compiler other than gcc.
If you do use gcc, this option may needlessly increase code size.
+config BUSYBOX_CONFIG_PLATFORM_LINUX
+ bool "Enable Linux-specific applets and features"
+ default y
+ help
+ For the most part, busybox requires only POSIX compatibility
+ from the target system, but some applets and features use
+ Linux-specific interfaces.
+
+ Answering 'N' here will disable such applets and hide the
+ corresponding configuration options.
+
choice
prompt "Buffer allocation policy"
default BUSYBOX_CONFIG_FEATURE_BUFFERS_GO_ON_STACK
busybox at runtime to create hard links or symlinks for all the
applets that are compiled into busybox.
+config BUSYBOX_CONFIG_INSTALL_NO_USR
+ bool "Don't use /usr"
+ default n
+ help
+ Disable use of /usr. busybox --install and "make install"
+ will install applets only to /bin and /sbin,
+ never to /usr/bin or /usr/sbin.
+
config BUSYBOX_CONFIG_LOCALE_SUPPORT
bool "Enable locale support (system needs locale for this to work)"
default n
help
With this option on, Unicode support is implemented using libc
routines. Otherwise, internal implementation is used.
+ Internal implementation is smaller.
config BUSYBOX_CONFIG_FEATURE_CHECK_UNICODE_IN_ENV
bool "Check $LANG environment variable"
default n
depends on BUSYBOX_CONFIG_UNICODE_SUPPORT
help
- With this option on, invalid UTF-8 bytes are not substituted
- with the selected substitution character.
+ With this option on, on line-editing input (such as used by shells)
+ invalid UTF-8 bytes are not substituted with the selected
+ substitution character.
For example, this means that entering 'l', 's', ' ', 0xff, [Enter]
at shell prompt will list file named 0xff (single char name
with char value 255), not file named '?'.
config BUSYBOX_CONFIG_FEATURE_WTMP
bool "Support wtmp file"
default n
- select BUSYBOX_CONFIG_FEATURE_UTMP
+ depends on BUSYBOX_CONFIG_FEATURE_UTMP
help
The file /var/run/wtmp is used to track when users have logged into
and logged out of the system.
default y
help
With this option you can install the busybox binary belonging
- to root with the suid bit set, and it will automatically drop
- priviledges for applets that don't need root access.
+ to root with the suid bit set, enabling some applets to perform
+ root-level operations even when run by ordinary users
+ (for example, mounting of user mounts in fstab needs this).
+
+ Busybox will automatically drop priviledges for applets
+ that don't need root access.
If you are really paranoid and don't want to do this, build two
busybox binaries with different applets in them (and the appropriate
symlinks pointing to each binary), and only set the suid bit on the
- one that needs it. The applets currently marked to need the suid bit
- are:
+ one that needs it.
+
+ The applets which require root rights (need suid bit or
+ to be run by root) and will refuse to execute otherwise:
+ crontab, login, passwd, su, vlock, wall.
- crontab, dnsd, findfs, ipcrm, ipcs, login, passwd, ping, su,
- traceroute, vlock.
+ The applets which will use root rights if they have them
+ (via suid bit, or because run by root), but would try to work
+ without root right nevertheless:
+ findfs, ping[6], traceroute[6], mount.
+
+ Note that if you DONT select this option, but DO make busybox
+ suid root, ALL applets will run under root, which is a huge
+ security hole (think "cp /some/file /etc/passwd").
config BUSYBOX_CONFIG_FEATURE_SUID_CONFIG
bool "Runtime SUID/SGID configuration via /etc/busybox.conf"
- default n if BUSYBOX_CONFIG_FEATURE_SUID
+ default n
depends on BUSYBOX_CONFIG_FEATURE_SUID
help
Allow the SUID / SGID state of an applet to be determined at runtime
by checking /etc/busybox.conf. (This is sort of a poor man's sudo.)
The format of this file is as follows:
- <applet> = [Ssx-][Ssx-][x-] (<username>|<uid>).(<groupname>|<gid>)
+ APPLET = [Ssx-][Ssx-][x-] [USER.GROUP]
+
+ s: USER or GROUP is allowed to execute APPLET.
+ APPLET will run under USER or GROUP
+ (reagardless of who's running it).
+ S: USER or GROUP is NOT allowed to execute APPLET.
+ APPLET will run under USER or GROUP.
+ This option is not very sensical.
+ x: USER/GROUP/others are allowed to execute APPLET.
+ No UID/GID change will be done when it is run.
+ -: USER/GROUP/others are not allowed to execute APPLET.
An example might help:
su = ssx # exactly the same
mount = sx- root.disk # applet mount can be run by root and members
- # of group disk and runs with euid=0
+ # of group disk (but not anyone else)
+ # and runs with euid=0 (egid is not changed)
cp = --- # disable applet cp for everyone
config BUSYBOX_CONFIG_SELINUX
bool "Support NSA Security Enhanced Linux"
default n
+ select BUSYBOX_CONFIG_PLATFORM_LINUX
help
Enable support for SELinux in applets ls, ps, and id. Also provide
the option of compiling in SELinux applets.
default n
depends on !BUSYBOX_CONFIG_STATIC
help
- (TODO: what is it and why/when is it useful?)
+ Hardened code option. PIE binaries are loaded at a different
+ address at each invocation. This has some overhead,
+ particularly on x86-32 which is short on registers.
+
Most people will leave this set to 'N'.
config BUSYBOX_CONFIG_NOMMU
config BUSYBOX_CONFIG_LFS
bool
default y
- select BUSYBOX_CONFIG_FDISK_SUPPORT_LARGE_DISKS
help
If you want to build BusyBox with large file support, then enable
this option. This will have no effect if your kernel or your C
endchoice
-### config PARSE
-### bool "Uniform config file parser debugging applet: parse"
-
endmenu
-menu 'Installation Options'
-
-config BUSYBOX_CONFIG_INSTALL_NO_USR
- bool "Don't use /usr"
- default n
- help
- Disable use of /usr. Don't activate this option if you don't know
- that you really want this behaviour.
+menu 'Installation Options ("make install" behavior)'
choice
- prompt "Applets links"
+ prompt "What kind of applet links to install"
default BUSYBOX_CONFIG_INSTALL_APPLET_SYMLINKS
help
- Choose how you install applets links.
+ Choose what kind of links to applets are created by "make install".
config BUSYBOX_CONFIG_INSTALL_APPLET_SYMLINKS
bool "as soft-links"
config BUSYBOX_CONFIG_INSTALL_APPLET_DONT
bool "not installed"
- depends on BUSYBOX_CONFIG_FEATURE_INSTALLER || BUSYBOX_CONFIG_FEATURE_SH_STANDALONE || BUSYBOX_CONFIG_FEATURE_PREFER_APPLETS
help
- Do not install applet links. Useful when using the -install feature
- or a standalone shell for rescue purposes.
+ Do not install applet links. Useful when you plan to use
+ busybox --install for installing links, or plan to use
+ a standalone shell and thus don't need applet links.
endchoice
config BUSYBOX_CONFIG_INSTALL_SH_APPLET_SCRIPT_WRAPPER
bool "as script wrapper"
help
- Install /bin/sh applet as script wrapper that call the busybox
- binary.
+ Install /bin/sh applet as script wrapper that calls
+ the busybox binary.
endchoice
projects / openwrt.git / blobdiff