diff options
authorTom Ryder <tom@sanctum.geek.nz>2012-05-30 16:46:05 +1200
committerTom Ryder <tom@sanctum.geek.nz>2012-05-30 16:47:53 +1200
commit3865d9a25853995474f9141a5fdfc6cfe4477186 (patch)
parentSort output for tidiness (diff)
Include all the libnss libraries we can find
2 files changed, 29 insertions, 0 deletions
diff --git a/README.markdown b/README.markdown
index 0797e95..488d3c4 100644
--- a/README.markdown
+++ b/README.markdown
@@ -5,6 +5,10 @@ Clubber is a Perl script to make forming `chroot` environments less of a task
that makes you want to cry and kill yourself. It requires `ldd`. It should be
run interactively as `root`, *never* as an automated or unattended task.
+It includes all the `libnss*` libraries for you, since even static binaries
+require these libraries for `libc` functions. It doesn't include files like
+`/etc/passwd` or `/etc/resolv.conf`, though; those are up to you to craft.
If you're going to use Clubber to import your libraries for your `chroot`
environment, make sure you run it with `--dry` first, and that you're sure
you understand what it's going to do.
diff --git a/clubber b/clubber
index 0729d07..48bb5f4 100755
--- a/clubber
+++ b/clubber
@@ -21,6 +21,7 @@ use warnings;
use Cwd qw(abs_path);
use Digest::MD5;
use File::Basename;
+use File::Find;
use Getopt::Long;
@@ -83,6 +84,30 @@ foreach my $binary (@$binaries) {
+# Include all libnss libraries available, because even static binaries depend
+# on these for reading files like /etc/passwd. I leave importing those files to
+# you because it's entirely possible you actually intend to have a different
+# /etc/passwd or /etc/resolv.conf in your chroot environment. Good practice,
+# even.
+# If two of the libraries have the exact same filename, use the one with the
+# shortest complete path.
+my $nsslibs = {};
+my $nssfind = sub {
+ my $basename = $_;
+ if ($File::Find::name =~ /libnss/) {
+ if (!exists $nsslibs->{$basename} or length($File::Find::name) < length($nsslibs->{$basename})) {
+ $nsslibs->{$basename} = $File::Find::name;
+ }
+ }
+find($nssfind, qw(/lib /usr/lib));
+foreach my $nsslib (keys(%$nsslibs)) {
+ $libraries->{$nsslibs->{$nsslib}} = 1;
# If we have a chroot, we need to figure out what libraries require importing
# and which directories require creating.