NSS环境下getpwnam_r总是返回NULL的问题(busybox的login.c)

用了6个小时解决这个问题.

下面是busybox的login.c的code:
pw = NULL;
getpwnam_r(username, &pwdstruct, pwdbuf, sizeof(pwdbuf), &pw);
if (!pw)
goto auth_failed;
getpwnam_r()总是返回NULL， 换成getpwnam()也是一样的。
但是自己类似busybox写的下面的代码运行没问题：

#include <sys/types.h>
#include <stdio.h>
#include <pwd.h>
#include <security/pam_appl.h>
#include <security/pam_misc.h>
static const struct pam_conv conv = {
misc_conv,
NULL
};

int main(int argc, char ** argv)
{
struct passwd * pw = NULL;
char *username = "abc";
int pamret;
pam_handle_t *pamh;
const char *pamuser;
const char *failed_msg;
struct passwd pwdstruct;
char pwdbuf[256];
char **pamenv;
pamret = pam_start("login", username, &conv, &pamh);
if (pamret != PAM_SUCCESS) {
printf("start failed\n");
}


pamret = pam_set_item(pamh, PAM_RHOST, "132.196.28.190");
if (pamret != PAM_SUCCESS) {
printf("set item failed\n");
}

pamret = pam_authenticate(pamh, 0);
if (pamret != PAM_SUCCESS) {
printf("auth failed\n");
}
/* check that the account is healthy */
pamret = pam_acct_mgmt(pamh, 0);
if (pamret != PAM_SUCCESS) {
printf("acct failed\n");
}
/* read user back */
pamuser = NULL;
/* gcc: "dereferencing type-punned pointer breaks aliasing rules..."
* thus we cast to (void*) */
if (pam_get_item(pamh, PAM_USER, (void*)&pamuser) != PAM_SUCCESS) {
printf("get user failed\n");
}
if (!pamuser || !pamuser[0])
printf("user is null failed\n");

pw = getpwnam(pamuser);

if (!pw)
{
printf("getpwnam failed\n");
return 1;
}

printf("getpwnam results:\n");
printf("user:\t%s\n", pw->pw_name);
printf("crypt:\t%s\n", pw->pw_passwd);
printf("uid:\t%d\n", pw->pw_uid);
printf("gid:\t%d\n", pw->pw_gid);
printf("home:\t%s\n", pw->pw_dir);
printf("shell\t%s\n", pw->pw_shell);
return 0;
}

原因是busybox的USE_BB_PWD_GRP配置的问题。如果这个配置是y，就不会调用glibc的pwssword/group相关函数。这也是为什么自己写程序运行没问题， 而busybox有问题。

config USE_BB_PWD_GRP
bool "Use internal password and group functions rather than system functions"
default y
help
  If you leave this disabled, busybox will use the system's password and group functions. And if you are using the GNU C library (glibc), you will then need to install the /etc/nsswitch.conf configuration file and the required /lib/libnss_* libraries in order for the password and group functions to work. This generally makes your embedded system quite a bit larger.
  Enabling this option will cause busybox to directly access the system's /etc/password, /etc/group files (and your system will be smaller, and I will get fewer emails asking about how glibc NSS works). When this option is enabled, you will not be able to use PAM to access remote LDAP password servers and whatnot. And if you want hostname resolution to work with glibc, you still need the /lib/libnss_* libraries.
  If you need to use glibc's nsswitch.conf mechanism
  (e.g. if user/group database is NOT stored in /etc/passwd etc), you must NOT use this option.

  If you enable this option, it will add about 1.5k.