Date: Sun, 31 Jan 2010 22:53:24 +0100 From: =?utf-8?Q?Piotr_Buli=C5=84ski?= <bulinskp@iem.pw.edu.pl> To: freebsd-current@freebsd.org Cc: Jilles Tjoelker <jilles@stack.nl>, des@freebsd.org Subject: Re: Problem with sftp server, static linking, pam and nss_ldap. Message-ID: <707EBC5E-E5C1-4A23-A829-7283495191AA@iem.pw.edu.pl> In-Reply-To: <20100131125805.GA44187@stack.nl> References: <4D59045B-6B03-440C-BCCC-C9C171621475@iem.pw.edu.pl> <20100131125805.GA44187@stack.nl>
next in thread | previous in thread | raw e-mail | index | archive | help
--Apple-Mail-7-1052279468 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 On 2010-01-31, at 13:58, Jilles Tjoelker wrote: > On Sun, Jan 31, 2010 at 12:37:19PM +0100, Piotr Buli=C5=84ski wrote: >> As you can see, it works great with dynamic linking, but if it's = build with=20 >> static linking it can't get user information from LDAP database. >=20 > Correct, NSS only works from dynamically-linked executables. I didn't know that. >> During the upgrade to OpenSSH 5.3p1 = /head/secure/libexec/sftp-server/Makefile file changed a little bit: >>=20 >> revision 181111, Fri Aug 1 02:48:36 2008 UTC ---> revision 197679, = Thu Oct 1 17:12:52 2009 UTC >> LDADD=3D -lssh -lcrypt -lcrypto -lz ---> LDADD=3D -lcrypt = -lcrypto -lz -static -lssh >=20 >> So I've tried to build sftp-server without -static switch, but it >> result in failure like below: >=20 >> {volt}-{/usr/src/secure/libexec/sftp-server}% sudo make >> Warning: Object directory not changed from original = /usr/src/secure/libexec/sftp-server >> cc -O2 -pipe -fomit-frame-pointer -march=3Dopteron = -I/usr/src/secure/libexec/sftp-server/../../../crypto/openssh -include = ssh_namespace.h -std=3Dgnu99 -Wno-pointer-sign -c = /usr/src/secure/libexec/sftp-server/../../../crypto/openssh/sftp-server.c >> cc -O2 -pipe -fomit-frame-pointer -march=3Dopteron = -I/usr/src/secure/libexec/sftp-server/../../../crypto/openssh -include = ssh_namespace.h -std=3Dgnu99 -Wno-pointer-sign -c = /usr/src/secure/libexec/sftp-server/../../../crypto/openssh/sftp-common.c >> cc -O2 -pipe -fomit-frame-pointer -march=3Dopteron = -I/usr/src/secure/libexec/sftp-server/../../../crypto/openssh -include = ssh_namespace.h -std=3Dgnu99 -Wno-pointer-sign -c = /usr/src/secure/libexec/sftp-server/../../../crypto/openssh/sftp-server-ma= in.c >> cc -O2 -pipe -fomit-frame-pointer -march=3Dopteron = -I/usr/src/secure/libexec/sftp-server/../../../crypto/openssh -include = ssh_namespace.h -std=3Dgnu99 -Wno-pointer-sign -o sftp-server = sftp-server.o sftp-common.o sftp-server-main.o -lssh -lcrypt -lcrypto = -lz >> /usr/lib/libssh.so: undefined reference to `ssh_add_recv_bytes' >> /usr/lib/libssh.so: undefined reference to `ssh_roaming_write' >> /usr/lib/libssh.so: undefined reference to `ssh_roaming_read' >> *** Error code 1 >=20 >> Stop in /usr/src/secure/libexec/sftp-server. >> {volt}-{/usr/src/secure/libexec/sftp-server}%=20 >=20 >> Do you have any idea how to make it works? >=20 > Apparently something broke so that sftp-server cannot link to libssh > dynamically, even though scp and ssh can still use it. > By changing the line in secure/libexec/sftp-server/Makefile to >=20 > LDADD=3D -lcrypt -lcrypto -lz -Wl,-static -lssh -Wl,-call_shared >=20 > it links only libssh and its dependencies statically, which may be > enough to fix your problem. This still links quite a lot more than > libssh statically, I am not happy with it at all. Thanks a lot! This solved my problem for now. I'll be testing it this week. Will you put this "patch" to the source tree of CURRENT (or maybe it's good only as a temporary solution)? Thanks again! Regards --=20 Piotr Buli=C5=84ski Informatyka na Wydziale Elektrycznym Politechnika Warszawska --Apple-Mail-7-1052279468--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?707EBC5E-E5C1-4A23-A829-7283495191AA>