Your message dated Sat, 01 Sep 2007 12:10:23 +0200 with message-id <20070901101023.GA26926@artemis.corp> and subject line Bug#440394: libc6: Change for #395177 favors /usr/local/lib over /usr/lib has caused the attached Bug report to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database)
--- Begin Message ---
- To: submit@bugs.debian.org
- Subject: libc6: Change for #395177 favors /usr/local/lib over /usr/lib
- From: Michael Urman <mu@tortall.net>
- Date: Sat, 01 Sep 2007 01:35:46 -0500
- Message-id: <[🔎] 1188628546.5573.2.camel@localhost.localdomain>
Package: libc6 Version: 2.6.1-1+b1 Severity: important After installing libc6-2.6.1-1+b1, my gtk theme stopped working. I eventually tracked it down to the change which added /usr/local/lib to /etc/ld.so.conf.d/libc.conf, coupled with the fact I have an obsolete build of gtk in /usr/local/lib used when I hack on gtk, and then I would explicitly request it with an LD_* environment variable tweak. I can only imagine the chaos this might have caused trying to start a full gnome session rather than just individual apps. A snippet of ldd output from a gtk app (broken): libaspell.so.15 => /usr/lib/libaspell.so.15 (0xb7e62000) libgtk-x11-2.0.so.0 => /usr/local/lib/libgtk-x11-2.0.so.0 (0xb7ac8000) I have worked around this by adding /usr/lib before /usr/local/lib in the new libc.conf file, resulting in the equivalent snippet (fixed): libaspell.so.15 => /usr/lib/libaspell.so.15 (0xb7e5c000) libgtk-x11-2.0.so.0 => /usr/lib/libgtk-x11-2.0.so.0 (0xb7b0b000) This could easily be considered a security hole, thus raising this to critical, but I was not ready to make that assertion. -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (900, 'testing'), (601, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.18-4-k7 (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages libc6 depends on: ii libgcc1 1:4.2.1-4 GCC support library libc6 recommends no packages. -- no debconf information
--- End Message ---
--- Begin Message ---
- To: Michael Urman <mu@tortall.net>, 440394-done@bugs.debian.org
- Subject: Re: Bug#440394: libc6: Change for #395177 favors /usr/local/lib over /usr/lib
- From: Pierre Habouzit <madcoder@debian.org>
- Date: Sat, 01 Sep 2007 12:10:23 +0200
- Message-id: <20070901101023.GA26926@artemis.corp>
- In-reply-to: <[🔎] 1188628546.5573.2.camel@localhost.localdomain>
- References: <[🔎] 1188628546.5573.2.camel@localhost.localdomain>
On Sat, Sep 01, 2007 at 06:35:46AM +0000, Michael Urman wrote: > Package: libc6 > Version: 2.6.1-1+b1 > Severity: important > > After installing libc6-2.6.1-1+b1, my gtk theme stopped working. I > eventually tracked it down to the change which added /usr/local/lib to > /etc/ld.so.conf.d/libc.conf, coupled with the fact I have an obsolete > build of gtk in /usr/local/lib used when I hack on gtk, and then I would > explicitly request it with an LD_* environment variable tweak. I can > only imagine the chaos this might have caused trying to start a full > gnome session rather than just individual apps. > > A snippet of ldd output from a gtk app (broken): > libaspell.so.15 => /usr/lib/libaspell.so.15 (0xb7e62000) > libgtk-x11-2.0.so.0 => /usr/local/lib/libgtk-x11-2.0.so.0 > (0xb7ac8000) > > I have worked around this by adding /usr/lib before /usr/local/lib in > the new libc.conf file, resulting in the equivalent snippet (fixed): > libaspell.so.15 => /usr/lib/libaspell.so.15 (0xb7e5c000) > libgtk-x11-2.0.so.0 => /usr/lib/libgtk-x11-2.0.so.0 (0xb7b0b000) > > This could easily be considered a security hole, thus raising this to > critical, but I was not ready to make that assertion. this change is similar to the fact that /usr/local/bin is before /usr/bin in the path. /usr/local cannot be written to if you're not root, and usually if the admin is dumb enough to put broken things in /usr/local he is also dumb enough to break his machine in many other places. Yes /usr/local/ takes precedence over the usual /usr because its semantics is that /usr/local contains localy, manually installed packages, that's all. It's not a bug, it's how it's supposed to be. And if it breaks things for you, then cleanse your /usr/local, full stop. -- ·O· Pierre Habouzit ··O madcoder@debian.org OOO http://www.madism.orgAttachment: pgpVTaMlNEfLZ.pgp
Description: PGP signature
--- End Message ---