Control: affects -1 debsig-verify Hi Guillem,
On Tue, 22 Jun 2010 14:32:27 +0200 Guillem Jover <[email protected]> wrote: > Hi! > > On Sun, 2010-06-20 at 19:12:46 +0200, Denis Washington wrote: > > Package: libdpkg-dev > > Version: 1.15.7.2 > > Severity: normal > > Tags: patch > > > > I am trying to build a shared library where libdpkg.a (from libdpkg-dev > > 1.15.7.2, installed on Ubuntu 10.04) should be linked into. I get the > > following error, though: > > > > /usr/bin/ld: /usr/lib/dpkg/libdpkg.a(database.o): relocation R_X86_64_32S > > against `.bss' can not be used when making a shared object; recompile with > > -fPIC > > > > This is because the objects in libdpkg.a are not compiled to > > position-independent code (with gcc -fPIC). I believe that should be > > done, though, to make using libdpkg.a in shared libraries possible. > > As explained on the mailing list, this will not be enough for your > purposes anyway. > > > Attached is a trivial patch that adds -fPIC to CFLAGS. > > But then if we were to provide a PIC enabled library, we'd have to > build it twice w/ and w/o PIC (to something like libdpkg-pic.a), as > the normal static library should not be PIC enabled. But right now > I'd rather not, as other libraries might start exposing libdpkg through > other shared libraries, when there's no guarantees of stability at all. Recent discussion on debian devel suggests that it is a better practice to use -fPIC even for static libraries: https://lists.debian.org/debian-devel/2016/05/msg00309.html I faced this issue while testing enabling PIE (and bindnow) for whole ports. Please see debsig-verify's build log here: https://people.debian.org/~rbalint/build-logs/pie-bindnow-20160906/debsig-verify_0.15_amd64.build.gz At the moment there is now way to enable PIE for debsig-verify due to this bug. I understand that you don't want to ship a shared library thus please build libdpkg.a with -fPIC. Thanks, Balint
