Bug#440394: marked as done (libc6: Change for #395177 favors /usr/local/lib over /usr/lib)

To: Pierre Habouzit <madcoder@debian.org>
Subject: Bug#440394: marked as done (libc6: Change for #395177 favors /usr/local/lib over /usr/lib)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Sat, 01 Sep 2007 10:12:07 +0000
Message-id: <[🔎] handler.440394.D440394.118864142724409.ackdone@bugs.debian.org>
References: <20070901101023.GA26926@artemis.corp> <[🔎] 1188628546.5573.2.camel@localhost.localdomain>

Your message dated Sat, 01 Sep 2007 12:10:23 +0200
with message-id <20070901101023.GA26926@artemis.corp>
and subject line Bug#440394: libc6: Change for #395177 favors /usr/local/lib over /usr/lib
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---

To: submit@bugs.debian.org
Subject: libc6: Change for #395177 favors /usr/local/lib over /usr/lib
From: Michael Urman <mu@tortall.net>
Date: Sat, 01 Sep 2007 01:35:46 -0500
Message-id: <[🔎] 1188628546.5573.2.camel@localhost.localdomain>

Package: libc6
Version: 2.6.1-1+b1
Severity: important

After installing libc6-2.6.1-1+b1, my gtk theme stopped working. I
eventually tracked it down to the change which added /usr/local/lib to
/etc/ld.so.conf.d/libc.conf, coupled with the fact I have an obsolete
build of gtk in /usr/local/lib used when I hack on gtk, and then I would
explicitly request it with an LD_* environment variable tweak. I can 
only imagine the chaos this might have caused trying to start a full
gnome session rather than just individual apps.

A snippet of ldd output from a gtk app (broken):
    libaspell.so.15 => /usr/lib/libaspell.so.15 (0xb7e62000)
    libgtk-x11-2.0.so.0 => /usr/local/lib/libgtk-x11-2.0.so.0
(0xb7ac8000)

I have worked around this by adding /usr/lib before /usr/local/lib in
the new libc.conf file, resulting in the equivalent snippet (fixed):
    libaspell.so.15 => /usr/lib/libaspell.so.15 (0xb7e5c000)
libgtk-x11-2.0.so.0 => /usr/lib/libgtk-x11-2.0.so.0 (0xb7b0b000)

This could easily be considered a security hole, thus raising this to
critical, but I was not ready to make that assertion.

-- System Information:
Debian Release: lenny/sid
  APT prefers testing
  APT policy: (900, 'testing'), (601, 'unstable')
Architecture: i386 (i686)

Kernel: Linux 2.6.18-4-k7 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages libc6 depends on:
ii  libgcc1                       1:4.2.1-4  GCC support library

libc6 recommends no packages.

-- no debconf information

--- End Message ---

--- Begin Message ---

To: Michael Urman <mu@tortall.net>, 440394-done@bugs.debian.org
Subject: Re: Bug#440394: libc6: Change for #395177 favors /usr/local/lib over /usr/lib
From: Pierre Habouzit <madcoder@debian.org>
Date: Sat, 01 Sep 2007 12:10:23 +0200
Message-id: <20070901101023.GA26926@artemis.corp>
In-reply-to: <[🔎] 1188628546.5573.2.camel@localhost.localdomain>
References: <[🔎] 1188628546.5573.2.camel@localhost.localdomain>

On Sat, Sep 01, 2007 at 06:35:46AM +0000, Michael Urman wrote:
> Package: libc6
> Version: 2.6.1-1+b1
> Severity: important
> 
> After installing libc6-2.6.1-1+b1, my gtk theme stopped working. I
> eventually tracked it down to the change which added /usr/local/lib to
> /etc/ld.so.conf.d/libc.conf, coupled with the fact I have an obsolete
> build of gtk in /usr/local/lib used when I hack on gtk, and then I would
> explicitly request it with an LD_* environment variable tweak. I can 
> only imagine the chaos this might have caused trying to start a full
> gnome session rather than just individual apps.
> 
> A snippet of ldd output from a gtk app (broken):
>     libaspell.so.15 => /usr/lib/libaspell.so.15 (0xb7e62000)
>     libgtk-x11-2.0.so.0 => /usr/local/lib/libgtk-x11-2.0.so.0
> (0xb7ac8000)
> 
> I have worked around this by adding /usr/lib before /usr/local/lib in
> the new libc.conf file, resulting in the equivalent snippet (fixed):
>     libaspell.so.15 => /usr/lib/libaspell.so.15 (0xb7e5c000)
> libgtk-x11-2.0.so.0 => /usr/lib/libgtk-x11-2.0.so.0 (0xb7b0b000)
> 
> This could easily be considered a security hole, thus raising this to
> critical, but I was not ready to make that assertion.

  this change is similar to the fact that /usr/local/bin is before
/usr/bin in the path. /usr/local cannot be written to if you're not
root, and usually if the admin is dumb enough to put broken things in
/usr/local he is also dumb enough to break his machine in many other
places.

  Yes /usr/local/ takes precedence over the usual /usr because its
semantics is that /usr/local contains localy, manually installed
packages, that's all. It's not a bug, it's how it's supposed to be.

  And if it breaks things for you, then cleanse your /usr/local, full
stop.

-- 
·O·  Pierre Habouzit
··O                                                madcoder@debian.org
OOO                                                http://www.madism.org

Attachment: pgpVTaMlNEfLZ.pgp
Description: PGP signature

--- End Message ---

Reply to:

References:
- Bug#440394: libc6: Change for #395177 favors /usr/local/lib over /usr/lib
  - From: Michael Urman <mu@tortall.net>

Prev by Date: Bug#440394: libc6: Change for #395177 favors /usr/local/lib over /usr/lib
Next by Date: r2525 - glibc-package/trunk/debian/debhelper.in
Previous by thread: Bug#440394: libc6: Change for #395177 favors /usr/local/lib over /usr/lib
Next by thread: r2525 - glibc-package/trunk/debian/debhelper.in
Index(es):
- Date
- Thread