main/busybox: add patch for /etc/securetty support in su

This makes it possible to have blank root passwords in container setups.

5 files changed, 268 insertions, 5 deletions

diff --git a/main/busybox/3001-login-move-check_securetty-to-libbb.patch b/main/busybox/3001-login-move-check_securetty-to-libbb.patch
new file mode 100644
index 0000000000..07a7246867
--- /dev/null
+++ b/main/busybox/3001-login-move-check_securetty-to-libbb.patch
@@ -0,0 +1,103 @@
+From 2543aee0930976d95822a88d840cf139261f7fe0 Mon Sep 17 00:00:00 2001
+From: Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi>
+Date: Thu, 5 Nov 2015 16:27:34 +0200
+Subject: [PATCH 3001/3003] login: move check_securetty to libbb
+
+---
+ include/libbb.h    |  1 +
+ libbb/Kbuild.src   |  1 +
+ libbb/securetty.c  | 27 +++++++++++++++++++++++++++
+ loginutils/login.c | 19 -------------------
+ 4 files changed, 29 insertions(+), 19 deletions(-)
+ create mode 100644 libbb/securetty.c
+
+diff --git a/include/libbb.h b/include/libbb.h
+index a8ceb44..516f42e 100644
+--- a/include/libbb.h
++++ b/include/libbb.h
+@@ -1360,6 +1360,7 @@ int sd_listen_fds(void);
+ #define SETUP_ENV_NO_CHDIR  (1 << 4)
+ void setup_environment(const char *shell, int flags, const struct passwd *pw) FAST_FUNC;
+ void nuke_str(char *str) FAST_FUNC;
++int check_securetty(const char *short_tty);
+ int check_password(const struct passwd *pw, const char *plaintext) FAST_FUNC;
+ int ask_and_check_password_extended(const struct passwd *pw, int timeout, const char *prompt) FAST_FUNC;
+ int ask_and_check_password(const struct passwd *pw) FAST_FUNC;
+diff --git a/libbb/Kbuild.src b/libbb/Kbuild.src
+index 7fb6872..0f09de7 100644
+--- a/libbb/Kbuild.src
++++ b/libbb/Kbuild.src
+@@ -84,6 +84,7 @@ lib-y += safe_gethostname.o
+ lib-y += safe_poll.o
+ lib-y += safe_strncpy.o
+ lib-y += safe_write.o
++lib-y += securetty.o
+ lib-y += setup_environment.o
+ lib-y += signals.o
+ lib-y += simplify_path.o
+diff --git a/libbb/securetty.c b/libbb/securetty.c
+new file mode 100644
+index 0000000..95edbc9
+--- /dev/null
++++ b/libbb/securetty.c
+@@ -0,0 +1,27 @@
++/* vi: set sw=4 ts=4: */
++/*
++ * /etc/securetty checking.
++ *
++ * Licensed under GPLv2, see file LICENSE in this source tree.
++ */
++
++#include "libbb.h"
++
++#if ENABLE_FEATURE_SECURETTY && !ENABLE_PAM
++int check_securetty(const char *short_tty)
++{
++	char *buf = (char*)"/etc/securetty"; /* any non-NULL is ok */
++	parser_t *parser = config_open2("/etc/securetty", fopen_for_read);
++	while (config_read(parser, &buf, 1, 1, "# \t", PARSE_NORMAL)) {
++		if (strcmp(buf, short_tty) == 0)
++			break;
++		buf = NULL;
++	}
++	config_close(parser);
++	/* buf != NULL here if config file was not found, empty
++	 * or line was found which equals short_tty */
++	return buf != NULL;
++}
++#else
++ALWAYS_INLINE int check_securetty(const char *short_tty UNUSED_PARAM) { return 1; }
++#endif
+diff --git a/loginutils/login.c b/loginutils/login.c
+index 1700cfc..b38a1fb 100644
+--- a/loginutils/login.c
++++ b/loginutils/login.c
+@@ -79,25 +79,6 @@ static void die_if_nologin(void)
+ # define die_if_nologin() ((void)0)
+ #endif
+ 
+-#if ENABLE_FEATURE_SECURETTY && !ENABLE_PAM
+-static int check_securetty(const char *short_tty)
+-{
+-	char *buf = (char*)"/etc/securetty"; /* any non-NULL is ok */
+-	parser_t *parser = config_open2("/etc/securetty", fopen_for_read);
+-	while (config_read(parser, &buf, 1, 1, "# \t", PARSE_NORMAL)) {
+-		if (strcmp(buf, short_tty) == 0)
+-			break;
+-		buf = NULL;
+-	}
+-	config_close(parser);
+-	/* buf != NULL here if config file was not found, empty
+-	 * or line was found which equals short_tty */
+-	return buf != NULL;
+-}
+-#else
+-static ALWAYS_INLINE int check_securetty(const char *short_tty UNUSED_PARAM) { return 1; }
+-#endif
+-
+ #if ENABLE_SELINUX
+ static void initselinux(char *username, char *full_tty,
+ 						security_context_t *user_sid)
+-- 
+2.6.3
