Re: SASL/LDAP/DB dependency hell. (was: Accepted cyrus-sasl 1.5.27-3.4 (i386 source))

To: debian-devel@lists.debian.org
Subject: Re: SASL/LDAP/DB dependency hell. (was: Accepted cyrus-sasl 1.5.27-3.4 (i386 source))
From: Steve Langasek <vorlon@netexpress.net>
Date: Thu, 10 Apr 2003 21:49:25 -0500
Message-id: <[🔎] 20030411024924.GG10203@quetzlcoatl.dodds.net>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <[🔎] 87y92jasgr.fsf@frobnitz.ddts.net>
References: <E192fd0-0001Dz-00@auric.debian.org> <[🔎] Pine.LNX.4.53.0304081903190.24250@onqynaqf.yrkvatgba.voz.pbz> <[🔎] 20030409134945.GB1773@balrog.logic.univie.ac.at> <[🔎] 87y92jasgr.fsf@frobnitz.ddts.net>

On Wed, Apr 09, 2003 at 09:26:12PM -0700, Daniel Schepler wrote:

> > On Tue, Apr 08, 2003 at 07:07:33PM -0400, Richard A Nelson wrote:
> > > Why was this rebuilt with libdb2-dev ?  Shouldn't we be trying to
> > > get things to db4.1 at this point ?  I'd think db3 at a minimum.

> > > This isn't just idle curiosity either, SASL impacts MANY packages -
> > > most MTAs and anything using OpenLDAP.

> > > If we don't agree on a minimum, or at least a preferred lib... we're
> > > going to have packages linked against 3 different levels - not fun

> > Hello,
> > Actually it is much simpler, many packages are simply not compileable
> > anymore:

> > libldap2-dev depends on libsasl-dev [1]
> > libsasl-dev depends on libdb2-dev (>= 2.7.7.0-7) [2]
> > libdb3-dev conflicts with libdb2-dev

> > [1] introduced in response to #164791
> > [2] introduced in response to #168993

> > libtool strikes again, quoting from the report
> > | /usr/lib/libsasl.la contains -lpam as a dependency, so -lsasl can't be
> > | linked using libtool without libpam0g-dev being installed.

> > This hits almost anything linking against libldap2, including postfix
> > (db3), apache2 (db4.1), xemacs21(db3), sendmail (db3), KDE (db4.0),

> I'm going to prepare a new NMU in which libsasl-dev has that
> dependency changed to "libdb2-dev | libdb-dev", which should satisfy
> the libtool issue while still allowing libdb4.0-dev, etc.  Hopefully
> because of the versioned symbols in libdb2 this won't result in
> breakage.

Whether or not it results in breakage, it still compounds the
libtool-induced problem of linking against libraries that aren't needed.
If you allow this dependency to be satisfied by any version of
libdb-dev, we may end up with binaries for applications that don't
directly use libdb *at all* being linked against an extraneous version
that happens to be on the system at the time.

A much saner solution would be to simply stop shipping the .la file in
libsasl-dev.  Its only reasonable application on Linux systems is for
static linking, and even there it's a convenience, not a necessity.
Since Debian doesn't ship statically linked binaries (with few
exceptions), and few users are likely to be statically linking libsasl
anyway, I think this is the best choice.  Note that OpenLDAP 2.1
currently uses the .la file (via ltdl_open()) for dynamic loading of
libraries, but I think work is being done to correct this unnecessary
dependency as well.

-- 
Steve Langasek
postmodern programmer

Attachment: pgpH5RZbUa3FF.pgp
Description: PGP signature

Reply to:

References:
- Re: Accepted cyrus-sasl 1.5.27-3.4 (i386 source)
  - From: Richard A Nelson <cowboy@debian.org>
- SASL/LDAP/DB dependency hell. (was: Accepted cyrus-sasl 1.5.27-3.4 (i386 source))
  - From: Andreas Metzler <ametzler@logic.univie.ac.at>
- Re: SASL/LDAP/DB dependency hell. (was: Accepted cyrus-sasl 1.5.27-3.4 (i386 source))
  - From: Daniel Schepler <schepler@math.berkeley.edu>

Prev by Date: Re: bad postinst in kernel-images
Next by Date: Suggestions accepted
Previous by thread: Re: SASL/LDAP/DB dependency hell.
Next by thread: Re: SASL/LDAP/DB dependency hell. (was: Accepted cyrus-sasl 1.5.27-3.4 (i386 source))
Index(es):
- Date
- Thread