r997 - trunk
archaic at linuxfromscratch.org
archaic at linuxfromscratch.org
Thu Oct 27 13:26:11 PDT 2005
Date: 2005-10-27 14:26:11 -0600 (Thu, 27 Oct 2005)
New Revision: 997
--- trunk/nss_db.txt 2005-10-26 03:04:40 UTC (rev 996)
+++ trunk/nss_db.txt 2005-10-27 20:26:11 UTC (rev 997)
@@ -1,6 +1,6 @@
-AUTHOR: Randy McMurchy <LFS-User_at_mcmurchy_dot_com>
+AUTHOR: Randy McMurchy <randy_at_linuxfromscratch.org>
LICENSE: Creative Commons Attribution-NonCommercial-ShareAlike License
@@ -16,12 +16,11 @@
-Alternate location: http://www.mcmurchy.com/lfs/nss_db-2.2-update-1.patch
-An LFS system using glibc-2.3.x.
+An LFS system using Glibc-2.3.x.
@@ -54,15 +53,15 @@
-Up until version 2.2.0 of glibc, the nss_db library, as well as Berkeley DB,
-were included with the glibc package. Beginning with glibc-2.2.0, nss_db and
-DB were removed from glibc as the maintainers could not control the version
+Up until version 2.2.0 of Glibc, the nss_db library, as well as Berkeley DB,
+were included with the Glibc package. Beginning with Glibc-2.2.0, nss_db and
+DB were removed from Glibc as the maintainers could not control the version
of DB installed on the system. If DB was upgraded on the system, it could
render nss_db unusable. So, at this point the decision was made to make
nss_db a separate package.
-As official glibc releases were made public, nss_db was left behind. There's
-been no official updates to the nss_db package since glibc-2.2.0. Some of the
+As official Glibc releases were made public, nss_db was left behind. There's
+been no official updates to the nss_db package since Glibc-2.2.0. Some of the
mainstream Linux distro's have been keeping nss_db alive during this time.
This hint brings nss_db back to LFS users.
@@ -89,24 +88,25 @@
a central location for updating nameservice information.
3) In a network environment where usernames are resolved over the network
-(LDAP, WINS, etc.), local copies of the username login authentication files
-can be locally stored, eliminating the need to fetch this information from
+(LDAP, WINS, etc.), copies of the username login authentication files
+can be stored locally, eliminating the need to fetch this information from
+the network. This is especially important for laptop users who may connect
+to the network while on premises, but need to authenticate when not attached
+to the physical network.
2. PACKAGE DEPENDENCIES:
-Berkeley DB-4.1.25 (DB-4.2.52 would probably work as well, though I've not
Instructions for installing the DB package can be found at:
3. PACKAGE INSTALLATION:
@@ -133,18 +133,20 @@
attachment to this hint. See the Attachments section at the beginning of the
hint for download locations.
-Patch the package by running the following command:
+First unpack the nss_db tarball and change into the newly created source
+directory. Patch the package by running the following command:
-patch -Np1 -i ../nss_db-2.2-update-1.patch
+patch -Np1 -i ../nss_db-2.2-update-2.patch
The patch does many things.
-1) Allows building against glibc-2.3.x.
+1) Allows building against Glibc-2.3.x.
2) Changes DB calls to use DB-4.x
3) Fixes a problem with a db-open routine.
-4) Allows a user-specified db directory using --localstatedir as a switch to
+4) Adds the necessary pthread LDFLAGS to the Makefile.
+5) Allows a user-specified db directory using --localstatedir as a switch to
the configure script.
-5) Modifies the Makefile used to create the db files to reflect the directory
+6) Modifies the Makefile used to create the db files to reflect the directory
used to store the files, then copies the Makefile into this db directory.
@@ -168,15 +170,16 @@
./configure --prefix=/usr --localstatedir=/var/lib/nss_db
---prefix=/usr installs the library in /lib and the makedb program in /usr/bin
+--prefix=/usr: installs the library in /lib, the .so symlink to the library
+in /usr/lib and the makedb program in /usr/bin
---localstatedir=/var/lib/nss_db is used to point to the location of the
-actual db files created by the makedb program. The default location is
-/var/db, however there is no mention of this directory in the FHS guidelines.
-You may choose any directory you wish. If you desire the glibc default of
-/var/db, simply leave off the --localstatedir switch altogether.
+--localstatedir=/var/lib/nss_db: points to the location of the actual db files
+created by the makedb program. The default location is /var/db, however there
+is no mention of this directory in the FHS guidelines. You may choose any
+directory you wish. If you desire the Glibc default of /var/db, simply leave
+off the --localstatedir switch altogether.