+
diff --git a/main/busybox/3002-libbb-allow_blank-argument-for-ask_and_check_passwor.patch b/main/busybox/3002-libbb-allow_blank-argument-for-ask_and_check_passwor.patch
new file mode 100644
index 0000000000..1722be2ccd
--- /dev/null
+++ b/main/busybox/3002-libbb-allow_blank-argument-for-ask_and_check_passwor.patch
@@ -0,0 +1,70 @@
+From 12b6eff3a535a55441b6a84c24407626edf44b76 Mon Sep 17 00:00:00 2001
+From: Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi>
+Date: Thu, 5 Nov 2015 16:27:35 +0200
+Subject: [PATCH 3002/3003] libbb: allow_blank argument for
+ ask_and_check_password_extended()
+
+---
+ include/libbb.h          | 2 +-
+ libbb/correct_password.c | 6 +++---
+ loginutils/sulogin.c     | 2 +-
+ 3 files changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/include/libbb.h b/include/libbb.h
+index 516f42e..ece8d37 100644
+--- a/include/libbb.h
++++ b/include/libbb.h
+@@ -1362,7 +1362,7 @@ void setup_environment(const char *shell, int flags, const struct passwd *pw) FA
+ void nuke_str(char *str) FAST_FUNC;
+ int check_securetty(const char *short_tty);
+ int check_password(const struct passwd *pw, const char *plaintext) FAST_FUNC;
+-int ask_and_check_password_extended(const struct passwd *pw, int timeout, const char *prompt) FAST_FUNC;
++int ask_and_check_password_extended(const struct passwd *pw, int timeout, int allow_blank, const char *prompt) FAST_FUNC;
+ int ask_and_check_password(const struct passwd *pw) FAST_FUNC;
+ /* Returns a malloced string */
+ #if !ENABLE_USE_BB_CRYPT
+diff --git a/libbb/correct_password.c b/libbb/correct_password.c
+index 513c930..57cd2b8 100644
+--- a/libbb/correct_password.c
++++ b/libbb/correct_password.c
+@@ -96,7 +96,7 @@ int FAST_FUNC check_password(const struct passwd *pw, const char *plaintext)
+  * NULL pw means "just fake it for login with bad username"
+  */
+ int FAST_FUNC ask_and_check_password_extended(const struct passwd *pw,
+-		int timeout, const char *prompt)
++		int timeout, int allow_blank, const char *prompt)
+ {
+ 	IF_FEATURE_SHADOWPASSWDS(char buffer[SHADOW_BUFSIZE];)
+ 	char *plaintext;
+@@ -105,7 +105,7 @@ int FAST_FUNC ask_and_check_password_extended(const struct passwd *pw,
+ 
+ 	pw_pass = get_passwd(pw, buffer);
+ 	if (!pw_pass[0]) /* empty password field? */
+-		return 1;
++		return allow_blank;
+ 
+ 	plaintext = bb_ask(STDIN_FILENO, timeout, prompt);
+ 	if (!plaintext) {
+@@ -120,5 +120,5 @@ int FAST_FUNC ask_and_check_password_extended(const struct passwd *pw,
+ 
+ int FAST_FUNC ask_and_check_password(const struct passwd *pw)
+ {
+-	return ask_and_check_password_extended(pw, 0, "Password: ");
++	return ask_and_check_password_extended(pw, 0, 1, "Password: ");
+ }
+diff --git a/loginutils/sulogin.c b/loginutils/sulogin.c
+index 2a29099..4013f11 100644
+--- a/loginutils/sulogin.c
++++ b/loginutils/sulogin.c
+@@ -53,7 +53,7 @@ int sulogin_main(int argc UNUSED_PARAM, char **argv)
+ 	while (1) {
+ 		int r;
+ 
+-		r = ask_and_check_password_extended(pwd, timeout,
++		r = ask_and_check_password_extended(pwd, timeout, 1,
+ 			"Give root password for system maintenance\n"
+ 			"(or type Control-D for normal startup):"
+ 		);
+-- 
+2.6.3
+
diff --git a/main/busybox/3003-su-FEATURE_SU_NULLOK_SECURE.patch b/main/busybox/3003-su-FEATURE_SU_NULLOK_SECURE.patch
new file mode 100644
index 0000000000..bb0e1c64ce
--- /dev/null
+++ b/main/busybox/3003-su-FEATURE_SU_NULLOK_SECURE.patch
@@ -0,0 +1,76 @@
+From 0acd825122c5e2d1b2ba6a0d0f42960cefaafa88 Mon Sep 17 00:00:00 2001
+From: Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi>
+Date: Thu, 5 Nov 2015 16:27:36 +0200
+Subject: [PATCH 3003/3003] su: FEATURE_SU_NULLOK_SECURE
+
+When this feature is enabled, blank passwords are not accepted by su
+unless the user is on a secure TTY defined in /etc/securetty. This
+resembles the default PAM configuration of some Linux distros which
+specify the nullok_secure option for pam_unix.so.
