openssh static build - mission impossible?
Mr Dash Four
mr.dash.four at googlemail.com
Wed Mar 7 02:13:17 EST 2012
> Sounds like he's been bitten by RedHat/Fedora's policy to replace all
> crypto on the system with MozillaNSS.
I can confirm that is indeed the case, sadly! I spend this morning
looking at the libc files and the references are there for all to see.
Why Fedora choose to do it that way I'd never know!
> You could easily dig up an unmodified glibc source to replace this.
By "unmodified" I presume you mean free of the nss dependencies Fedora
introduced, right? Is there a way to recompile libc, but exclude those
dependencies (replacing libc completely is going to open a whole new can
of worms, I think).
> Also, the suggestion to use uClibc is still a better one. It will make
> static linking that much easier as well. Another option is to grab
> Bionic from the Android source tree; either of these is more compact
> than the stock Fedora monstrosity.
The problem with this approach is that I already use a compiler as well
as all sorts of other applications, which rely on a particular version
of libc present. I am not sure if I can just replace it with something
else. If I could recompile the same libc version, but somehow "strip"
the nss dependencies, I think that would be the best course of action
without causing mayhem.
More information about the openssh-unix-dev
mailing list