Policy should require _pic libraries for static-only libraries

To: 345868@bugs.debian.org
Cc: debian-policy@lists.debian.org
Subject: Policy should require _pic libraries for static-only libraries
From: Nathanael Nerode <neroden@twcny.rr.com>
Date: Fri, 6 Jan 2006 05:58:41 -0500
Message-id: <[🔎] 200601060558.41417.neroden@twcny.rr.com>

Gerrit Pape wrote:
> Nothing forces a maintainer to provide a _pic.a library, original
> upstream says that this is not what the library is intended for.

Checked djb's website; he says absolutely nothing about _pic.a libraries.
There is no claim there that "that is not what the library is intended for".

He writes:
"Packages that need to read cdb files should incorporate the necessary 
portions of the cdb library rather than relying on an external cdb library."

Now, this makes security support more difficult for no apparent reason, but 
let's accept it!

If you're making a shared library, "incorporat[ing] the necessary portions of 
the cdb library" is normally done by linking in the _pic.a library.  So why 
isn't there a _pic.a library?

> I 
> can't see how you justify severity serious, not through policy AFAIK.
Good point.  Let's amend policy to require that a _pic.a library be provided
for any static-only library; it seems to be an unreasonable omission.  I 
wouldn't consider a library package which can't be used by any shared library 
to be releasable.  Would anyone else?

Reply to:

Follow-Ups:
- Re: Policy should require _pic libraries for static-only libraries
  - From: md@Linux.IT (Marco d'Itri)
- Re: Policy should require _pic libraries for static-only libraries
  - From: Roger Leigh <rleigh@whinlatter.ukfsn.org>

Prev by Date: ballad
Next by Date: Re: Policy should require _pic libraries for static-only libraries
Previous by thread: ballad
Next by thread: Re: Policy should require _pic libraries for static-only libraries
Index(es):
- Date
- Thread