Introduction to NSS
The Network Security Services (NSS) package is a set of libraries designed to
support cross-platform development of security-enabled client and
server applications. Applications built with NSS can support SSL v2
and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3
certificates, and other security standards. This is useful for
implementing SSL and S/MIME or other Internet security standards
into an application.
The NSS package requires the
Netscape Portable Runtime (NSPR) libraries as a prerequisite for
building. The NSS package tarball
contains the code necessary to build the NSPR libraries. These
libraries are built and installed using the instructions below.
Essentially, the NSS package is
now a combined NSS/NSPR
installation.
Package Information
Additional Downloads
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/nss
Installation of NSS
Install NSS by running the
following commands:
bash
export WORKINGDIR=$PWD &&
export BUILD_OPT=1 &&
patch -Np1 -i ../nss-3.11.3-with-nspr-4.6.3-fedora_fixes-1.patch &&
cd mozilla/security/nss &&
make nss_build_all &&
cd ../.. &&
export NSS_LINUXDIR=$(basename `ls -d $WORKINGDIR/mozilla/dist/Linux*`)
To test the results, you'll need to set the domain name of your
system in the DOMSUF environment variable.
Most of the tests will fail if you don't provide the correct domain
name. A self-generated log file will be parsed at the end of the
test to display how many tests passed. It should return 800. To run
the tests, ensure you change the export DOMSUF command below to an
appropriate value, e.g., mydomain.com and issue the following
commands:
bash
export DOMSUF=<validdomain.name> &&
export PATH=$PATH:$WORKINGDIR/mozilla/dist/$NSS_LINUXDIR/bin &&
export TEST_RESULTSDIR=$WORKINGDIR/mozilla/tests_results/security &&
cd security/nss/tests &&
sed -i 's/gmake/make/' common/init.sh &&
./all.sh &&
grep Passed $TEST_RESULTSDIR/$(hostname).1/results.html | wc -l &&
exit
![[Caution]](../images/caution.png)
Caution
If you switch to the root user
using a method that does not inherit the environment from the
unprivileged user, ensure that root's NSS_LINUXDIR
environment variable is set correctly before proceeding with
the installation commands.
Now, as the root user:
install -v -m755 nsprpub/$NSS_LINUXDIR/config/nspr-config \
security/nss/cmd/config/nss-config \
/usr/bin &&
install -v -m755 -d /usr/lib/pkgconfig &&
install -v -m644 nsprpub/lib/pkgconfig/nspr.pc \
security/nss/lib/pkgconfig/nss.pc \
/usr/lib/pkgconfig &&
cd dist &&
install -v -m755 $NSS_LINUXDIR/lib/*.so /usr/lib &&
install -v -m644 $NSS_LINUXDIR/lib/{*.chk,libcrmf.a} /usr/lib &&
install -v -m755 -d /usr/include/{nss,nspr} &&
install -v -m644 {public,private}/nss/* /usr/include/nss &&
cp -v -RL $NSS_LINUXDIR/include/* /usr/include/nspr &&
chmod -v 644 /usr/include/nspr/prvrsion.h
Now as the unprivileged user, exit the bash shell started at the beginning of
the installation to restore the environment to the original state.
exit
Command Explanations
bash: Shells are
started as many environment variables are created during the
installation process. Exiting the shells serves the purpose of
restoring the environment and returning back to the original
directory when the installation is complete.
export
WORKINGDIR=$PWD: This variable is set because many
of the commands are dependent on knowing the full path of certain
directories. WORKINGDIR establishes a known
path so that all others can be determined relative to this.
export BUILD_OPT=1:
This variable is set so that the build is performed with no
debugging symbols built into the binaries and that the default
compiler optimizations are used.
export
NSS_LINUXDIR=...: This variable is set so that the
exact name of the architecture specific directories where the
binaries are stored in the source tree can be determined.
make nss_build_all:
This command builds the NSPR and NSS libraries and creates a dist directory which houses all the programs,
libraries and interface headers. None of the programs created by
this process are installed onto the system using the default
instructions. If you need any of these programs installed, you can
find them in the mozilla/dist/bin
directory of the source tree.
export PATH=...: This
command sets the PATH environment variable
to include the executables in the source tree as some of them are
required to run the test suite.
sed -i 's/gmake/make/'
common/init.sh: This command changes the command
used to compile some test programs.
Contents
Installed
Programs: nspr-config and
nss-config
Installed
Libraries: libcrmf.a,
libfreebl3.so, libnspr4.so, libnss3.so, libnssckbi.so,
libplc4.so, libplds4.so, libsmime3.so, libsoftokn3.so and
libssl3.so
Installed
Directories: /usr/include/nspr and /usr/include/nss
Short Descriptions
|
nspr-config
|
is used to determine the NSPR installation settings of
the installed NSPR libraries.
|
|
nss-config
|
is used to determine the NSS library settings of the
installed NSS libraries.
|
The libnspr4.so, libplc4.so and libplds4.so libraries make up the Netscape Portable
Runtime (NSPR) libraries. These libraries provide a
platform-neutral API for system level and libc like functions. The
API is used in the Mozilla client, many of the Netscape/AOL/iPlanet
offerings and other software applications.
The libcrmf.a, libfreebl.so, libnss3.so,
libnssckbi.so, libsmime3.so, libsoftokn3.so and libnssl3.so libraries make up the NSS libraries.
Last updated on 2007-01-18 13:38:19 -0600