Bruno CAPELETO said on Sun, Sep 18, 2011 at 05:13:27AM +0200:
> 1. there is a compilation option which is not set correctly in busybox
> and that prevent to use /etc/passwd :
> Support for SUID/SGID handling (FEATURE_SUID) [N/y/?] -> MUST BE Y
> Runtime SUID/SGID configuration via /etc/busybox.conf
> (FEATURE_SUID_CONFIG) [Y/n/?] (NEW) -> I PUT NO
> Then ssh works "better" after reboot BUT root can still not make any
> connexion :
THat's odd :-(
That option was never activated in mindi-busybox, however, I was able to
use SSHFS myself previsouly. Of course, different conf, different
results. However the online help says:
│ With this option you can install the busybox binary belonging
│ to root with the suid bit set, enabling some applets to perform
│ root-level operations even when run by ordinary users
│ (for example, mounting of user mounts in fstab needs this).
│ Busybox will automatically drop priviledges for applets
│ that don't need root access.
│ If you are really paranoid and don't want to do this, build two
│ busybox binaries with different applets in them (and the appropriate
│ symlinks pointing to each binary), and only set the suid bit on the
│ one that needs it.
│ The applets currently marked to need the suid bit are:
│ crontab, dnsd, findfs, ipcrm, ipcs, login, passwd, ping, su,
│ traceroute, vlock.
However, IIUC that you need to add the SUID bit to the command in
addition. Have you done that ? Because, if not I don't understand why it
is changing something.
Of course, I can provide a busybox compiled with it, but I'd really like
to understand why it improves stuff.
> 2. One needs to use authentication via ssh key and the ssh private key
> of root is not copied in /.ssh (=home directory of root)
> I had to copy it manually on the initrd.img ; after reboot with this new
> initrd.img, the sshfs mount works fine.
Line 2467 of mindi there is:
cp -rp ~root/.ssh/*.pub ~root/.ssh/config ~root/.ssh/known* $mountpoint/.ssh 2> /dev/null
Maybe there is an issue with this line in your case. Because it should
copy the pub key.
> 3. Last remark : /tmp/mondorestore.log is at the end a dead link to
In which case ?
I searched the whole code wihtout finding a ref to mondo-archive.log
(except in a commented line). I hope you don't have a mixed
environment of packages and tar.gz install as it is really prone to
> After I recompiled busybox with support for system UID and system GID, I
> also gave a try again to nfs : nfs mount works !
> At last I could restore my test system.
So good news for you !
But so that everybody could benefit from that, I'd like to know what is
the trigger for NFS ? Just busybox ? did you add any rpcbind or other
Open Source & Linux Profession Lead EMEA / http://opensource.hp.com
HP/Intel/Red Hat Open Source Solutions Initiative / http://www.hpintelco.net
http://www.HyPer-Linux.org http://mondorescue.org http://project-builder.org
La musique ancienne? http://www.musique-ancienne.org http://www.medieval.org