Remove busybox from buildroot

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP











up vote
3
down vote

favorite












As part of Linux hardening we want to remove busybox from filesystem created with buildroot.



But I am not sure if system can boot without it.



I am quite sure that there are init files that depends on busybox.



Is it possible to boot without busybox or does it require a custom init ?






boot busybox init buildroot hardening







share|improve this question























  • Is it for a bare metal system, a VM, or for a Docker container? busybox contains all the commands so it is not easy to remove.
    – xenoid
    9 hours ago










  • Which distribution? Why have you not made a test in a VM yet,?
    – Rui F Ribeiro
    9 hours ago










  • What kind of system is it? Why do you think that removing a program would harden your system?
    – Gilles
    9 hours ago










  • It is for buildroot. I might have forgotten to mention it. I edited the question.
    – ransh
    6 hours ago















up vote
3
down vote

favorite












As part of Linux hardening we want to remove busybox from filesystem created with buildroot.



But I am not sure if system can boot without it.



I am quite sure that there are init files that depends on busybox.



Is it possible to boot without busybox or does it require a custom init ?






boot busybox init buildroot hardening







share|improve this question























  • Is it for a bare metal system, a VM, or for a Docker container? busybox contains all the commands so it is not easy to remove.
    – xenoid
    9 hours ago










  • Which distribution? Why have you not made a test in a VM yet,?
    – Rui F Ribeiro
    9 hours ago










  • What kind of system is it? Why do you think that removing a program would harden your system?
    – Gilles
    9 hours ago










  • It is for buildroot. I might have forgotten to mention it. I edited the question.
    – ransh
    6 hours ago













up vote
3
down vote

favorite









up vote
3
down vote

favorite











As part of Linux hardening we want to remove busybox from filesystem created with buildroot.



But I am not sure if system can boot without it.



I am quite sure that there are init files that depends on busybox.



Is it possible to boot without busybox or does it require a custom init ?






boot busybox init buildroot hardening







share|improve this question















As part of Linux hardening we want to remove busybox from filesystem created with buildroot.



But I am not sure if system can boot without it.



I am quite sure that there are init files that depends on busybox.



Is it possible to boot without busybox or does it require a custom init ?






boot busybox init buildroot hardening




boot busybox init buildroot hardening






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited 20 mins ago

























asked 9 hours ago









ransh

383249




383249











  • Is it for a bare metal system, a VM, or for a Docker container? busybox contains all the commands so it is not easy to remove.
    – xenoid
    9 hours ago










  • Which distribution? Why have you not made a test in a VM yet,?
    – Rui F Ribeiro
    9 hours ago










  • What kind of system is it? Why do you think that removing a program would harden your system?
    – Gilles
    9 hours ago










  • It is for buildroot. I might have forgotten to mention it. I edited the question.
    – ransh
    6 hours ago

















  • Is it for a bare metal system, a VM, or for a Docker container? busybox contains all the commands so it is not easy to remove.
    – xenoid
    9 hours ago










  • Which distribution? Why have you not made a test in a VM yet,?
    – Rui F Ribeiro
    9 hours ago










  • What kind of system is it? Why do you think that removing a program would harden your system?
    – Gilles
    9 hours ago










  • It is for buildroot. I might have forgotten to mention it. I edited the question.
    – ransh
    6 hours ago
















Is it for a bare metal system, a VM, or for a Docker container? busybox contains all the commands so it is not easy to remove.
– xenoid
9 hours ago




Is it for a bare metal system, a VM, or for a Docker container? busybox contains all the commands so it is not easy to remove.
– xenoid
9 hours ago












Which distribution? Why have you not made a test in a VM yet,?
– Rui F Ribeiro
9 hours ago




Which distribution? Why have you not made a test in a VM yet,?
– Rui F Ribeiro
9 hours ago












What kind of system is it? Why do you think that removing a program would harden your system?
– Gilles
9 hours ago




What kind of system is it? Why do you think that removing a program would harden your system?
– Gilles
9 hours ago












It is for buildroot. I might have forgotten to mention it. I edited the question.
– ransh
6 hours ago





It is for buildroot. I might have forgotten to mention it. I edited the question.
– ransh
6 hours ago











2 Answers
2






active

oldest

votes

















up vote
4
down vote













It all depends on whether your distro uses Busybox for init.



To point you in the right direction, run ls -l /sbin/init.



If you get something like the following (example from OpenWRT):



~# ls -l /sbin/init
-rwxr-xr-x 1 root root 10824 Jan 31 2016 /sbin/init


It means init is a different application and you may be able to remove Busybox. You'll still need to replace all the command init requires with alternatives as Busybox provides many tools required for booting successfully.



