Thanks for your reply! Please find my answer inline...
> > The "mkchroot.sh" sample script that comes with package
> "rssh" relies on
> > "ldd" to determine the shared library dependencies subject
> to be copied
> > to the chroot environment. Unfortunately "ldd" reports an incomplete
> > list of shared library dependencies since the introduction
> of Virtual
> > Dynamic Shared Objects (linux-vdso.so).
>
> > # ldd /usr/bin/scp
> > linux-vdso.so.1 => (0x00007fff4bdff000)
> > libc.so.6 => /lib/libc.so.6 (0x00007fcaa7e31000)
> > /lib64/ld-linux-x86-64.so.2 (0x00007fcaa83a8000)
> > #
>
> > Kindly adjust the "mkchroot.sh" script to work on Linux systems with
> > VDSO enabled
>
> Happy to do so as soon as someone tells me how. :) I've
> never heard of
> VDSO before and have no idea how to convince ldd to actually
> provide the
> required information.
After trying 'ldd' with other binaries I am not sure whether, the fact that
only 'libc' is reported as a shared library dependency for 'scp' and
'sftp-server', is related to VDSO, to the way the 'scp' and 'sftp-server'
binaries were created in the first place, or some other factors.
'ldd' seems to correctly report all shared library dependencies for other
binaries from the same package (e.g. 'ssh-keygen'):
# ldd /usr/bin/ssh-keygen
linux-vdso.so.1 => (0x00007ffffa3ff000)
libcrypto.so.0.9.8 => /usr/lib/libcrypto.so.0.9.8
(0x00007f96ae0f9000)
libdl.so.2 => /lib/libdl.so.2 (0x00007f96adef5000)
libresolv.so.2 => /lib/libresolv.so.2 (0x00007f96adcde000)
libc.so.6 => /lib/libc.so.6 (0x00007f96ad97d000)
libz.so.1 => /usr/lib/libz.so.1 (0x00007f96ad766000)
/lib64/ld-linux-x86-64.so.2 (0x00007f96ae6cb000)
#
Maybe VDSO caches shared library dependencies only for those binaries that
are currently loaded into memory? Since I login via 'ssh' it's possible that
some of the binaries are already loaded, causing the dependencies to be
cached as VDSO, and resulting in 'ldd' to not report them?
Interestingly even 'readelf' reports only the 'libc' dependency for 'scp':
# readelf -d /usr/bin/scp | egrep NEEDED
0x0000000000000001 (NEEDED) Shared library: [libc.so.6]
#
I just know that on my old 'lenny' installation 'ldd' reported shared
library dependencies for 'scp' and 'sftp-server' corretly and 'mkchroot.sh'
created a working chroot environment. For some unkown reason this does not
seem to be the case any more on my new 'squeeze' machine!
> > or advise (document) which commands can be used to
> determine the full
> > set of dynamic library dependencies required for manual
> creation of the
> > chroot environment.
>
> Just to check, are you sure that your /usr/bin/scp is
> actually linked with
> any other libraries? Mine isn't:
>
> windlord:~> ldd /usr/bin/scp
> linux-gate.so.1 => (0xb76e6000)
> libc.so.6 => /lib/i686/cmov/libc.so.6 (0xb757d000)
> /lib/ld-linux.so.2 (0xb76e7000)
I doubt that 'scp' depends only on 'libc', at least on my old 'lenny'
installation it had several other dependencies, including 'libcrypt' and
'libnsl'.
> If the problem is just that the chroot script needs to ignore
> linux-vdso.so.1 the way that it ignores linux-gate.so.1, that's a very
> easy fix.
I got the chroot environment working by manually copying the following
libraries to the chroot environment: /lib/libcom_err.so.2,
/lib/libcrypt.so.1, /lib/libdl.so.2, /lib/libkeyutils.so.1,
/lib/libnsl.so.1, /lib/libpthread.so.0, /lib/libresolv.so.2,
/lib/libutil.so.1, /usr/lib/libcrypto.so.0.9.8,
/usr/lib/libgssapi_krb5.so.2, /usr/lib/libkrb5.so.3,
/usr/lib/libkrb5support.so.0, /usr/lib/libz.so.1. I compiled the list of
required libraries based on the 'ldd' output on my old machine running
'lenny'. Not sure how to get the same information on a 'squeeze'
installation?!?
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
