Re: [PATCH] nss_files: Fix /etc/aliases null pointer dereference [BZ #24059]

[Szabolcs Nagy <Szabolcs dot Nagy at arm dot com>]

On 13/03/2019 16:36, Florian Weimer wrote:
> * Szabolcs Nagy:
> 
>> * Florian Weimer <fweimer@redhat.com> [2019-02-01 18:32:23 +0100]:
>>> * Szabolcs Nagy:
>>>>
>>>> libnss_files.so.2 is not listed as explicit dependency
>>>> for some reason so it is not loaded at program startup,
>>>> but after chroot is entered, but it's not available in
>>>> the chroot so the first api call fails.
>>>
>>> There's already this in nss/Makefile:
>>>
>>> $(objpfx)tst-nss-files-alias-truncated: $(objpfx)/libnss_files.so
>>>
>>> I expected this causes a DT_NEEDED entry to be added to the executable,
>>> so it is loaded upon startup, outside of the chroot.
>>
>> it seems debian/ubuntu gcc always passes --as-needed to the linker
>> https://wiki.debian.org/ToolChain/DSOLinking
>>
>> so either a reference is needed to the lib or
>>  -Wl,--no-as-needed lib -Wl,--as-needed
>> ldflag to force a DT_NEEDED.
>>
>> ..or copy the lib to the chroot.
> 
> So what should we do here?
> 
> Should we disable --as-needed across the board?  Or should we fix the
> test?

ideally the chroot should have all the runtime libs that
may be loaded, if that's too big hassle, then i'd fix
the test (to enforce DT_NEEDED or use dlopen before chroot).

(this issue affects the aarch64 buildbot, but that's not
running since the minimum gcc requirement got increased,
i'll ask for a buildbot server restart)