X-Git-Url: https://git.rohieb.name/openwrt.git/blobdiff_plain/9ac93adcf7ed767ae6d53cc43804515c14a27fad..957731ef89fc1876a0ab8c56d50001011b20abb0:/package/busybox/config/Config.in diff --git a/package/busybox/config/Config.in b/package/busybox/config/Config.in index f7ee7b3d4..00450364f 100644 --- a/package/busybox/config/Config.in +++ b/package/busybox/config/Config.in @@ -46,6 +46,17 @@ config BUSYBOX_CONFIG_USE_PORTABLE_CODE compiler other than gcc. If you do use gcc, this option may needlessly increase code size. +config BUSYBOX_CONFIG_PLATFORM_LINUX + bool "Enable Linux-specific applets and features" + default y + help + For the most part, busybox requires only POSIX compatibility + from the target system, but some applets and features use + Linux-specific interfaces. + + Answering 'N' here will disable such applets and hide the + corresponding configuration options. + choice prompt "Buffer allocation policy" default BUSYBOX_CONFIG_FEATURE_BUFFERS_GO_ON_STACK @@ -82,7 +93,7 @@ config BUSYBOX_CONFIG_SHOW_USAGE config BUSYBOX_CONFIG_FEATURE_VERBOSE_USAGE bool "Show verbose applet usage messages" default y - select BUSYBOX_CONFIG_SHOW_USAGE + depends on BUSYBOX_CONFIG_SHOW_USAGE help All BusyBox applets will show more verbose help messages when busybox is invoked with --help. This will add a lot of text to the @@ -111,6 +122,14 @@ config BUSYBOX_CONFIG_FEATURE_INSTALLER busybox at runtime to create hard links or symlinks for all the applets that are compiled into busybox. +config BUSYBOX_CONFIG_INSTALL_NO_USR + bool "Don't use /usr" + default n + help + Disable use of /usr. busybox --install and "make install" + will install applets only to /bin and /sbin, + never to /usr/bin or /usr/sbin. + config BUSYBOX_CONFIG_LOCALE_SUPPORT bool "Enable locale support (system needs locale for this to work)" default n @@ -118,7 +137,7 @@ config BUSYBOX_CONFIG_LOCALE_SUPPORT Enable this if your system has locale support and you would like busybox to support locale settings. -config BUSYBOX_CONFIG_FEATURE_ASSUME_UNICODE +config BUSYBOX_CONFIG_UNICODE_SUPPORT bool "Support Unicode" default n help @@ -130,16 +149,111 @@ config BUSYBOX_CONFIG_FEATURE_ASSUME_UNICODE Probably by the time when busybox will be fully Unicode-clean, other encodings will be mainly of historic interest. +config BUSYBOX_CONFIG_UNICODE_USING_LOCALE + bool "Use libc routines for Unicode (else uses internal ones)" + default n + depends on BUSYBOX_CONFIG_UNICODE_SUPPORT && BUSYBOX_CONFIG_LOCALE_SUPPORT + help + With this option on, Unicode support is implemented using libc + routines. Otherwise, internal implementation is used. + Internal implementation is smaller. + config BUSYBOX_CONFIG_FEATURE_CHECK_UNICODE_IN_ENV bool "Check $LANG environment variable" default n - depends on BUSYBOX_CONFIG_FEATURE_ASSUME_UNICODE && !BUSYBOX_CONFIG_LOCALE_SUPPORT + depends on BUSYBOX_CONFIG_UNICODE_SUPPORT && !BUSYBOX_CONFIG_UNICODE_USING_LOCALE help With this option on, Unicode support is activated only if LANG variable has the value of the form "xxxx.utf8" Otherwise, Unicode support will be always enabled and active. +config BUSYBOX_CONFIG_SUBST_WCHAR + int "Character code to substitute unprintable characters with" + depends on BUSYBOX_CONFIG_UNICODE_SUPPORT + default 63 + help + Typical values are 63 for '?' (works with any output device), + 30 for ASCII substitute control code, + 65533 (0xfffd) for Unicode replacement character. + +config BUSYBOX_CONFIG_LAST_SUPPORTED_WCHAR + int "Range of supported Unicode characters" + depends on BUSYBOX_CONFIG_UNICODE_SUPPORT + default 767 + help + Any character with Unicode value bigger than this is assumed + to be non-printable on output device. Many applets replace + such chars with substitution character. + + The idea is that many valid printable Unicode chars are + nevertheless are not displayed correctly. Think about + combining charachers, double-wide hieroglyphs, obscure + characters in dozens of ancient scripts... + Many terminals, terminal emulators, xterms etc will fail + to handle them correctly. Choose the smallest value + which suits your needs. + + Typical values are: + 126 - ASCII only + 767 (0x2ff) - there are no combining chars in [0..767] range + (the range includes Latin 1, Latin Ext. A and B), + code is ~700 bytes smaller for