Note: this is not a full review of the busybox package but rather a
difference assessement between the busybox-static and busybox package
(as part of this request).
The binary package "busybox" is quite similar to the static one and replaces
it. It produces a binary with the same name, linked against libc6 only.
A man page (same than the busybox-static one) is provided and a simple trigger
for update-initramfs is in place.
There is nothing special in the control or rules files.
I think this is thus +1 on the MIR-team side. However, as discussed,
switching for some part from a statically linked, in a limited
environment where busybox-static was running to a dynamically linked,
opened one. As discussed during the MIR meeting, this would need a
security assessment.
** Changed in: busybox (Ubuntu)
Assignee: Didier Roche (didrocks) => Ubuntu Security Team (ubuntu-security)
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to busybox in Ubuntu.
https://bugs.launchpad.net/bugs/1933979
Title:
[MIR] busybox package
Status in busybox package in Ubuntu:
New
Bug description:
[Availability]
==============
src:busybox was introduced in Dapper (2006) and has been in main since then.
src:busybox & bin:busybox-static are in main, to be more precise. And this
request is to promote bin:busybox from src:busybox in main, too. It only
depends on the libc6 package, which is in main already. The package builds on
all the architectures; is Arch:any.
[Rationale]
===========
This package is to be included in our partner's cloud images, going back to
Bionic. As cloud images are to ship only packages from main this request is to
see that happen.
[Security]
==========
The binary doesn't install services / daemons (/etc/init.d/*, /etc/init/*,
/lib/systemd/system/*). Just ships the "busybox" binary, its docs, and a man
page.
[Dependencies]
==============
libc6, which is in main already.
[Maintenance]
=============
Server team.
[Background information]
========================
Tiny utilities for small and embedded systems.
---
Upstream: https://git.busybox.net/busybox/
Launchpad page: https://launchpad.net/ubuntu/+source/busybox
Ubuntu bugs: https://bugs.launchpad.net/ubuntu/+source/busybox
Debian Package Tracker: https://tracker.debian.org/pkg/busybox
Debian bugs:
https://bugs.debian.org/cgi-bin/pkgreport.cgi?repeatmerged=no&src=busybox
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/busybox/+bug/1933979/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
