Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I'm programming a small board with an ARM9 processor and with uClinux dist embedded on it.
I'm also not a confirmed user of Linux, but I have been on the Net trying to find out an answer to my problem:
I want to add a new user (there is only 'root' at the moment), but the 'addgroup', or 'adduser' or anything like this is installed. So I manually added new group called 'user' in '/etc/groups'
Code:
user:x:1:user
and a new user called 'user' in '/etc/passwd'
Code:
user:jt17KLyKZIzxQ:1:1:User:/home/user/:/sbin/sh
The problem is that I can't do this because 'user' can't reach '/bin/sh' because of his rights.
I have seen on the web that the solution would be to change the permission of directory '/lib'. Or, I can't do this because those libraries has been set "Read Only" by the manufacturer of ARM9 board.
In fact I just want to restrict the user of that board to navigate into the folder '/home' or may have a look on 'cat /dev/ttyM0' to see what happens on RS232 input, but can't modify '/etc/ "config files" '.
What could/should I do ?
when you create a user, they need to be in multiple groups, i can't remember off the top of my head, but i think there is a group that specifically allows access to lib
Here you have written /sbin/sh as the location for the shell. I assume this is a typo. The bash shell is usually located in /bin with a softlink named sh. Accessing /sbin as a regular user could be problem.
I suggest you try /bin/sh as the shell application, or run 'which sh' to see where it is.
Here you have written /sbin/sh as the location for the shell. I assume this is a typo. The bash shell is usually located in /bin with a softlink named sh. Accessing /sbin as a regular user could be problem.
I suggest you try /bin/sh as the shell application, or run 'which sh' to see where it is.
I've tried first /bin/sh without success. So does /sbin/sh...
Quote:
Originally Posted by Person_1873
when you create a user, they need to be in multiple groups, i can't remember off the top of my head, but i think there is a group that specifically allows access to lib
Well if you find it again it would certainly help
I'm wondering if I have to create a new group... I explain : In the final version of software, only one client should be able to connect to the platform, and only able to watch debug streams. I (programmer of the board) should be the only one who can make any changes one the board (move files, change properties...). Then the question is do I have to create a new group for only 1 person with restricted access ?
But as far as linux is concerned is not this that only root is given permission to modify the system files and regular users are not allowed to change the files owned by others?
And still if this is not what exactly you are looking for, then you may try creating a group and then giving permissions to the group and adding the users to that group.
This might work for you. But I am not sure.
But as far as linux is concerned is not this that only root is given permission to modify the system files and regular users are not allowed to change the files owned by others?
I think (and I hope) so But as I said in my first post, when I try to create a new user (by adding a new line in files /etc/groups and /etc/passwd) I can't reach the platform, because of that *#@!* error: "./bin/sh : Permission denied".. and this error happens because a simple user don't have rights to open libraries allowing /bin/sh to run in good standing.
Do you see what I want to do or... ? I'm sorry, my English is not really fluent :S
One change to maybe make is to use only lower case names for usernames. This won't cause a major problem in your case because you don't use email. Another thing is to check /etc/login.defs. A user ID of 1 is probably not right. Also make sure you don't have a user ID conflict with a system user. Most distro's start regular users at 100. Others start at 1000.
Also, change the shell from /sbin/sh to /bin/sh. You also need to add a default group for this user as well. The same login.defs should give the valid ranges for groups as well. Add the "user" to the group and use that gid as the default group for your user.
As far as permissions go, do the files have "o" other read rights?
One change to maybe make is to use only lower case names for usernames. This won't cause a major problem in your case because you don't use email. Another thing is to check /etc/login.defs. A user ID of 1 is probably not right. Also make sure you don't have a user ID conflict with a system user. Most distro's start regular users at 100. Others start at 1000.
I have changed UID to 1, 2, 101, 1001, but still the same error.
Quote:
Originally Posted by jschiwal
Also, change the shell from /sbin/sh to /bin/sh. You also need to add a default group for this user as well. The same login.defs should give the valid ranges for groups as well. Add the "user" to the group and use that gid as the default group for your user.
I have changed sbin/sh to bin/sh. I don't have login.defs on my uClinux dist, (I think) because it's en embedded version, and i have never heard of that file while looking for adding a new user.
Here is the error I get:
Code:
olivier@olivier-desktop:~$ telnet 192.168.0.200
Trying 192.168.0.200...
Connected to 192.168.0.200.
Escape character is '^]'.
diag.olib.com login: user root
Password:
No directory, logging in with HOME=/
Welcome to diag interface (MOTD)
Cannot execute /bin/sh: Permission denied
Connection closed by foreign host.
olivier@olivier-desktop:~$
Why do I have the message "No directory, logging in with HOME=/" ? It seems like there is one file missing, but which one ?
Quote:
Originally Posted by jschiwal
As far as permissions go, do the files have "o" other read rights?
Well, I'm not sure of what you are asking, but in libraries contained in /lib, permissions are 644 (-,rw-,r--,r--).
I guess this error is due the fact that user has not been defined with its home directory and hence it is logging with / directory.
In passwd file you need to provide the home directory of the user where by default, all the data will be stored.