+---
+ loginutils/Config.src |  5 +++++
+ loginutils/su.c       | 13 ++++++++-----
+ 2 files changed, 13 insertions(+), 5 deletions(-)
+
+diff --git a/loginutils/Config.src b/loginutils/Config.src
+index fa2b4f8..a150899 100644
+--- a/loginutils/Config.src
++++ b/loginutils/Config.src
+@@ -311,6 +311,11 @@ config FEATURE_SU_CHECKS_SHELLS
+ 	depends on SU
+ 	default y
+ 
++config FEATURE_SU_NULLOK_SECURE
++	bool "Disallow blank passwords from TTYs other than specified in /etc/securetty"
++	depends on SU
++	default n
++
+ config SULOGIN
+ 	bool "sulogin"
+ 	default y
+diff --git a/loginutils/su.c b/loginutils/su.c
+index f812505..bd0cb35 100644
+--- a/loginutils/su.c
++++ b/loginutils/su.c
+@@ -51,6 +51,7 @@ int su_main(int argc UNUSED_PARAM, char **argv)
+ 	struct passwd *pw;
+ 	uid_t cur_uid = getuid();
+ 	const char *tty;
++	int allow_blank = 1;
+ #if ENABLE_FEATURE_UTMP
+ 	char user_buf[64];
+ #endif
+@@ -71,6 +72,12 @@ int su_main(int argc UNUSED_PARAM, char **argv)
+ 		argv++;
+ 	}
+ 
++	tty = xmalloc_ttyname(STDIN_FILENO);
++	if (!tty) tty = "none";
++	tty = skip_dev_pfx(tty);
++
++	if (ENABLE_FEATURE_SU_NULLOK_SECURE) allow_blank = check_securetty(tty);
++
+ 	if (ENABLE_FEATURE_SU_SYSLOG) {
+ 		/* The utmp entry (via getlogin) is probably the best way to
+ 		 * identify the user, especially if someone su's from a su-shell.
+@@ -84,16 +91,12 @@ int su_main(int argc UNUSED_PARAM, char **argv)
+ 			pw = getpwuid(cur_uid);
+ 			old_user = pw ? xstrdup(pw->pw_name) : "";
+ 		}
+-		tty = xmalloc_ttyname(2);
+-		if (!tty) {
+-			tty = "none";
+-		}
+ 		openlog(applet_name, 0, LOG_AUTH);
+ 	}
+ 
+ 	pw = xgetpwnam(opt_username);
+ 
+-	if (cur_uid == 0 || ask_and_check_password(pw) > 0) {
++	if (cur_uid == 0 || ask_and_check_password_extended(pw, 0, allow_blank, "Password: ") > 0) {
+ 		if (ENABLE_FEATURE_SU_SYSLOG)
+ 			syslog(LOG_NOTICE, "%c %s %s:%s",
+ 				'+', tty, old_user, opt_username);
+-- 
+2.6.3
+
diff --git a/main/busybox/APKBUILD b/main/busybox/APKBUILD
index e3f3a9bd80..e130024ff1 100644
--- a/main/busybox/APKBUILD
+++ b/main/busybox/APKBUILD
@@ -2,7 +2,7 @@
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 pkgname=busybox
 pkgver=1.24.1
-pkgrel=4
+pkgrel=5
 pkgdesc="Size optimized toolbox of many common UNIX utilities"
 url=http://busybox.net
 arch="all"
@@ -34,6 +34,10 @@ source="http://busybox.net/downloads/$pkgname-$pkgver.tar.bz2
 	2002-depmod-support-generating-kmod-binary-index-files.patch
 	2003-modinfo-fix-argument-parsing-and-printing-of-firmwar.patch
 
+	3001-login-move-check_securetty-to-libbb.patch
+	3002-libbb-allow_blank-argument-for-ask_and_check_passwor.patch
+	3003-su-FEATURE_SU_NULLOK_SECURE.patch
+
 	0001-ash-backport-fix-for-here-document-issues.patch
 	0001-ash-fix-error-during-recursive-processing-of-here-do.patch
 
