On Sat, 24 Jan 2004, David Dawes wrote:
Hi,
I see the patch already comitted to xc tree so wanted to compile xfree86
with -rpath ...
> On Sat, Jan 24, 2004 at 06:09:46PM +0100, Matthieu Herrb wrote:
> >David Dawes wrote (in a message from Saturday 24)
>
> > > If there is no general consensus, I will at least add a build option to
> > > make it easy to turn -rpath on or off for a host.def setting, and leave
> > > the defaults as they are now.
> >
> >Yes I think this makes sense.
>
> A proposed patch is attached. I've tested it on FreeBSD and Linux.
> The defaults are unchanged. UseRpath can be defined to YES or NO in
> host.def to override.
How about documenting this in the xc/config/cf/README file?
I went through thenet and collected some interresting links on this topic:
In general, tt's the task for sysadmin to define that during installation.
And sysadmin can even compile several versions of X and keep them in
separate locations with "hardcoded" rpath in each. User can override that
using LD_LIBRARY_PATH, but it's not recommended, especially not having set
LD_LIBRARY_PATH system-wide (as I do on my systems). :( Yes, I know why I
paly with LD_LIBRRY_PATH - as some apps don't find my libs in
/software/@sys/usr path, a bit exotic right?
If all those different installations of X use different ShLibDir and
LibDir I think they can nicely coexist.
I don't accept that using -rpath slows down the loader during execution
as someone noted on the list (http://XFree86.Org/mailman/private/devel/).
It seems LD_LIBRARY_PATH slows down the execution, the path compiled into
the binary with -rpath should be exactly the right one.
I will stick to -rpath on Linux, so what should I do to compile X with
it on Linux and where is it documented, Dave?;)
The -rpath security question might be better posted to BUGTRAQ list. Yes,
I know LD_LIBRARY_PATH is ignored when SUID, but why shouldn't the path be
hardcoded? We anyway know the installation prefix while compiling, so ...?
Quick google search gives some good emails, the latter the better. ;)
http://seclists.org/lists/pen-test/2001/Oct/0166.html
http://www-unix.globus.org/mail_archive/security/2001/Archive/msg00346.html
http://lists.debian.org/debian-mentors/2000/debian-mentors-200010/msg00034.html
http://gcc.gnu.org/ml/libstdc++/2001-11/msg00040.html
http://gcc.gnu.org/ml/java/2000-06/msg00069.html
http://docs.sun.com/db/doc/816-0559/6m71o2agp?a=view
http://www.visi.com/~barr/ldpath.html
http://www.esat.kuleuven.ac.be/~gcc/shared_libraries.html
All after all, isn't exactly this email thread at
http://lists.debian.org/debian-hurd/2000/debian-hurd-200010/msg00326.html a
good example why xfree86 should have rather used -rpath:
- people will not have to modify LD_LIBRARY_PATH nor depend on
/etc/ld.so.conf
- make people stop using LD_LIBRARY_PATH if it causes troubles to them
time to time, as X will run without LD)LIBRARY_PATH always(as teh sysadmin
knew well where X will be placed
So why not -rpath by default?
One last which gives another view on this OSF1 manpage:
http://www.uwm.edu/cgi-bin/IMT/wwwman?topic=loader(5)&msection=3
<quote>
To ensure compatibility, applications may choose to disallow exec-time or
run-time library replacement. The ld(1) program supports a flag,
-no_library_replacement, to facilitate this feature.
</quote>
On Tru64Unix 5.1A(OSF1 successor) I see:
-nolibrary_replacement
Set an option in the dynamic section of the output object so that rld
does not allow exec-time or run-time changing of the path (except for
super user) to find the shared objects. Typically, the option is used
by system utilities for security purposes.
This I would call security. Those who want several concurrent installation
of X have to decide what the location will be during link step. Others are
supposed to be users and should play with LD_LIBRARY_PATH, but let's
prevents them with -nolibrary_replacement on OSF1 and possibly other
platforms too. I cannot find such an ld(1) flag.
Opinions? Thanks!
# strings /usr/lib/libncurses.so
/* GNU ld script
Because Gentoo have critical dynamic libraries
in /lib, and the static versions in /usr/lib, we
need to have a "fake" dynamic lib in /usr/lib,
otherwise we run into linking problems.
