Bug 6368

Summary: busybox passwd extrange behavior
Product: Busybox Reporter: Roberto <robertorebolledocft>
Component: Standard ComplianceAssignee: unassigned
Status: RESOLVED INVALID    
Severity: normal CC: busybox-cvs
Priority: P5    
Version: 1.19.x   
Target Milestone: ---   
Hardware: Other   
OS: Linux   
Host: Target:
Build:
Attachments: Config file for busybox.
Config file for Buildroot.

Description Roberto 2013-07-09 15:55:38 UTC 
Created attachment 4976 [details]
Config file for busybox.

I am getting a wrong behavior using passwd & chpasswd. After command is executed, uid of user is changed.
Uid is change by the value in “last password change”, stored in 3rd field of /etc/shadow.

Before password change:
/etc/passwd:root:x:0:0:root:/root:/bin/sh
/etc/shadow:root::10933:0:99999:7:::

After password change:
/etc/passwd:root:x:15894:0:root:/root:/bin/sh
/etc/shadow:root:Fw1jnPmhFJmQ6:15894:0:99999:7:::

Tested in busybox: 1.19.4, 1.20.0, 1.21.0

How do I have to compile busybox to get the right behavior?

The emmbeded device is based on the at91sam9261ek.
If i build the rootfs image with root password and then i change the password for root with passwd i dont get this error.

Best Regards,
Roberto Rebolledo.
Comment 1 Bernhard Reutner-Fischer 2013-07-09 18:36:30 UTC 
sounds familiar. Which libc do you use, what compiler and binutils?
Comment 2 Roberto 2013-07-09 19:12:52 UTC 
Created attachment 4982 [details]
Config file for Buildroot.

Config file for buildroot 2013.05
Comment 3 Roberto 2013-07-09 19:13:33 UTC 
(In reply to comment #1)
> sounds familiar. Which libc do you use, what compiler and binutils?

I am using the external toolchain Sourcery CodeBench ARM 2012.03.

According to Buildroot:
gcc 4.6.3, binutils 2.21.53, glibc 2.15, gdb 7.2.50 and 3.2.10 kernel headers.
Comment 4 Bernhard Reutner-Fischer 2013-07-09 20:34:17 UTC 
Can you rebuild busybox, ideally current busybox master without any patches, with CONFIG_DEBUG_PESSIMIZE=y and CONFIG_DEBUG=y and see if it works?
Comment 5 Roberto 2013-07-11 13:50:24 UTC 
(In reply to comment #4)
> Can you rebuild busybox, ideally current busybox master without any patches,
> with CONFIG_DEBUG_PESSIMIZE=y and CONFIG_DEBUG=y and see if it works?

I rebuild the entire filesystem with the same configuration in Buildroot and only changing the options CONFIG_DEBUG_PESSIMIZE=y and CONFIG_DEBUG=y for Busybox.
Now when i use the command passwd i dont get the extrange behaivor:

