mirror of
https://git.busybox.net/buildroot.git
synced 2024-11-23 21:43:30 +08:00
eee0a2f226
Though the petitboot UI is a user application, it is currently being run by root only because we use getty to display it on the console. Create an unprivileged user to run the UI instead. The unix socket the pb-discover daemon sets up is accessible to "petitgroup", so that should be the gid, with arbitrary uid "petituser" to match. This is currently the chain of processes leading to the UI: 1. /etc/init.d/pb-console start console 2. /usr/libexec/petitboot/pb-console --getty --detach -- -n -i 0 console linux 3. /sbin/getty -l/usr/libexec/petitboot/pb-console -n -i 0 console linux 4. /usr/libexec/petitboot/pb-console 5. /usr/sbin/petitboot-nc Instead of (3) running the pb-console helper directly with "getty -l", we can use "agetty -a" to autologin petituser, and run pb-console via petituser's login shell: 1. /etc/init.d/pb-console start console 2. /usr/libexec/petitboot/pb-console --getty=/sbin/agetty --detach -- -a petituser -n -i console linux 3. /sbin/agetty -a petituser -n -i console linux 4. /home/petituser/.profile 5. /usr/libexec/petitboot/pb-console 6. /usr/sbin/petiboot-nc Here, everything from (4) down is running as petituser. In (4), use $PPID to determine if we're logging in via getty, so that logging in by other means will give a normal shell. Otherwise we would recurse when trying to get a shell from the menu. Signed-off-by: Reza Arbab <arbab@linux.ibm.com> [Arnout: explicitly select util-linux, even though it comes indirectly through other dependencies] Signed-off-by: Arnout Vandecappelle <arnout@mind.be> |
||
|---|---|---|
| .. | ||
| Config.in | ||
| kexec-restart.in | ||
| pb-console | ||
| pb-shell | ||
| petitboot.hash | ||
| petitboot.mk | ||
| S15pb-discover | ||
| shell_profile | ||