I'm building a sudo embedded "execution enviornment" for in-house plant floor apps. (we are porting inhouse apps currently running on window pc's) I'm a newbie at this even though i have use linux quite often before, but never built from ground up before.
I have started from the begining: Dowloaded the latest kernel source, build a kernel and initfs image with busybox. busybox is complied dynamically against glibc (the version that comes with fedora core 6, my build box belive it's 2.5 from the numbers listed in the libs). The whole system run from the initramfs image. I'm booting (at least for now) with syslinux from a USB key. I grabbed libc, libm libz, libcrypt, libnss_file amd ld-linuxfrom my box and created a nsswitch.conf file with 3 line for passwd, shadow and group to use "file". There may have been another lib as well... i took whatever ldd on the busybox and bropbear executables listed plus libnss_file. I built dropbear as multi daemon (no inetd) with server client key and scp, dyncalically linked and dropped the binary in /sbin/ and created the symlinks. I can run dbclient to my host box fine, but when connecting to my build box the spawned process goes 100% cpu and wont return untill killed. Reading the list archive I atempted connecting with : ssh -t [EMAIL PROTECTED] "echo 123" to see if the was a problem creating tty/pty but the result is the same. Initailly I got a message stateing invalid shell, but after adding a /etc/shells file with /bin/ash in it, it went away be ing replaces but quiet cpu chugging. my /dev file system is very small : sda, sda1, sda2 (for mounting the rest of the usb key) random, console, null, tty and tty0 - tty5. When running with dropbear -F -E I get the message of the new connection but no other messages. I can locally authenticate my users in the /etc/ passwd\shadow files using busybox login (built without support for direct passwd filel access) so I know that part works. I most likely do not have my network environment setup for name resolution. I don't now if that matters. This was done deliberate as we use direct IP connections for everything. Any pointer, help or suggestions are appreciated. Mikael Ostensson
