[Rpm-maint] [PATCH] fix loading NSS libraries prior to chrooting

Michael Schroeder mls at suse.de
Fri Apr 5 08:26:14 UTC 2013

On Thu, Apr 04, 2013 at 10:09:57PM +0200, Thierry Vignaud wrote:
> rpm preloads NSS  libraries prior to chrooting in order to
> fix group lookup in the chroot (when installing in a chroot):
> lib/rpmrc.c-    /* Force preloading of dlopen()'ed libraries in case
> we go chrooting */
> lib/rpmrc.c:    (void) gethostbyname("localhost");
> However in some cases, this is not enough.
> See https://bugs.mageia.org/show_bug.cgi?id=9326
> Strace showed that in some case, it tries to load libnss*so
> after chrooting, way too late, resulting in borked installs.
> The following patch makes rpm to really force preloading of
> dlopen()'ed libraries before chrooting

Hmm, IMHO that's just tampering with the symptoms of the
underlying problem. Things to consider:

- rpm should not use the nscd of the "outer" system, but glibc
  caches the connection
- it should also not use the outer nss configuration, this is
  also cached

At some point after looking at the glibc sources I gave up and
implemented a tiny password/group parser in rpm. See:


OTOG glibc may have changed meanwhile...


Michael Schroeder                                   mls at suse.de
SUSE LINUX Products GmbH,  GF Jeff Hawn, HRB 16746 AG Nuernberg

More information about the Rpm-maint mailing list