The passwd command in BSP is a busybox package applet and links to/bin/busybox.
Furthermore, SETUID is not set in /bin/busybox, general user cannot change password of any user including his/her own.
$ passwd
passwd: must be suid to work properly
Use the setting below to allow changing own password to general user.
Note:
When setting SETUID bit in /bin/busybox, the following command is enabled for general user. (Within a command by default setting of BSP busybox.)
passwd / su
Refer to "Enable passwd command only" for such settings.
Set SETUID bit in /bin/busybox
How to set SETUID bit
1. Login as root
2. Set SETUID bit in /bin/busybox
# chmod 4755 /bin/busybox
Enable passwd command only
Have two busybox binaries and set SETUID bit to one of them
Copy busybox binary, set SETUID bit to one of the binaries and link passwd command to a busybox binary with SETUID bit.
Procedures
1. Login as root
2. Copy /bin/busybox
# cd /bin
# cp -a busybox busybox.suid
3. Set SETUID bit in /bin/busybox
# chmod 4755 /bin/busybox.suid
4. Recreate /sbin/passwd link
# cd /usr/bin
# rm -f passwd
# ln -s ../../busybox.suid passwd