However, if you get (example from Alpine Linux):



~$ ls -l /sbin/init
lrwxrwxrwx 1 root root 12 May 3 04:49 /sbin/init -> /bin/busybox


It means init is provided by Busybox and you'll not be able to boot unless you can replace Busybox's init with an alternative.



You have to consider whether you are really hardening your system by doing this as you'll end up replacing one binary with many.






share|improve this answer


















  • 1




    Even if init itself isn't the one from Busybox, if a system has Busybox, it probably has other critical programs provided by Busybox, for example sh.
    – Gilles
    9 hours ago










  • @Gilles - edited and added as you commented :-)
    – garethTheRed
    9 hours ago










  • Using this solution, does buildroot provide the option to entirely remove busybox from buildroot ?
    – ransh
    20 mins ago

















up vote
3
down vote













I routinely delete busybox in my master template/Debian VMs.



As for Debian, it is a matter of not allowing it to install both the busybox and busybox-staticpackages.



You just have to keep in mind the recovery/rescue options will be more limited in a system without it. e.g. I might keep it on a physical system, I delete it as a norm form VMs to save space and under the Unix old golden rule of keeping the minimum of software installed.



At least speaking for Debian, the uninstall makes the necessary modifications in the background, and it is neither necessary to do any extra steps nor customizing anything.






share|improve this answer




















  • I forgot to mention that I use buildroot (just edit the question). So this solution may not be relevant in my case.
    – ransh
    6 hours ago










Your Answer







StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "106"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
convertImagesToLinks: false,
noModals: false,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);













 

draft saved


draft discarded


















StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f476685%2fremove-busybox-from-buildroot%23new-answer', 'question_page');

);

Post as a guest

















2 Answers
2






active

oldest

votes








2 Answers
2






active

oldest

votes









active

oldest

votes






active

oldest

votes








up vote
4
down vote













It all depends on whether your distro uses Busybox for init.



To point you in the right direction, run ls -l /sbin/init.



If you get something like the following (example from OpenWRT):



~# ls -l /sbin/init
-rwxr-xr-x 1 root root 10824 Jan 31 2016 /sbin/init


It means init is a different application and you may be able to remove Busybox. You'll still need to replace all the command init requires with alternatives as Busybox provides many tools required for booting successfully.



However, if you get (example from Alpine Linux):



~$ ls -l /sbin/init
lrwxrwxrwx 1 root root 12 May 3 04:49 /sbin/init -> /bin/busybox


It means init is provided by Busybox and you'll not be able to boot unless you can replace Busybox's init with an alternative.



You have to consider whether you are really hardening your system by doing this as you'll end up replacing one binary with many.






share|improve this answer


















  • 1




    Even if init itself isn't the one from Busybox, if a system has Busybox, it probably has other critical programs provided by Busybox, for example sh.
    – Gilles
    9 hours ago










  • @Gilles - edited and added as you commented :-)
    – garethTheRed
    9 hours ago










  • Using this solution, does buildroot provide the option to entirely remove busybox from buildroot ?
    – ransh
    20 mins ago














up vote
4
down vote













It all depends on whether your distro uses Busybox for init.



To point you in the right direction, run ls -l /sbin/init.



If you get something like the following (example from OpenWRT):



~# ls -l /sbin/init
-rwxr-xr-x 1 root root 10824 Jan 31 2016 /sbin/init


It means init is a different application and you may be able to remove Busybox. You'll still need to replace all the command init requires with alternatives as Busybox provides many tools required for booting successfully.



However, if you get (example from Alpine Linux):



~$ ls -l /sbin/init
lrwxrwxrwx 1 root root 12 May 3 04:49 /sbin/init -> /bin/busybox


It means init is provided by Busybox and you'll not be able to boot unless you can replace Busybox's init with an alternative.



You have to consider whether you are really hardening your system by doing this as you'll end up replacing one binary with many.






share|improve this answer


















  • 1




    Even if init itself isn't the one from Busybox, if a system has Busybox, it probably has other critical programs provided by Busybox, for example sh.
    – Gilles
    9 hours ago










  • @Gilles - edited and added as you commented :-)
    – garethTheRed
    9 hours ago










  • Using this solution, does buildroot provide the option to entirely remove busybox from buildroot ?
    – ransh
    20 mins ago












up vote
4
down vote










up vote
4
down vote









It all depends on whether your distro uses Busybox for init.



