I built a SSH bastion image which allows customers to plug themselves over reverse SSH (both of them has an assigned port thanks to permitopen
clause on authorized keys). I achieved this through a generic account which handles all public keys. Those keys are dynamically retrieved through a BASH script which pulls them from a HTTP server ( AuthorizedKeysCommand
SSHD option).
My issue comes from the bastion's userbase which I would like being dynamic too (instead of having a generic user). To do that, I need a HTTP NSS module which does not exist as a native package, so I have to build it myself.
As a beginning, I found this project https://github.com/gmjosack/nss_http
Before updating the source code according to my needs, I'm trying to compile it in a sandbox image but I'm facing this compilation error
In file included from nss_http-passwd.c:1:
nss_http.h:8:10: fatal error: nss.h: No such file or directory
#include <nss.h>
^~~~~~~
compilation terminated.
make: *** [Makefile:20: nss_http-passwd] Error 1
My current image is
FROM alpine
RUN apk update && \
apk add bash gcc autoconf automake cmake make libc-dev curl-dev jansson-dev && \
mkdir /src
WORKDIR /src
COPY . /src/
RUN make && make install
nss
and nss-dev
Alpine packages are linked to another NSS (Network Security Service)...
Any help would be greatly appreciated!
You should be good installing the musl-nscd-dev
package:
apk add musl-nscd-dev
This package provides a minimal /usr/include/nss.h
header file, that provides only the nss_status
enum:
enum nss_status
{
NSS_STATUS_TRYAGAIN = -2,
NSS_STATUS_UNAVAIL = -1,
NSS_STATUS_NOTFOUND = 0,
NSS_STATUS_SUCCESS = 1,
NSS_STATUS_RETURN = 2
};
Which is just enough for compiling nss_http-passwd.c
.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.