BIND8, BIND9 static compilation problems

Mark_Andrews at isc.org Mark_Andrews at isc.org
Sun Oct 5 23:18:21 UTC 2003 

> Quoting Mark.Andrews at isc.org:
> > Supply the shared libraries or just let named perform the
> > chroot with the '-t' option and it will make the getpwnam()
> > before it calls chroot.
> > Static brinary can still dynamically load code by hand.
> 
> 
> Error numer 1
> chroot /chroot/dns ./sbin/strace -o trace.log /sbin/named -u dns -g dns
> user "dns" unknown
> #
> cat trace.log | grep "No such file"
> open("/lib/libnss_compat.so.2", O_RDONLY) = -1 ENOENT (No such file or 
> directory)
> open("/lib/libnss_files.so.2", O_RDONLY) = -1 ENOENT (No such file or 
> directory)
> 
> # mkdir lib
> # cp /lib/libnss_compat.so.2 lib/
> # cp /lib/libnss_files.so.2 lib/
> 
> 
> 
> Error numer 2
> chroot /chroot/dns ./sbin/strace -o trace.log /sbin/named -u dns -g dns
> user "dns" unknown
> #
> cat trace.log | grep "No such file"
> open("/lib/libc.so.6", O_RDONLY)        = -1 ENOENT (No such file or 
> directory)
> 
> # cp /lib/libc.so.6 lib/
> 
> 
> 
> Error number 3
> chroot /chroot/dns ./sbin/strace -o trace.log /sbin/named -u dns -g dns
> user "dns" unknown
> #
> cat trace.log | grep "No such file"
> open("/lib/ld-linux.so.2", O_RDONLY)    = -1 ENOENT (No such file or 
> directory)
> 
> 
> 
> chroot /chroot/dns ./sbin/strace -o trace.log /sbin/named -u dns -g dns
> #
> # ps aux | grep dns
> dns        753  0.0  0.7  3588 2040 ?        S    17:54   
> 0:00 /sbin/named -u dns -g dns
> 
> wow, it's functional... but with all libraries required from the start 
> when BIND was compiled dynamically... so please explain me what is the 
> difference between BIND compiled statically or dynamically? :)))
> 
> lol.... guess what? I got all libraries required when BIND was
> dynamically compiled? hahahha lol, and of course this was _statically_
> compiled binary... hahahahahhaha this was fun really... now let's get 
> serious... what t** f*** is going on???

	The names service switch library (required for looking up the
	password) requires routines that are part of the C library and
	are not already linked into the executable.

	Now why are you starting named using chroot(8) rather than using
	-t which executes chroot(2) at the right point i.e. *after*
	the NSS library is loaded.  Note named-xfer doesn't require NSS.

	Mark
--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark.Andrews at isc.org

More information about the bind-users mailing list