Build the Package:
@@ -201,8 +204,16 @@
-Simply issue a "make install" command to install the package.
+Simply issue a "make install" command to install the package. If desired,
+create a /usr/share/doc/nss_db-2.2 directory and copy the README, INSTALL
+and this hint file into the directory. This will serve as the installed
+documentation for nss_db.
+Additionally, you may wish to remove the /lib/libnss_db.so file, as it was
+also installed into /usr/lib (where it belongs). Lastly, you can move the
+/lib/libnss_db.la file into /usr/lib, as this is the proper location for the
Stripping the Binaries:
@@ -218,23 +229,21 @@
If your system's /usr directory is not part of the root partition and is not
-mounted in single-user mode, you may wish to copy the DB libraries to /lib so
-that the nss_db library can find them during times when /usr is not mounted.
+mounted when in single-user mode, you may wish to copy the DB libraries to /lib
+so that the nss_db library can find them during times when /usr is not mounted.
-The following commands move libraries created by Berkeley DB-4.1.25. If you
-have installed a newer version of DB, you may need to change the following
+The following commands move libraries created by Berkeley DB-4.3.28. If you
+have installed a different version of DB, you may need to change the following
commands to reflect the actual names of the DB libraries.
Use the following commands to move the DB libraries and create symlinks in
/usr/lib pointing back to /lib so that programs looking for DB in /usr/lib
-mv /usr/lib/libdb-4.1.so /lib
+mv /usr/lib/libdb-4.3.so /lib
mv /usr/lib/libdb-4.so /lib
-mv /usr/lib/libdb.so /lib
-ln -s ../../lib/libdb-4.1.so /usr/lib/libdb-4.1.so
-ln -s ../../lib/libdb-4.so /usr/lib/libdb-4.so
-ln -s ../../lib/libdb.so /usr/lib/libdb.so
+ln -s ../../lib/libdb-4.3.so /usr/lib
+ln -s ../../lib/libdb-4.so /usr/lib
@@ -256,7 +265,7 @@
a different path on the --localstatedir switch to the configure command
during installation of the package.
-After creating the initinal db files, if you modify any of the /etc/flatfiles
+After creating the initial db files, if you modify any of the /etc/flatfiles
and want to update the db files, simply run the command again. The
appropriate db files will be updated to reflect the changes in the /etc
@@ -265,7 +274,7 @@
5. CONFIGURING /etc/nsswitch.conf
-So that glibc can use the db files, you'll need to make appropriate changes
+So that Glibc can use the db files, you'll need to make appropriate changes
to the /etc/nsswitch.conf file. I won't insult you by recommending any
necessary changes. If you're installing the nss_db package, you should know
how to use it! If you need a refresher, start by looking at the man page for
@@ -281,8 +290,13 @@
Testing the installation is simple. Modify any of the /etc/flatfiles and
run the make script to update the db files. Then remove the modifications
-from the /etc files and test.
+from the /etc files and test. You can test by logging into the system as
+a user identified only in the db files, or by using a service only identified
+in the services.db or protocol.db file.
+You can also test using the id and getent programs. The id program has a
+man page and getent --help will show you how to use getent.
Alternately, if you've already created the db files and don't wish to add
anything to them, make backup copies and remove a user from /etc/passwd
or an entry in /etc/services, or any other file you've identified in the
@@ -320,21 +334,13 @@
8. ISSUES, GOTCHAS AND OTHER SUNDRY ITEMS:
-1) I've not tested nss_db using anything but Berkeley DB-4.1.25. If you find
-this hint works using the newer DB-4.2.52 package, I would appreciate you
-dropping me a line letting me know this. I'll be testing this soon, but for
-now, I'm just making a note of it.
-2) I've not tested nss_db using NPTL builds. As soon as I get around to
-building an NPTL based system, I'll test this.
-1) Test nss_db using DB-4.2.52
-2) Test nss_db using NPTL based systems.
-3) Test nss_db using nss_updatedb to create passwd and group files based on
+1) Test nss_db using nss_updatedb to create passwd and group files based on
@@ -353,8 +359,14 @@
Luke Howard <lukeh_at_padl_dot_com> for a fix to an nss_db db-open bug
DJ Lucas <dj_at_lucasit_dot_com> for the research and assistance
+The folks at Red Hat for continuing to maintain nss_db from where
+many of the patches have been acquired.
* Original draft
+ * Updates to fix issues using newer versions of Glibc and Berkeley DB
More information about the hints