busybox-1.8.2: eliminating libnss*
Denys Vlasenko
vda.linux at googlemail.com
Sun Dec 16 09:37:59 PST 2007
On Friday 14 December 2007 14:37, Joseph Sacco wrote:
> I would like to eliminate /lib/libnss* and still be able to:
>
> * log in through a serial port [which runs a getty]
> * log in via telnet
> * connect to an HTTP server spawned from inetd
>
> I configured the busybox-1.8.2 Login/Password Utilities as shown below:
>
> #
> # Login/Password Management Utilities
> #
> CONFIG_FEATURE_SHADOWPASSWDS=y
> CONFIG_USE_BB_SHADOW=y
> CONFIG_USE_BB_PWD_GRP=y
> # CONFIG_ADDGROUP is not set
> # CONFIG_FEATURE_ADDUSER_TO_GROUP is not set
> # CONFIG_DELGROUP is not set
> # CONFIG_FEATURE_DEL_USER_FROM_GROUP is not set
> # CONFIG_ADDUSER is not set
> # CONFIG_DELUSER is not set
> CONFIG_GETTY=y
> # CONFIG_FEATURE_UTMP is not set
> # CONFIG_FEATURE_WTMP is not set
> CONFIG_LOGIN=y
> # CONFIG_PAM is not set
> CONFIG_LOGIN_SCRIPTS=y
> CONFIG_FEATURE_NOLOGIN=y
> CONFIG_FEATURE_SECURETTY=y
> CONFIG_PASSWD=y
> # CONFIG_FEATURE_PASSWD_WEAK_CHECK is not set
> # CONFIG_CRYPTPW is not set
> # CONFIG_CHPASSWD is not set
> # CONFIG_SU is not set
> # CONFIG_FEATURE_SU_SYSLOG is not set
> # CONFIG_FEATURE_SU_CHECKS_SHELLS is not set
> # CONFIG_SULOGIN is not set
> # CONFIG_VLOCK is not set
>
> When I remove /lib/libnss* from the TARGET system I find that I can log
> in through a serial port but can no longer log in via telnet or connect
> to the HTTP server. If I restore these libraries on the TARGET system I
> can access the system via telnet and can connect to the HTTP server.
>
> So... It looks like some sort of permissions issue. What am I missing?
glibc is very poorly suited for such things. You won't get much support
from glibc people with trying to live without dynamic loading of nss
libraries (I think).
I think using uclibc is the easiest path for you, as you appear to build
some sort of standalone system which does not need fancy user/group/host
resolution thru ldap/samba/whatever.
It's also way smaller than glibc.
--
vda
More information about the busybox
mailing list