Re: dpkg-shlibdeps and private libraries

To: debian-devel@lists.debian.org
Subject: Re: dpkg-shlibdeps and private libraries
From: Ian Jackson <ian@davenant.greenend.org.uk>
Date: Sat, 17 Nov 2007 16:24:18 +0000
Message-id: <[🔎] 18239.5554.244639.760276@davenant.relativity.greenend.org.uk>
In-reply-to: <[🔎] 20071113190122.GE28566@dario.dodds.net>
References: <[🔎] Pine.LNX.4.64.0711060841300.10014@wr-linux02> <[🔎] 20071113190122.GE28566@dario.dodds.net>

Steve Langasek writes ("Re: dpkg-shlibdeps and private libraries"):
> On Tue, Nov 06, 2007 at 08:51:05AM +0100, Andreas Tille wrote:
> FWIW, I don't agree that this is a fix.  In one sense it makes /usr/lib
> "cleaner" by moving private libs into a private directory; however:

There is at least one significant difference between libraries in
/usr/lib and ones in a private application directory: LD_PRELOAD
cannot be used to force the loading of the latter by set-id programs.

For example, authbind contains /usr/lib/authbind/libauthbind.so.1
which is there for that reason.  If I make a symlink into /usr/lib I
get this behaviour:

-anarres:~> ll -uL --full-time /usr/lib/libauthbind.so.1 
-rw-r--r-- 1 root root 5944 2007-11-17 16:18:32.000000000 +0000 /usr/lib/libauthbind.so.1
-anarres:~> date
Sat Nov 17 16:19:06 GMT 2007
-anarres:~> LD_PRELOAD=/usr/lib/libauthbind.so.1 really id
uid=0(root) gid=100(ian) groups=0(root),4(adm),6(disk),7(lp),8(mail),9(news),24(cdrom),25(floppy),26(tape),29(audio),33(www-data),35(dos),37(operator),40(src),42(shadow),50(staff),60(games),100(ian),200(ian-p),300(exim),500(house),1143(mirror),5063(anarubun)
-anarres:~> ll -uL --full-time /usr/lib/libauthbind.so.1 
-rw-r--r-- 1 root root 5944 2007-11-17 16:19:10.000000000 +0000 /usr/lib/libauthbind.so.1
-anarres:~> id
uid=100(ian) gid=100(ian) groups=0(root),4(adm),6(disk),7(lp),8(mail),9(news),24(cdrom),25(floppy),26(tape),29(audio),33(www-data),35(dos),37(operator),40(src),42(shadow),50(staff),60(games),100(ian),200(ian-p),300(exim),500(house),1143(mirror),5063(anarubun)
-anarres:~>

This is not desirable.

There are other reasons or kinds of library for which /usr/lib is not
appropriate, for example application plugins.  For example, Tcl
extensions are moving into a separate directory.

> - By moving the libs out of the default search path, you introduce the
>   possibility that an unrelated library will have the same name in /usr/lib;
>   this is a potential source of user confusion, as well as
>   difficult-to-diagnose corner-case bugs

Obviously one still needs to avoid name clashes.

> So I think it's better to leave these libraries in /usr/lib instead of using
> rpath.

My arguments and examples above don't apply to libraries that ought to
_only_ be autoloaded via rpath.  But not all uses of rpath are wrong.

For example the Tcl extension modules in chiark-tcl will be moving out
of /usr/lib and because they have interdependencies, rpath will be
needed to find them.  This can't feasibly be done `by hand' in the
Tcl-called initialisation function but there is no application which
needs to load the top of the library stack other than Tcl.

Ian.

Reply to:

Follow-Ups:
- Re: dpkg-shlibdeps and private libraries
  - From: Steve Langasek <vorlon@debian.org>

References:
- Re: dpkg-shlibdeps and private libraries
  - From: Andreas Tille <tillea@rki.de>
- Re: dpkg-shlibdeps and private libraries
  - From: Steve Langasek <vorlon@debian.org>

Prev by Date: Re: buildds: "Authentication warning overridden."
Next by Date: Re: debian archive integrity check tool?
Previous by thread: Re: dpkg-shlibdeps and private libraries
Next by thread: Re: dpkg-shlibdeps and private libraries
Index(es):
- Date
- Thread