOYFLAG_ROOTONLY stuff... i saw this on the host when i was trying to check all the --help output for obvious mistakes the other day. speaking of which, http://landley.net/toybox/help.html should probably include the `toybox --version` output so it's clear what version of toybox that page refers to... > Except that's not printing for the busybox multiplexer itself (which != > toy_list; the standalone case shouldn't have CFG_TOYBOX_SUID set because then > the individual command binary either has the suid bit set or it doesn't and > we're not _dropping_ it), because the _multiplexer_ doesn't know (at this > stage) > what command we're going to be running. > > I suspect the "not installed right" error message should be printed here > instead, but need to redo the logic. Right now it's right from a security > perspective, but not from a usability perspective, and I kinda privilege the > former over the latter... :P > > Queued up for next release... > > Rob > > P.S. I've meant for a while to have "make config-allsuid" and "config-nosuid" > targets so people can have two binaries and only install the suid bit on the > one > containing the commands that needs them. I just haven't gotten around to it > because $DAYJOB. (And really it's a bit like the "make single" stuff because > the > binaries would have to be named differently to be insalled next to each > other... > toybox-suid and toybox-nosuid, so really the targets should be "make > toybox-allsuid" and "toybox-nosuid"... which is why it's on my todo list after > the kconfig rewrite.) > > Rob _______________________________________________ Toybox mailing list [email protected] http://lists.landley.net/listinfo.cgi/toybox-landley.net
