[Rpm-maint] [PATCH] fix loading NSS libraries prior to chrooting
pmatilai at laiskiainen.org
Fri Apr 5 06:00:39 UTC 2013
On 04/04/2013 11:09 PM, Thierry Vignaud wrote:
> rpm preloads NSS libraries prior to chrooting in order to
> fix group lookup in the chroot (when installing in a chroot):
> lib/rpmrc.c- /* Force preloading of dlopen()'ed libraries in case
> we go chrooting */
> lib/rpmrc.c: (void) gethostbyname("localhost");
> However in some cases, this is not enough.
> See https://bugs.mageia.org/show_bug.cgi?id=9326
> Strace showed that in some case, it tries to load libnss*so
> after chrooting, way too late, resulting in borked installs.
Do you have a strace of such a situation still at hand / can you easily
reproduce one? Just interested to see what's going on in such a case,
not that I couldn't imagine things failing in some circumstances: for
example if the system nsswitch.conf specifies hosts to come from a
different source than passwd/group.
> The following patch makes rpm to really force preloading of
> dlopen()'ed libraries before chrooting
> Patches against master & rpm-4.11.x
> Please apply.
It probably should actually call getpwent() as well for full coverage
against nsswitch.conf variants. And then the gethostbyname() call
becomes unnecessary as we're not interested in hosts, the whole thing is
nothing but a cheap trick that "works" most of the time.
However I seem to recall glibc caching the passwd and group contents, so
if we force it to read passwd and group before chrooting, it might well
end up using the values from the host system instead of what should go
into the chroot. At the very least I'd think it should call endgrent()
(and endpwent) as well.
- Panu -
More information about the Rpm-maint