But since you are working on embedded linux I do not know if this will be true for you as well.
And just a thought, why dont you try out with some other shell like bash? I have no idea if you have it so dont put me on fools list.
I guess this error is due the fact that user has not been defined with its home directory and hence it is logging with / directory.
In passwd file you need to provide the home directory of the user where by default, all the data will be stored.
But since you are working on embedded linux I do not know if this will be true for you as well.
That was what I thought first, but the home directory is the same for the 'user' guy as for the 'root' guy (fixed at '/home/'). It's working for 'root' but not for 'user'...
Quote:
Originally Posted by linuxlover.chaitanya
And just a thought, why dont you try out with some other shell like bash? I have no idea if you have it so dont put me on fools list.
This embedded version is only taking 1,6Mo place on a flash disk. There isn't place for a lot of binaries... so I only have '/bin/sh'
Create a directory for the users home. The permissions of /home won't allow a normal user to write files there.
Code:
hpmedia:~ # ls -ld /home
drwxr-xr-x 24 root root 4096 May 27 04:36 /home
hpmedia:~ # ls -ld /home/jschiwal/
drwxr-x--- 81 jschiwal jschiwal 12288 May 27 00:57 /home/jschiwal/
Notice that the directory is owned by the user. The permission on the directory allow the user full permissions.
Also look at the permissions for /bin/sh.
ls -l /bin/sh
Perhaps you should install Linux on a regular computer so that you can use it a bit to learn more about the basics of Linux. This will also allow you to read manpages & info manuals on the regular system to help understand the core utility commands.
Keep in mind that some things may be different such as using a smaller sh'ish shell (Wikipedia info). I don't even know if the uClinux kernel supports multiple users. For example, it uses vfork() and doesn't support fork. That means that the parent has to wait for the child to finish or run exec() before resuming. That may mean that the kernel (running as root) can't start a user process and continue in the background. I'm not certain of this, but you will need to read up a bit more on uCLinux.
----
You also might want to visit the uCLinux home page. It uses a special kernel for processors without mmu units. Perhaps Wikipedia will have more info.
Last edited by jschiwal; 05-27-2008 at 07:55 AM.
Reason: missed parent resumes after exec()
Create a directory for the users home. The permissions of /home won't allow a normal user to write files there.
Code:
hpmedia:~ # ls -ld /home
drwxr-xr-x 24 root root 4096 May 27 04:36 /home
hpmedia:~ # ls -ld /home/jschiwal/
drwxr-x--- 81 jschiwal jschiwal 12288 May 27 00:57 /home/jschiwal/
Notice that the directory is owned by the user. The permission on the directory allow the user full permissions.
My home directory belongs to root, but how can a file belong to someone else, if he can't connect to the board?
Quote:
Originally Posted by jschiwal
Also look at the permissions for /bin/sh.
ls -l /bin/sh
Here is what I have
Code:
# ls -l /bin/sh
lrwxrwxrwx 1 root root 7 Jan 17 18:39 /bin/sh -> Busybox
Quote:
Originally Posted by jschiwal
Perhaps you should install Linux on a regular computer so that you can use it a bit to learn more about the basics of Linux. This will also allow you to read manpages & info manuals on the regular system to help understand the core utility commands.
I have Ubuntu 8.04 installed on my working computer because it didn't compile under Windows.
Quote:
Originally Posted by jschiwal
Keep in mind that some things may be different such as using a smaller sh'ish shell (Wikipedia info). I don't even know if the uClinux kernel supports multiple users. For example, it uses vfork() and doesn't support fork. That means that the parent has to wait for the child to finish before resuming. That may mean that the kernel (running as root) can't start a user process and continue in the background. I'm not certain of this, but you will need to read up a bit more on uCLinux.
I've read many things about that but I didn't found anything speaking about users/kernel (maybe I don't know where I should look). About the shell :
Code:
# msh --version
BusyBox v1.00 (2008.01.17-16:15+0000) Built-in shell (msh)
Enter 'help' for a list of built-in commands.
msh ?? What is it? Not found on the net...
Quote:
Originally Posted by jschiwal
You also might want to visit the uCLinux home page. It uses a special kernel for processors without mmu units. Perhaps Wikipedia will have more info.
I have found nothing about user management on uclinux.org or wikipedia...
A user's home directory is created under /home/, but has the ownership of that owner. In order for a user to be able to create a file in a directory, that user needs write access to the directory. The user also needs the execute bit set on the directory and the directories above it. Otherwise the user can't enter the directory.
Quote:
ls -l /bin/sh
lrwxrwxrwx 1 root root 7 Jan 17 18:39 /bin/sh -> Busybox
Those permissions are on the link. Look at the permissions of /bin/Busybox. Busybox will probably be the target of a number of commands in /bin/. A command's argv[0] parameter will be the command used to call Busybox, i.e. the link name rather than BusyBox. This allows busy box to know which embedded command you want to run. These embedded commands include commands supplied normally by coreutils, binutils & pwdutils. From the Busybox home page, I read some of the documentation. Bash and sh aren't listed as shells but ash and lash are listed. Msh isn't as well, but your version may have it, I don't know.