To point you in the right direction, run ls -l /sbin/init.



If you get something like the following (example from OpenWRT):



~# ls -l /sbin/init
-rwxr-xr-x 1 root root 10824 Jan 31 2016 /sbin/init


It means init is a different application and you may be able to remove Busybox. You'll still need to replace all the command init requires with alternatives as Busybox provides many tools required for booting successfully.



However, if you get (example from Alpine Linux):



~$ ls -l /sbin/init
lrwxrwxrwx 1 root root 12 May 3 04:49 /sbin/init -> /bin/busybox


It means init is provided by Busybox and you'll not be able to boot unless you can replace Busybox's init with an alternative.



You have to consider whether you are really hardening your system by doing this as you'll end up replacing one binary with many.






share|improve this answer














It all depends on whether your distro uses Busybox for init.



To point you in the right direction, run ls -l /sbin/init.



If you get something like the following (example from OpenWRT):



~# ls -l /sbin/init
-rwxr-xr-x 1 root root 10824 Jan 31 2016 /sbin/init


It means init is a different application and you may be able to remove Busybox. You'll still need to replace all the command init requires with alternatives as Busybox provides many tools required for booting successfully.



However, if you get (example from Alpine Linux):



~$ ls -l /sbin/init
lrwxrwxrwx 1 root root 12 May 3 04:49 /sbin/init -> /bin/busybox


It means init is provided by Busybox and you'll not be able to boot unless you can replace Busybox's init with an alternative.



You have to consider whether you are really hardening your system by doing this as you'll end up replacing one binary with many.







share|improve this answer














share|improve this answer



share|improve this answer








edited 8 hours ago

























answered 9 hours ago









garethTheRed

23.4k35978




23.4k35978







  • 1




    Even if init itself isn't the one from Busybox, if a system has Busybox, it probably has other critical programs provided by Busybox, for example sh.
    – Gilles
    9 hours ago










  • @Gilles - edited and added as you commented :-)
    – garethTheRed
    9 hours ago










  • Using this solution, does buildroot provide the option to entirely remove busybox from buildroot ?
    – ransh
    20 mins ago












  • 1




    Even if init itself isn't the one from Busybox, if a system has Busybox, it probably has other critical programs provided by Busybox, for example sh.
    – Gilles
    9 hours ago










  • @Gilles - edited and added as you commented :-)
    – garethTheRed
    9 hours ago










  • Using this solution, does buildroot provide the option to entirely remove busybox from buildroot ?
    – ransh
    20 mins ago







1




1




Even if init itself isn't the one from Busybox, if a system has Busybox, it probably has other critical programs provided by Busybox, for example sh.
– Gilles
9 hours ago




Even if init itself isn't the one from Busybox, if a system has Busybox, it probably has other critical programs provided by Busybox, for example sh.
– Gilles
9 hours ago












@Gilles - edited and added as you commented :-)
– garethTheRed
9 hours ago




@Gilles - edited and added as you commented :-)
– garethTheRed
9 hours ago












Using this solution, does buildroot provide the option to entirely remove busybox from buildroot ?
– ransh
20 mins ago




Using this solution, does buildroot provide the option to entirely remove busybox from buildroot ?
– ransh
20 mins ago












up vote
3
down vote













I routinely delete busybox in my master template/Debian VMs.



As for Debian, it is a matter of not allowing it to install both the busybox and busybox-staticpackages.



You just have to keep in mind the recovery/rescue options will be more limited in a system without it. e.g. I might keep it on a physical system, I delete it as a norm form VMs to save space and under the Unix old golden rule of keeping the minimum of software installed.



At least speaking for Debian, the uninstall makes the necessary modifications in the background, and it is neither necessary to do any extra steps nor customizing anything.






share|improve this answer




















  • I forgot to mention that I use buildroot (just edit the question). So this solution may not be relevant in my case.
    – ransh
    6 hours ago














up vote
3
down vote













I routinely delete busybox in my master template/Debian VMs.



As for Debian, it is a matter of not allowing it to install both the busybox and busybox-staticpackages.



You just have to keep in mind the recovery/rescue options will be more limited in a system without it. e.g. I might keep it on a physical system, I delete it as a norm form VMs to save space and under the Unix old golden rule of keeping the minimum of software installed.



At least speaking for Debian, the uninstall makes the necessary modifications in the background, and it is neither necessary to do any extra steps nor customizing anything.






share|improve this answer




















  • I forgot to mention that I use buildroot (just edit the question). So this solution may not be relevant in my case.
    – ransh
    6 hours ago












up vote
3
down vote










up vote
3
down vote









I routinely delete busybox in my master template/Debian VMs.



