Compiling NSS module in Docker Alpine - fatal error: nss.h: No such file or directory

Question

I built a SSH bastion image which allows customers to plug themselves over reverse SSH (both of them has an assigned port thanks to permitopen clause on authorized keys). I achieved this through a generic account which handles all public keys. Those keys are dynamically retrieved through a BASH script which pulls them from a HTTP server ( AuthorizedKeysCommand SSHD option).

My issue comes from the bastion's userbase which I would like being dynamic too (instead of having a generic user). To do that, I need a HTTP NSS module which does not exist as a native package, so I have to build it myself.

As a beginning, I found this project https://github.com/gmjosack/nss_http

Before updating the source code according to my needs, I'm trying to compile it in a sandbox image but I'm facing this compilation error

In file included from nss_http-passwd.c:1:
nss_http.h:8:10: fatal error: nss.h: No such file or directory
 #include <nss.h>
          ^~~~~~~
compilation terminated.
make: *** [Makefile:20: nss_http-passwd] Error 1

My current image is

FROM alpine

RUN apk update && \
    apk add bash gcc autoconf automake cmake make libc-dev curl-dev jansson-dev && \
    mkdir /src

WORKDIR /src

COPY . /src/

RUN make && make install

nss and nss-dev Alpine packages are linked to another NSS (Network Security Service)...

Any help would be greatly appreciated!

Answer 1

You should be good installing the musl-nscd-dev package:

apk add musl-nscd-dev

This package provides a minimal /usr/include/nss.h header file, that provides only the nss_status enum:

enum nss_status
{
    NSS_STATUS_TRYAGAIN = -2,
    NSS_STATUS_UNAVAIL = -1,
    NSS_STATUS_NOTFOUND = 0,
    NSS_STATUS_SUCCESS = 1,
    NSS_STATUS_RETURN = 2
};

Which is just enough for compiling nss_http-passwd.c .