You might try checking if a /bin/ash link exists and if so try that. However, first read some Documentation on Busybox because Busybox includes the adduser and deluser commands, so editing /etc/password manually shouldn't be necessary. Keep in mind that you want to work on the Busybox documentation for the commands you use. They are builtin commands with fewer options. If the adduser, addgroup and deluser commands are not supported for your version that could mean that for uClinux, BusyBox was built for uClinux this way because uClinux doesn't support regular users. I have a feeling that this isn't the case, and you need to explore the system (like reading /etc/profile) as root for a while and actually looking at which commands are in /bin and /sbin and supported by BusyBox before adding a regular user.
-----
Quote:
Originally Posted by BusyBox documentation
Code:
addgroup
addgroup [-g GID] [user_name] group_name
Add a group to the system or add an user to a group
Options:
-g GID Group id
adduser
adduser [OPTIONS] user_name
Add a user to the system
Options:
-h DIR Home directory
-g GECOS GECOS field
-s SHELL Login shell
-G GROUP Add user to existing group
-S Create a system user (ignored)
-D Do not assign a password
-H Do not create home directory
Here is a portion of the BusyBox documentation which implies that adduser should edit /etc/passwd and create a home directory. It might use a skeleton directory to fill in the contents of the users home directory, which may only include a .profile file since you are using a very limited environment. The options may differ than the options of a regular distribution for the same commands. You need to rely on the BusyBox documentation and not the normal Linux documentation you may find on the web. If you built the uClinux system on a regular system, there may be uClinux documentation along with the source that you can resort to as well on the system you used to build it.
Quote:
My home directory belongs to root, but how can a file belong to someone else, if he can't connect to the board?
By a users home directory, I mean "/home/username", and not just "/home/" which is the parent directory. If you have a regular user, that user needs their own directory under home, owned by that user. Otherwise the user can't read or write any files, so what would be the point of having a regular user.
As root you can "su username" to change to that user. However first look if the device has a multiuser mode (/etc/inittab) && /etc/init.d/rc.
I have been checking BusyBox documentation (on the web) as you suggested me.
But my version seems to be different from the one you can find on the net. Here is what I have found (thanks to your help):
- msh is running but I can't find it in /bin or /sbin
- there is nothing in 'etc/profile' but a comment saying #Run external programm here
- the command "addusr" or "addgroup" or not implemented
- neither does "su"
- there is not file 'etc/init.d/rc'
...
There is a lot of differences :S
I may have omit to tell you that it was a board I have bought from a manufacturer. This is that manufacturer who has installed uClinux on the board. He may have done some changes that I don't know (in order to reduce used space or something that I can't understand at my beginner skill).
While reading those documents about BusyBox, I learned that a processor without MMU can't do malloc or free without freeing others applications' memory. Well, as I sayed, my technical English is not very fluent, so i may have misunderstood this...
Quote:
Originally Posted by http://busybox.net/FAQ.html#tips_vfork
(Now in theory, a nommu system could just copy the _stack_ when it forks (which presumably is much shorter than the heap), and leave the heap shared. Even with no MMU at all In practice, you've just wound up in a multi-threaded situation and you can't do a malloc() or free() on your heap without freeing the other process' memory (and if you don't have the proper locking for being threaded, corrupting the heap if both of you try to do it at the same time and wind up stomping on each other while traversing the free memory lists).
Then if it's right how could I use free() whitout destroying others' application memories? Why could I use shmget() to share data between programs without MMU? Sorry I'm diverging from initial topic
As a conclusion, and as you said, uClinux may not be used for multiple users, and I'm already working on something else to look for debug streams without telnet'ing (<= that word certainly doesn't existing in English ) on the card.
I doubt that using free() will actually free another processes' heap. What might happen is that the kernel has to perform the locking mentioned and relocate the memory. I'm not familiar with the ARM processor. However, this brings back memories about using the Amiga computer. It was a multiprocessing OS which originally used the 68000 processor & didn't have an MMU. The only fixed address that a program would have was $4 which contained a pointer to indirectly find the real address. All addressing was relative and the programs needed to be written reentrant and moveable.
Your version of BusyBox must use a different shell (msh) which is probably similar to bash. Try entering "help" by itself to see a list of embedded commands that msh supports. Enter "help <command>" to learn more about each command. Also check the host computer for documentation on the BusyBox implementation you have. Also note the version number. Including the version number in searches on Google may return the info you need.
I think that you may be correct in that your version of BusyBox may have been built with some built in commands left out. Often a project will have configuration options whether to include or exclude certain features.
IMHO, you may need to drop the idea of creating a new user given the constraints you are working with and concentrate on learning more about the embedded device and it's version of uClinux.
What does this device do? Is it a router board or a low power general purpose board?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
./bin/sh : Permission denied
But as I said in my first post, when I try to create a new user (by adding a new line in files /etc/groups and /etc/passwd) I can't reach the platform, because of that *#@!* error: "./bin/sh : Permission denied".. and this error happens because a simple user don't have rights to open libraries allowing /bin/sh to run in good standing. 
) on the card.