this case. + 4351 (0x10ff) - there are no double-wide chars in [0..4351] range, + code is ~300 bytes smaller for this case. + 12799 (0x31ff) - nearly all non-ideographic characters are + available in [0..12799] range, including + East Asian scripts like katakana, hiragana, hangul, + bopomofo... + 0 - off, any valid printable Unicode character will be printed. + +config BUSYBOX_CONFIG_UNICODE_COMBINING_WCHARS + bool "Allow zero-width Unicode characters on output" + default n + depends on BUSYBOX_CONFIG_UNICODE_SUPPORT + help + With this option off, any Unicode char with width of 0 + is substituted on output. + +config BUSYBOX_CONFIG_UNICODE_WIDE_WCHARS + bool "Allow wide Unicode characters on output" + default n + depends on BUSYBOX_CONFIG_UNICODE_SUPPORT + help + With this option off, any Unicode char with width > 1 + is substituted on output. + +config BUSYBOX_CONFIG_UNICODE_BIDI_SUPPORT + bool "Bidirectional character-aware line input" + default n + depends on BUSYBOX_CONFIG_UNICODE_SUPPORT && !BUSYBOX_CONFIG_UNICODE_USING_LOCALE + help + With this option on, right-to-left Unicode characters + are treated differently on input (e.g. cursor movement). + +config BUSYBOX_CONFIG_UNICODE_NEUTRAL_TABLE + bool "In bidi input, support non-ASCII neutral chars too" + default n + depends on BUSYBOX_CONFIG_UNICODE_BIDI_SUPPORT + help + In most cases it's enough to treat only ASCII non-letters + (i.e. punctuation, numbers and space) as characters + with neutral directionality. + With this option on, more extensive (and bigger) table + of neutral chars will be used. + +config BUSYBOX_CONFIG_UNICODE_PRESERVE_BROKEN + bool "Make it possible to enter sequences of chars which are not Unicode" + default n + depends on BUSYBOX_CONFIG_UNICODE_SUPPORT + help + With this option on, on line-editing input (such as used by shells) + invalid UTF-8 bytes are not substituted with the selected + substitution character. + For example, this means that entering 'l', 's', ' ', 0xff, [Enter] + at shell prompt will list file named 0xff (single char name + with char value 255), not file named '?'. + config BUSYBOX_CONFIG_LONG_OPTS bool "Support for --long-options" default y @@ -169,6 +283,26 @@ config BUSYBOX_CONFIG_FEATURE_CLEAN_UP Don't enable this unless you have a really good reason to clean things up manually. +config BUSYBOX_CONFIG_FEATURE_UTMP + bool "Support utmp file" + default n + help + The file /var/run/utmp is used to track who is currently logged in. + With this option on, certain applets (getty, login, telnetd etc) + will create and delete entries there. + "who" applet requires this option. + +config BUSYBOX_CONFIG_FEATURE_WTMP + bool "Support wtmp file" + default n + depends on BUSYBOX_CONFIG_FEATURE_UTMP + help + The file /var/run/wtmp is used to track when users have logged into + and logged out of the system. + With this option on, certain applets (getty, login, telnetd etc) + will append new entries there. + "last" applet requires this option. + config BUSYBOX_CONFIG_FEATURE_PIDFILE bool "Support writing pidfiles" default y @@ -181,28 +315,51 @@ config BUSYBOX_CONFIG_FEATURE_SUID default y help With this option you can install the busybox binary belonging - to root with the suid bit set, and it will automatically drop - priviledges for applets that don't need root access. + to root with the suid bit set, enabling some applets to perform + root-level operations even when run by ordinary users + (for example, mounting of user mounts in fstab needs this). + + Busybox will automatically drop priviledges for applets + that don't need root access. If you are really paranoid and don't want to do this, build two busybox binaries with different applets in them (and the appropriate symlinks pointing to each binary), and only set the suid bit on the - one that needs it. The applets currently marked to need the suid bit - are: + one that needs it. + + The applets which require root rights (need suid bit or + to be run by root) and will refuse to execute otherwise: + crontab, login, passwd, su, vlock, wall. - crontab, dnsd, findfs, ipcrm, ipcs, login, passwd, ping, su, - traceroute, vlock. + The applets which will use root rights if they have them + (via suid bit, or because run by root), but would try to work + without root right nevertheless: + findfs, ping[6], traceroute[6], mount. + + Note that if you DONT select this option, but DO make busybox + suid root, ALL applets will run under root, which is a huge + security hole (think "cp /some/file /etc/passwd"). config BUSYBOX_CONFIG_FEATURE_SUID_CONFIG bool "Runtime SUID/SGID configuration via /etc/busybox.conf" - default n if BUSYBOX_CONFIG_FEATURE_SUID + default n depends on BUSYBOX_CONFIG_FEATURE_SUID help Allow the SUID / SGID state of an applet to be determined at runtime by checking /etc/busybox.conf. (This is sort of a poor man's sudo.) The format of this file is as follows: - = [Ssx-][Ssx-][x-] (|).