OpenWrt Forum Archive

Topic: busybox setresgid: Operation not permitted

The content of this topic has been archived on 27 Mar 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.

Post #1
webasdf
30 Jun 2011, 23:27

I'm trying to configure busybox to allow a non-root user to reboot and passwd because I'm attempting to build a shell for this new user.  I've spent the afternoon researching how this is done and everything I found points to the configuration in /etc/busybox.conf  (http://www.softforge.de/bb/suid.html as well as the make menuconfig help).  I compiled with option BUSYBOX_CONFIG_FEATURE_SUID_CONFIG set.  I even re-compiled after doing a make clean and after an svn update to version 27321 from svn://svn.openwrt.org/openwrt/branches/backfire.  I still get the following in my shell.

------------------------------------------------------------------------------
CONFIGURATION MENU
------------------------------------------------------------------------------
[1] Set IP Address
[2] Set IPv6 Address
[3] Set Password

[s]tatus
[R]eboot

[Q]uit

Command: 3

passwd: setresgid: Operation not permitted

My C code does a simple

system("passwd");

I'm at all not sure why I'm getting this error...if it's a bug in source or if I'm configuring something wrong in busybox.conf.  The docs say to make busybox.conf readable only by root via chmod 600 /etc/busybox.conf.  However, when I do that I get

Using fallback suid method
Using fallback suid method
passwd: must be suid to work properly

So, I set busybox.conf back to standard 644 permissions and get the same setresgid error.  I also tried (per the docs in make menuconfig) to chmod 4755 on /bin/busybox.  Wrt didn't like that at all.

root@wrt:/bin# chmod 4755 busybox 
chmod: busybox: No space left on device
root@RG-AP1000N:/bin# ls
Segmentation fault
root@RG-AP1000N:/bin# chmod -s busybox
Segmentation fault

This basically locks the board with these seg faults after every attempted command.  I can't do anything even after restarting.  I have to re-flash the image.

Relevant files/information

busybox.conf
------------
[SUID]
id      = ssx 0.0
halt    = ssx 0.0
reboot  = ssx 0.0
passwd  = ssx 0.0

busybox is owned and in root group
-----------------------------------------
-rw-r--r--    1 root     root           80 Jun 30 21:30 busybox.conf

/etc/passwd
---------------
root:$1$DMxkVWgn$EZIqoxRUQqa4RV9iQxhMW/:0:0:root:/root:/bin/ash
admin:$1$dfgYCqDu$7z10pMM2igc22XqgTaEKW0:1:100:admin:/:/usr/bin/myshell
ftp:*:55:55:ftp:/home/ftp:/bin/false
network:*:101:101:network:/var:/bin/false
nobody:*:65534:65534:nobody:/var:/bin/false
daemon:*:65534:65534:daemon:/var:/bin/false

/etc/group
------------
root:x:0:
admin:x:100:
nogroup:x:65534:

Anybody have any ideas?  Thanks in advance!  PS running image on a Compex WPJ543 board.

(Last edited by webasdf on 30 Jun 2011, 23:31)

Post #2
webasdf
5 Jul 2011, 15:58

I figured it out.  I REALLY DID run out of space.  Turns out I only had 4MB of flash and I was compiling too much into the image.  The image flashed, but that was about all I could do.  I took out some packages and libraries I don't really need (rrdtool being the biggest one w/ the graphics libraries and all), recompiled and eeked out enough space to do a:

chmod +s /bin/busybox

It actually required 200k of flash space to do this command.  I also kept the busybox.conf file the same, tested with the admin (non-root) user and viola, worked.  smile

(Last edited by webasdf on 7 Jul 2011, 15:05)

The discussion might have continued from here.