@@ -150,10 +154,13 @@ b56d306ccba574da78dff060b7330806  1001-fbsplash-support-console-switching.patch
 ad908fc45563148d9f22b50c6e78e0d4  2001-modutils-merge-module_entry-and-module_info-to-commo.patch
 313fa7175333161c549af097d9f62a79  2002-depmod-support-generating-kmod-binary-index-files.patch
 47987a0add3da5f2b1bac13c62120423  2003-modinfo-fix-argument-parsing-and-printing-of-firmwar.patch
+94ab8b7b930df2f8f04da0e69da258da  3001-login-move-check_securetty-to-libbb.patch
+f7c45568bdb0d2295c43108691e78a40  3002-libbb-allow_blank-argument-for-ask_and_check_passwor.patch
+f82d49c891c02516462db3cda29ccca7  3003-su-FEATURE_SU_NULLOK_SECURE.patch
 5f03ee6f3e93bbc6aedff0777b227810  0001-ash-backport-fix-for-here-document-issues.patch
 a4d1cf64fd1835a284ccc6dbc78e3ce0  0001-ash-fix-error-during-recursive-processing-of-here-do.patch
 4046b78ee6a25259954797d73b94f4bd  acpid.logrotate
-08cc87d52169236c035e7a562d606514  busyboxconfig
+5cddea6331e6aff69869568b679186ec  busyboxconfig
 befaac2c59c380e36a452b3f1c1d4a3a  glibc.patch"
 sha256sums="37d03132cc078937360b392170b7a1d0e5b322eee9f57c0b82292a8b1f0afe3d  busybox-1.24.1.tar.bz2
 81957f1fe0c386120dad1c8174ccc1fcfeed98c14d229db7d164d4fb4c938b3d  bbsuid.c
@@ -171,10 +178,13 @@ e1f3fad8e21dfd72cfcae7ab3ba31d7938e964e0f9ec08b2da0b14d462435424  1002-fbsplash-
 16ee3a66e5854adbcb7ea6b1ea5846bac49dcf6d874e167f57e88f2fbd5cd0a5  2001-modutils-merge-module_entry-and-module_info-to-commo.patch
 dbddad67d6b6054b8ffe7159f7fd3189bf3b433ba8f179fb6915caeea20d1b4e  2002-depmod-support-generating-kmod-binary-index-files.patch
 ea589dcd25037e3fefd2f3d6ac801a2a4a61a5cfd2d765785ea5558ed3937776  2003-modinfo-fix-argument-parsing-and-printing-of-firmwar.patch
+34c694cc2ac69ee2d6bbfe45a20c68036b6299ad7e4a1a8df9bf1ce0a4637bd7  3001-login-move-check_securetty-to-libbb.patch
+ce24e38be870c90bdcb90e7b0445067adf7be0fac6b1154d2364a4db9ee3a9d8  3002-libbb-allow_blank-argument-for-ask_and_check_passwor.patch
+d7b18672334ddeee7fbd6c0e92f26c5d2ef49ddefebf0b7f6eff8dc1ad8d3f7e  3003-su-FEATURE_SU_NULLOK_SECURE.patch
 f712ce190ce86084d56977e125d1561615394f3d9b840e926537868260e19d79  0001-ash-backport-fix-for-here-document-issues.patch
 1d3f8f7b6d0972f8e56437fce8efbafe70e2d869fbe82f06eba11e0103fce224  0001-ash-fix-error-during-recursive-processing-of-here-do.patch
 f7cbeb5a5a47395ad30454ce8262abcd3e91c33ef803c2ae31a9258d7142dd48  acpid.logrotate
-3c44bace3822cc83f1a68690775e7bf51a659565a50dfe5344b40bfca782b2ec  busyboxconfig
+ddc0c2e87e37a5e6cc878c5c5c14093c43b361a4d32eee813e0f0b01900efb9e  busyboxconfig
 c604ef791c31d35a8c5ee4558d21428a46f37a6d762c4a7e29864f4037fc44a0  glibc.patch"
 sha512sums="3afc757ebaae61ae13c2c69097ee734717434f9e658eb77093a8b7b49af3326cbca2d723483ff84a1da99544b822fd2b47d9a97c68f09962e11754e5daf124ca  busybox-1.24.1.tar.bz2