(|) + APPLET = [Ssx-][Ssx-][x-] [USER.GROUP] + + s: USER or GROUP is allowed to execute APPLET. + APPLET will run under USER or GROUP + (reagardless of who's running it). + S: USER or GROUP is NOT allowed to execute APPLET. + APPLET will run under USER or GROUP. + This option is not very sensical. + x: USER/GROUP/others are allowed to execute APPLET. + No UID/GID change will be done when it is run. + -: USER/GROUP/others are not allowed to execute APPLET. An example might help: @@ -212,7 +369,8 @@ config BUSYBOX_CONFIG_FEATURE_SUID_CONFIG su = ssx # exactly the same mount = sx- root.disk # applet mount can be run by root and members - # of group disk and runs with euid=0 + # of group disk (but not anyone else) + # and runs with euid=0 (egid is not changed) cp = --- # disable applet cp for everyone @@ -238,6 +396,7 @@ config BUSYBOX_CONFIG_FEATURE_SUID_CONFIG_QUIET config BUSYBOX_CONFIG_SELINUX bool "Support NSA Security Enhanced Linux" default n + select BUSYBOX_CONFIG_PLATFORM_LINUX help Enable support for SELinux in applets ls, ps, and id. Also provide the option of compiling in SELinux applets. @@ -290,7 +449,7 @@ config BUSYBOX_CONFIG_FEATURE_SYSLOG config BUSYBOX_CONFIG_FEATURE_HAVE_RPC bool #No description makes it a hidden option - default y + default n #help # This is automatically selected if any of enabled applets need it. # You do not need to select it manually. @@ -318,7 +477,10 @@ config BUSYBOX_CONFIG_PIE default n depends on !BUSYBOX_CONFIG_STATIC help - (TODO: what is it and why/when is it useful?) + Hardened code option. PIE binaries are loaded at a different + address at each invocation. This has some overhead, + particularly on x86-32 which is short on registers. + Most people will leave this set to 'N'. config BUSYBOX_CONFIG_NOMMU @@ -415,7 +577,6 @@ config BUSYBOX_CONFIG_FEATURE_SHARED_BUSYBOX config BUSYBOX_CONFIG_LFS bool default y - select BUSYBOX_CONFIG_FDISK_SUPPORT_LARGE_DISKS help If you want to build BusyBox with large file support, then enable this option. This will have no effect if your kernel or your C @@ -519,25 +680,15 @@ config BUSYBOX_CONFIG_EFENCE endchoice -### config PARSE -### bool "Uniform config file parser debugging applet: parse" - endmenu -menu 'Installation Options' - -config BUSYBOX_CONFIG_INSTALL_NO_USR - bool "Don't use /usr" - default n - help - Disable use of /usr. Don't activate this option if you don't know - that you really want this behaviour. +menu 'Installation Options ("make install" behavior)' choice - prompt "Applets links" + prompt "What kind of applet links to install" default BUSYBOX_CONFIG_INSTALL_APPLET_SYMLINKS help - Choose how you install applets links. + Choose what kind of links to applets are created by "make install". config BUSYBOX_CONFIG_INSTALL_APPLET_SYMLINKS bool "as soft-links" @@ -559,10 +710,10 @@ config BUSYBOX_CONFIG_INSTALL_APPLET_SCRIPT_WRAPPERS config BUSYBOX_CONFIG_INSTALL_APPLET_DONT bool "not installed" - depends on BUSYBOX_CONFIG_FEATURE_INSTALLER || BUSYBOX_CONFIG_FEATURE_SH_STANDALONE || BUSYBOX_CONFIG_FEATURE_PREFER_APPLETS help - Do not install applet links. Useful when using the -install feature - or a standalone shell for rescue purposes. + Do not install applet links. Useful when you plan to use + busybox --install for installing links, or plan to use + a standalone shell and thus don't need applet links. endchoice @@ -586,8 +737,8 @@ config BUSYBOX_CONFIG_INSTALL_SH_APPLET_HARDLINK config BUSYBOX_CONFIG_INSTALL_SH_APPLET_SCRIPT_WRAPPER bool "as script wrapper" help - Install /bin/sh applet as script wrapper that call the busybox - binary. + Install /bin/sh applet as script wrapper that calls + the busybox binary. endchoice