As for Debian, it is a matter of not allowing it to install both the busybox and busybox-staticpackages.



You just have to keep in mind the recovery/rescue options will be more limited in a system without it. e.g. I might keep it on a physical system, I delete it as a norm form VMs to save space and under the Unix old golden rule of keeping the minimum of software installed.



At least speaking for Debian, the uninstall makes the necessary modifications in the background, and it is neither necessary to do any extra steps nor customizing anything.






share|improve this answer












I routinely delete busybox in my master template/Debian VMs.



As for Debian, it is a matter of not allowing it to install both the busybox and busybox-staticpackages.



You just have to keep in mind the recovery/rescue options will be more limited in a system without it. e.g. I might keep it on a physical system, I delete it as a norm form VMs to save space and under the Unix old golden rule of keeping the minimum of software installed.



At least speaking for Debian, the uninstall makes the necessary modifications in the background, and it is neither necessary to do any extra steps nor customizing anything.







share|improve this answer












share|improve this answer



share|improve this answer










answered 7 hours ago









Rui F Ribeiro

37.2k1274118




37.2k1274118











  • I forgot to mention that I use buildroot (just edit the question). So this solution may not be relevant in my case.
    – ransh
    6 hours ago
















  • I forgot to mention that I use buildroot (just edit the question). So this solution may not be relevant in my case.
    – ransh
    6 hours ago















I forgot to mention that I use buildroot (just edit the question). So this solution may not be relevant in my case.
– ransh
6 hours ago




I forgot to mention that I use buildroot (just edit the question). So this solution may not be relevant in my case.
– ransh
6 hours ago

















 

draft saved


draft discarded















































 


draft saved


draft discarded














StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f476685%2fremove-busybox-from-buildroot%23new-answer', 'question_page');

);

Post as a guest
































































Comments

Post a Comment

Popular posts from this blog

Long meetings (6-7 hours a day): Being “babysat” by supervisor

Image
Clash Royale CLAN TAG #URR8PPP .everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty margin-bottom:0; up vote 31 down vote favorite 4 I hold a PhD in mechanical engineering with a 7 year background in self-guided, self-paced research including 2 years as a graduate level course instructor and a subject matter expert for various engineering projects in a university setting in the United States. For the last 10-11 months, I am working in a research industry in France where my task is to debug C++ spaghetti code written over a period of several years by my current supervisor. It is a team of 2: just I and my supervisor. Diurnally, I am posed with a "bug of the day" to get out of this C++ code. My supervisor generally gives me about 15-30 minutes to solve it and then accosts me about whether or not the task is completed and then rinses and repeats this until the end of the day. Off-late, my supervisor has been holding 6-7 hour long "meetin
Read more

Is the Concept of Multiple Fantasy Races Scientifically Flawed? [closed]

Image
Clash Royale CLAN TAG #URR8PPP up vote 2 down vote favorite Many fantasy worlds have multiple humanoid species (elves, orcs, humans, etc) living in the same world, in addition to that, they often have the ability to interbreed. And I can't help but question their believability... fantasy-races reproduction interspecies-relations share | improve this question edited Aug 9 at 14:46 Michael Kjörling ♦ 21.1k 10 85 161 asked Aug 9 at 13:13 Chlodio 118 6 closed as unclear what you're asking by MichaelK, Gryphon, John, Vincent, Frostfyre Aug 9 at 15:25 Please clarify your specific problem or add additional details to highlight exactly what you need. As it's currently written, it’s hard to tell exactly what you're asking. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question. 3 Stack Exchange exist to
Read more

Confectionery

Image
Prepared foods made with a lot of sugar or other cabohydrates "Sweetmeat" redirects here. For the racehorse, see Sweetmeat (horse). Not to be confused with Sweetbread. This Kransekake is a traditional Scandinavian baker's confection. Confectionery is the art of making confections , which are food items that are rich in sugar and carbohydrates. Exact definitions are difficult. [1] In general, though, confectionery is divided into two broad and somewhat overlapping categories, bakers' confections and sugar confections. [2] Bakers' confectionery, also called flour confections , includes principally sweet pastries, cakes, and similar baked goods. Sugar confectionery includes candies ( sweets in British English), candied nuts, chocolates, chewing gum, bubble gum, pastillage, and other confections that are made primarily of sugar. In some cases, chocolate confections (confections made of chocolate) are treated as a separate category, as are sugar-free versions of
Read more