Welcome to Buildroot
buildroot login: root
# cat /etc/passwd
root:x:0:0:root:/root:/bin/sh
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
bin:x:2:2:bin:/bin:/bin/sh
sys:x:3:3:sys:/dev:/bin/sh
sync:x:4:100:sync:/bin:/bin/sync
mail:x:8:8:mail:/var/spool/mail:/bin/sh
proxy:x:13:13:proxy:/bin:/bin/sh
www-data:x:33:33:www-data:/var/www:/bin/sh
backup:x:34:34:backup:/var/backups:/bin/sh
operator:x:37:37:Operator:/var:/bin/sh
haldaemon:x:68:68:hald:/:/bin/sh
dbus:x:81:81:dbus:/var/run/dbus:/bin/sh
ftp:x:83:83:ftp:/home/ftp:/bin/sh
nobody:x:99:99:nobody:/home:/bin/sh
sshd:x:103:99:Operator:/var:/bin/sh
default:x:1000:1000:Default non-root user:/home/default:/bin/sh
# cat /etc/shadow
root::10933:0:99999:7:::
bin:*:10933:0:99999:7:::
daemon:*:10933:0:99999:7:::
adm:*:10933:0:99999:7:::
lp:*:10933:0:99999:7:::
sync:*:10933:0:99999:7:::
shutdown:*:10933:0:99999:7:::
halt:*:10933:0:99999:7:::
uucp:*:10933:0:99999:7:::
operator:*:10933:0:99999:7:::
ftp:*:10933:0:99999:7:::
nobody:*:10933:0:99999:7:::
default::10933:0:99999:7:::
# passwd
Changing password for root
New password:
Bad password: too weak
Retype password:
Password for root changed by root
#
# cat /etc/passwd
root:x:0:0:root:/root:/bin/sh
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
bin:x:2:2:bin:/bin:/bin/sh
sys:x:3:3:sys:/dev:/bin/sh
sync:x:4:100:sync:/bin:/bin/sync
mail:x:8:8:mail:/var/spool/mail:/bin/sh
proxy:x:13:13:proxy:/bin:/bin/sh
www-data:x:33:33:www-data:/var/www:/bin/sh
backup:x:34:34:backup:/var/backups:/bin/sh
operator:x:37:37:Operator:/var:/bin/sh
haldaemon:x:68:68:hald:/:/bin/sh
dbus:x:81:81:dbus:/var/run/dbus:/bin/sh
ftp:x:83:83:ftp:/home/ftp:/bin/sh
nobody:x:99:99:nobody:/home:/bin/sh
sshd:x:103:99:Operator:/var:/bin/sh
default:x:1000:1000:Default non-root user:/home/default:/bin/sh
# cat /etc/shadow
root:fGoTra8JXiojQ:15897:0:99999:7:::
bin:*:10933:0:99999:7:::
daemon:*:10933:0:99999:7:::
adm:*:10933:0:99999:7:::
lp:*:10933:0:99999:7:::
sync:*:10933:0:99999:7:::
shutdown:*:10933:0:99999:7:::
halt:*:10933:0:99999:7:::
uucp:*:10933:0:99999:7:::
operator:*:10933:0:99999:7:::
ftp:*:10933:0:99999:7:::
nobody:*:10933:0:99999:7:::
default::10933:0:99999:7:::
#
Comment 6 Denys Vlasenko 2013-07-14 02:12:18 UTC 
(In reply to comment #0)
> Created attachment 4976 [details]
> Config file for busybox.
> 
> I am getting a wrong behavior using passwd & chpasswd. After command is
> executed, uid of user is changed.
> Uid is change by the value in “last password change”, stored in 3rd field of
> /etc/shadow.
> 
> Before password change:
> /etc/passwd:root:x:0:0:root:/root:/bin/sh
> /etc/shadow:root::10933:0:99999:7:::
> 
> After password change:
> /etc/passwd:root:x:15894:0:root:/root:/bin/sh
> /etc/shadow:root:Fw1jnPmhFJmQ6:15894:0:99999:7:::
> 
> Tested in busybox: 1.19.4, 1.20.0, 1.21.0

Failed to reproduce it on current git.

Can you try current git?
Comment 7 Denys Vlasenko 2013-07-14 02:16:31 UTC 
(In reply to comment #0)
> Created attachment 4976 [details]
> Config file for busybox.
> 
> I am getting a wrong behavior using passwd & chpasswd. After command is
> executed, uid of user is changed.

After _which_ command is executed?
Comment 8 Roberto 2013-07-18 18:56:55 UTC 
(In reply to comment #7)
> (In reply to comment #0)
> > Created attachment 4976 [details]
> > Config file for busybox.
> > 
> > I am getting a wrong behavior using passwd & chpasswd. After command is
> > executed, uid of user is changed.
> 
> After _which_ command is executed?

After passwd.

The problem happens when i build busybox with the config file posted up.
Comment 9 Bernhard Reutner-Fischer 2013-07-19 18:17:48 UTC 
Generally, if an -O0 compile produces a correct binary but turning on any optimization miscompiles something, this is a compiler/toolchain bug, usually not a bug in busybox.
Comment 10 Denys Vlasenko 2013-07-22 02:34:48 UTC 
> The problem happens when i build busybox with the config file posted up.

I did use your .config trying to reproduce the bug, and couldn't.

Being unable to reproduce it with my compilers, and not having your toolchain, I can't help more in diagnosing the bug.
Comment 11 Roberto 2013-07-22 19:36:29 UTC 
The problem happens when i use the option CONFIG_USE_BB_PWD_GRP in busybox.




CONFIG_USE_BB_PWD_GRP:

If you leave this disabled, busybox will use the system's password
and group functions. And if you are using the GNU C library
(glibc), you will then need to install the /etc/nsswitch.conf
configuration file and the required /lib/libnss_* libraries in
order for the password and group functions to work. This generally
makes your embedded system quite a bit larger.

Enabling this option will cause busybox to directly access the
system's /etc/password, /etc/group files (and your system will be
smaller, and I will get fewer emails asking about how glibc NSS
works). When this option is enabled, you will not be able to use
PAM to access remote LDAP password servers and whatnot. And if you
want hostname resolution to work with glibc, you still need the
/lib/libnss_* libraries.

If you need to use glibc's nsswitch.conf mechanism
(e.g. if user/group database is NOT stored in /etc/passwd etc),
you must NOT use this option.

If you enable this option, it will add about 1.5k.