 16b3dd6a8b76b062d51458351fcb44f84b49eb4bf898584c933df90fb2cb3966f9547865a4d7447589bb20b7c203beb04ff7512f76f85d29138d2cff4eb9ee81  bbsuid.c
@@ -192,8 +202,11 @@ c33073416f7da2805a20f3f456f869217171c8fbfdef85f4ae481307aeb1e1b5717084bbbc619010
 d94d17806f08ad54366ca623fbe8663b6397b28d68860239edc9305e6006f01d4ea1c1fd2033b30d302fd095145b018aa6a1707b07b7b4dfcaa8e0388b6737d0  2001-modutils-merge-module_entry-and-module_info-to-commo.patch
 daadb1b255a8d30f2a13b84c2120427998d8173cf10754b9117e19a6fea8926d1820005f4d99a4a6999a559e731b5339c12ead22b3efbe1f0e752671363129a5  2002-depmod-support-generating-kmod-binary-index-files.patch
 80589e03021fd0cb7bf29c3747e5396bf53dc99ecfecf78de86759e5c3939652d7f022f4534de0a35228bd782c1a44c4762f027d198790ec2c1bb76d6f7f102d  2003-modinfo-fix-argument-parsing-and-printing-of-firmwar.patch
+1832d2a09625cb60998c54330a751f13dec97da2c4133db29c10f77fa3314fd2ef2002a45eab7215ed1a0dd8b84a8a4c7d4c1d225b5ee012fe357a8777707a17  3001-login-move-check_securetty-to-libbb.patch
+ed8d060b85d4da1681eb35ba64c5b249391e6a7edbeb55b8952897f08fe9bafac33593992772d80a6df42dd3af0e175ce9575ee51c49fbc875008ad0ac2f6f06  3002-libbb-allow_blank-argument-for-ask_and_check_passwor.patch
+c6579970450e7c711461ab1953f534ae855c4a355b4a452b3fc52a286355c87e41f8951b1b5217d0f659e3173ace8718d42dad3dcc878899cf9decdf4d3fe238  3003-su-FEATURE_SU_NULLOK_SECURE.patch
 d55cab6ed08434e2a278edf1be6171b921bcaee47598988e4de6b390a01569e10394c54d5d4a27e6eba251ce68df5cc1ece358be32a9c31bdf1f7e9147cf5180  0001-ash-backport-fix-for-here-document-issues.patch
 c14a632f9477c13ea99b24a73c81c9c44ead8b536970acd758e739b43a6260860039674341192ce7bb20a9204ee7d93dcd9541e526f2437d4d2d88637b400867  0001-ash-fix-error-during-recursive-processing-of-here-do.patch
 dadb4c953ebc755b88ee95c1489feb0c2d352f6e44abc716166024e6eea11ab9d10c84fad62c081775834d205cb04aa1be3c994676c88f4284495c54b9188e8b  acpid.logrotate
-5d5a23dc4c6b808b62d888225ba79dc726c8c2776b86d85cc01206e7e861c72d8fe23434eef74b1cfa3e8054618fa87a81af05ca22264a1901fd52944ea8c30a  busyboxconfig
+249f9c4769b7e20149109810bed8ed48c87e7e67817f27fbb620857bb3db1857f2d1616c4badba5c9eb2b6a1a14a15e89327b8c5f3c2d3ea15d09e252bab2a20  busyboxconfig
 1d2739379dab1deb3eae7cffd4845300eb7d30f7343b4a1209b21a5680860d55080ad45fdefe098b249ce3040c01951fa7f0a79cd447b2d7b260eb000099d9dc  glibc.patch"
diff --git a/main/busybox/busyboxconfig b/main/busybox/busyboxconfig
index f49ee7762b..6efc267ec8 100644
--- a/main/busybox/busyboxconfig
+++ b/main/busybox/busyboxconfig
@@ -1,7 +1,7 @@
 #
 # Automatically generated make config: don't edit
 # Busybox version: 1.24.1
-# Wed Oct 28 15:46:41 2015
+# Mon Dec  7 13:04:53 2015
 #
 CONFIG_HAVE_DOT_CONFIG=y
 
@@ -505,6 +505,7 @@ CONFIG_FEATURE_DEFAULT_PASSWD_ALGO="sha512"
 CONFIG_SU=y
 CONFIG_FEATURE_SU_SYSLOG=y
 CONFIG_FEATURE_SU_CHECKS_SHELLS=y
+CONFIG_FEATURE_SU_NULLOK_SECURE=y
 # CONFIG_SULOGIN is not set
 CONFIG_VLOCK=y