AnsweredAssumed Answered

su: must be suid to work properly

Question asked by ramesh kumar on Apr 17, 2015
Latest reply on May 26, 2015 by ramesh kumar

Hi All,

 

I am working on Imx6 sabresd board, based on yocto. I am doing implementation of busybox commands through boa server and don't get root permissions. Manually , i create that issue again with su command at kernel prompt as followed below.

 

Does anyone know how to provide permission to busybox commands , through implementaion of Boa server

 

Following are the logs :

root@imx6qsabresd:~# 192.168.1.17 - - [20/Mar/2015:21:58:53 +0000] "GET /mgmt.html HTTP/1.1" 304 0 "http://192.168.1.100/Home.html" "Mozilla/5.0

(X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/41.0.2272.76 Chrome/41.0.2272.76 Safari/537.36"

192.168.1.17 - - [20/Mar/2015:21:58:53 +0000] "GET /css/style.css HTTP/1.1" 304 0 "http://192.168.1.100/mgmt.html" "Mozilla/5.0 (X11; Linux x86_

64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/41.0.2272.76 Chrome/41.0.2272.76 Safari/537.36"

192.168.1.17 - - [20/Mar/2015:21:58:53 +0000] "GET /js/jquery-1.9.1.js HTTP/1.1" 304 0 "http://192.168.1.100/mgmt.html" "Mozilla/5.0 (X11; Linux

x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/41.0.2272.76 Chrome/41.0.2272.76 Safari/537.36"

192.168.1.17 - - [20/Mar/2015:21:58:53 +0000] "GET /js/common.js HTTP/1.1" 304 0 "http://192.168.1.100/mgmt.html" "Mozilla/5.0 (X11; Linux x86_6

4) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/41.0.2272.76 Chrome/41.0.2272.76 Safari/537.36"

192.168.1.17 - - [20/Mar/2015:21:58:53 +0000] "GET /js/jquery-ui.js HTTP/1.1" 304 0 "http://192.168.1.100/mgmt.html" "Mozilla/5.0 (X11; Linux x8

6_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/41.0.2272.76 Chrome/41.0.2272.76 Safari/537.36"

192.168.1.17 - - [20/Mar/2015:21:58:53 +0000] "GET /css/jquery-ui.css HTTP/1.1" 304 0 "http://192.168.1.100/mgmt.html" "Mozilla/5.0 (X11; Linux

x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/41.0.2272.76 Chrome/41.0.2272.76 Safari/537.36"

192.168.1.17 - - [20/Mar/2015:21:58:54 +0000] "GET /upgrade_new.html HTTP/1.1" 304 0 "http://192.168.1.100/mgmt.html" "Mozilla/5.0 (X11; Linux x

86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/41.0.2272.76 Chrome/41.0.2272.76 Safari/537.36"

"(null)"

192.168.1.17 - - [20/Mar/2015:21:59:03 +0000] "POST /cgi-bin/uploadfile.cgi HTTP/1.1" 200 0 "http://192.168.1.100/upgrade_new.html" "Mozilla/5.0

(X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/41.0.2272.76 Chrome/41.0.2272.76 Safari/537.36"

exit successfully

File image.img , untar successfully

md5sum created of uImage(sum4), Device Tree(sum5) and root file system(sum6)

All md5sum files opend for checksum

files open for reading of uImage md5sum(sum1 and sum4)

files open for reading of Device Tree md5sum(sum2 and sum5)

files open for reading of file system core-image.rootfs.ext3 md5sum(sum3 and sum6)

make directory /media/kernel

Directory is made at /media/kernel.

give permissions 777 to /media/kernel

Permission granted 777 /media/kernel.

give permissions 777 to /dev/mmcblk0p1

chmod 777 -R /dev/mmcblk0p1: Operation not permitted

Permission granted 777 /dev/mmcblk0p1.

mount  /dev/mmcblk0p1 /media/kernel

mount: permission denied (are you root?)

/media/kernel is open.

Copying uImage in EMMC

uImage copied

Copying Device Tree in EMMC

Device Tree copied

sync

sync command

unmounting kernel /dev/mmcblk0p1

umount: can't umount /media/kernel: Operation not permitted

give permissions 777 to /dev/mmcblk0p2

chmod: /dev/mmcblk0p2: Operation not permitted

Permission granted 777 /FILe System.

Copying root file system in /dev/mmcblk0p2

dd: can't open '/dev/mmcblk0p2': Permission denied

 

 

 

I have recreated the issue at console with following commands :

root@imx6qsabresd:~# su 34

su: unknown user 34

root@imx6qsabresd:~# su nobody

nobody@imx6qsabresd:/home/root$

nobody@imx6qsabresd:/:/home/root$ whoami

nobody

when i do same as root user , then it gives error as followed

nobody@imx6qsabresd:/$ su root

su: must be suid to work properly

 

nobody@imx6qsabresd:/$ umount /media/kernel/

umount: can't umount /media/kernel/: Operation not permitted

 

I read somewhere during browsing that busybox command's are not in suid mode, On checking it is as defined below.

nobody@imx6qsabresd:/$ ls ./bin/busybox -l

lrwxrwxrwx    1 1000     1000            14 Mar 20 17:25 ./bin/busybox -> busybox.nosuid

 

On changing it's permission with chmod, nothing happens.

nobody@imx6qsabresd:/$ chmod u+s ./bin/busybox

chmod: ./bin/busybox: Operation not permitted

 

id command shows below output:

nobody@imx6qsabresd:/$ id

uid=65534(nobody) gid=65534(nogroup) groups=65534(nogroup)

nobody@imx6qsabresd:/$ chown -R nobody:nobody ./bin/busybox

chown: unknown user/group nobody:nobody

 

 

 

Thanks.

Outcomes