Thursday, October 19, 2017

util-linux v2.31 -- what's new?

uuidparse -- this is a new small command to get more information about UUIDs "hash". The command provides info about UUID type, variant and time. For example:

$ (uuidgen; uuidgen -t) | uuidparse
UUID                                  VARIANT TYPE       TIME
8f251893-d33a-40f7-9bb3-36988ec77527  DCE     random
66509634-b404-11e7-aa8e-7824af891670  DCE     time-based 2017-10-18 15:01:04,751570+0200

The command su has been refactored and extended to create pseudo terminal for the session (new option --pty). The reason is CVE-2016-2779, but the issue addressed by this CVE is pretty old and all the problem is silently ignored for for years on many places (on only su(1)). The core of the problem is that unprivileged user (within su(1) session) shares terminal file descriptor with original root's session. The new option --pty forces su(1) to create independent pseudo terminal for the session and than su(1) works as proxy between the terminals. The feature is experimental and not enabled by default (you have to use su --pty).

standard su session (all on pts/0):
               
24909 pts/0    S      0:02          \_ -bash                  
13607 pts/0    S      0:00              \_ su - kzak          
13608 pts/0    S      0:00                  \_ -bash          
13679 pts/0    R+     0:00                      \_ ps af      

su --pty session (root pts/0; user pts/5):
               
24909 pts/0    S      0:02          \_ -bash                  
13857 pts/0    S+     0:00              \_ su --pty - kzak    
13858 pts/5    Ss     0:00                  \_ -bash          
13921 pts/5    R+     0:00                      \_ ps af      

rfkill -- this is a new command in util-linux. The command was originally written by Johannes Berg and Marcel Holtmann and maintained for years as standalone package. We believe that it's better to maintain and distribute it with another commands on one place. The util-linux version is backwardly compatible with the original implementations. The command has been also improved (libsmartcols ouotput, etc.), the new default output:
# rfkill       
ID TYPE      DEVICE                   SOFT      HARD          
 0 bluetooth tpacpi_bluetooth_sw unblocked unblocked          
 1 wlan      phy0                unblocked unblocked          
 4 bluetooth hci0                  blocked unblocked

The library libuuid and command uuidgen support hash-based UUIDs v3 (md5) and v5 (sha1) as specified by RFC-4122 now. The library also provides UUID templates for dns, url, oid, or x500. For example:
 
$ uuidgen --sha1  --namespace @dns --name foobar.com
e361e3ab-32c6-58c4-8f00-01bee1ad27ec

and it's expected to use v3 and v5 UUIDs as hierarchy, so you can use this UUID (or arbitrary other UUID) as a namespace:
 
$ uuidgen --sha1  --namespace e361e3ab-32c6-58c4-8f00-01bee1ad27ec --name mystuff
513f905c-7df2-5afa-9470-4e82382dbf00

I can imagine system where for example per-user or per-architecture partition UUIDs are based on this system. For example use UUID specific for the system root as --namespace and username as --name, or so. 

wipefs and libblkid have been improved to provide all possible string permutations for a device. It means that wipefs does not return the first detected signature, but it continues and tries another offsets for the signature. This is important for filesystems and partitions tables where the superblock is backuped on multiple places (e.g. GPT) or detectable by multiple independent ways (FATs). This all is possible without a device modification (the old version provides the same, but only in "wipe" mode). 

The libfdisk has been extended to use BLKPG ioctls to inform the kernel about changes. This means that cfdisk and fdisk will not force your kernel to reread all of the partition table, but untouched partitions may remain mounted and used by the system. The typical use-case is resizing the last partition on the system disk. 

You can use cfdisk to resize a partition. Yep, cool.

The hwclock command now significantly reduces system shutdown times by not reading the RTC before setting it (except when the --update-drift option is used). This also mitigates other potential shutdown and RTC setting problems caused by requiring an RTC read.