dropbear and libnss
Andy Warner
andyw at pobox.com
Wed Aug 23 04:46:14 WST 2006
On 8/22/06, Rich Turner <rich at storix.com> wrote:
> i am using dropbear as part of a bootable cd. everything works fine when i
> include the libnss_files files but i am unable to authenticate without them.
> if i need libnss_files then why is not dropbear library dependent on
> libnss_files?
>
> if i run ldd on all of the executables i include on the bootable cd, none are
> dependent on libnns_*.
>
> is there something i do not understand about libnss and linux authentication
> or is dropbear trying to load a subroutine in libnss that does not exist?
My recollection is that libnss contains the functions that decide
how things like gethostbyname() get satisfied. E.g. DNS, /etc/hosts,
yp etc etc.) It is included by some obscure path that I can't quite
remember, but you're right - it doesn't show up with ldd. Just add
it to the list of libraries copied over and you should be good to go.
The stock libnss contains runtime switches to control where you
get information from, I think there are versions available that allow
you to hardcode the source at compile time, if that kind of additional
security is important to you.
--
Andy
More information about the Dropbear
mailing list