See bug #4411 on http://bugs.gentoo.org/ for
more info. */
GROUP ( /lib/libncurses.so )
#
--
Martin Mokrejs <[EMAIL PROTECTED]>
PGP5.0i key is at http://www.natur.cuni.cz/~mmokrejsIndex: FreeBSD.cf
===================================================================
RCS file: /home/x-cvs/xc/config/cf/FreeBSD.cf,v
retrieving revision 3.145
diff -u -r3.145 FreeBSD.cf
--- FreeBSD.cf 6 Dec 2003 19:24:11 -0000 3.145
+++ FreeBSD.cf 25 Jan 2004 03:39:51 -0000
@@ -321,22 +321,53 @@
* and they can remove it from the list of directories they add to ld.so.cache
* in their /etc/rc file.
*/
-#if OSMajorVersion > 2 || (OSMajorVersion == 2 && OSMinorVersion >= 2)
-#ifndef ExtraLoadFlags
-#if UseElfFormat
-#define ExtraLoadFlags -Wl,-rpath,$(USRLIBDIRPATH)
-Wl,-rpath-link,$(BUILDLIBDIR)
-#else
-#define ExtraLoadFlags -Wl,-R,$(USRLIBDIRPATH)
+
+#ifndef UseRpath
+# define UseRpath YES
#endif
+
+#if OSMajorVersion > 2 || (OSMajorVersion == 2 && OSMinorVersion >= 2)
+
+# ifndef RpathLoadFlags
+# if UseRpath
+# if UseElfFormat
+# define RpathLoadFlags -Wl,-rpath,$(USRLIBDIRPATH)
+# else
+# define RpathLoadFlags -Wl,-R,$(USRLIBDIRPATH)
+# endif
+# else
+# define RpathLoadFlags /**/
+# endif
+# endif
+
+# ifndef ExtraLoadFlags
+# if UseElfFormat && !UseInstalled
+# define ExtraLoadFlags RpathLoadFlags -Wl,-rpath-link,$(BUILDLIBDIR)
+# else
+# define ExtraLoadFlags RpathLoadFlags
+# endif
+# endif
+
#endif
+
+#ifndef LibraryRpathLoadFlags
+# if UseRpath
+# if UseElfFormat
+# define LibraryRpathLoadFlags -rpath $(USRLIBDIRPATH)
+# else
+# define LibraryRpathLoadFlags -R $(USRLIBDIRPATH)
+# endif
+# else
+# define LibraryRpathLoadFlags /**/
+# endif
#endif
#ifndef SharedLibraryLoadFlags
-#if UseElfFormat
-#define SharedLibraryLoadFlags -shared -rpath $(USRLIBDIRPATH)
-#else
-#define SharedLibraryLoadFlags -Bshareable -R $(USRLIBDIRPATH)
-#endif
+# if UseElfFormat
+# define SharedLibraryLoadFlags -shared LibraryRpathLoadFlags
+# else
+# define SharedLibraryLoadFlags -Bshareable LibraryRpathLoadFlags
+# endif
#endif
#ifndef GnuMallocLibrary
Index: OpenBSDLib.rules
===================================================================
RCS file: /home/x-cvs/xc/config/cf/OpenBSDLib.rules,v
retrieving revision 1.10
diff -u -r1.10 OpenBSDLib.rules
--- OpenBSDLib.rules 31 Oct 2003 20:49:03 -0000 1.10
+++ OpenBSDLib.rules 25 Jan 2004 03:53:56 -0000
@@ -20,6 +20,10 @@
#define ForceNormalLib YES
#endif
+#ifndef UseRpath
+#define UseRpath YES
+#endif
+
#ifndef BaseShLibReqs
#define BaseShLibReqs /* -lc implied by $(CC) */
#endif
@@ -36,8 +40,18 @@
#ifndef ShLibIncludeFile
#define ShLibIncludeFile <OpenBSDLib.tmpl>
#endif
+#ifndef RpathLoadFlags
+#if UseRpath
+#define RpathLoadFlags -Wl,-rpath,$(USRLIBDIRPATH)
+#else
+#define RpathLoadFlags /**/
+#endif
+#endif
+#ifndef LibraryRpathLoadFlags
+#define LibraryRpathLoadFlags RpathLoadFlags
+#endif
#ifndef SharedLibraryLoadFlags
-#define SharedLibraryLoadFlags -shared PositionIndependentCFlags
-Wl,-rpath,$(USRLIBDIR)
+#define SharedLibraryLoadFlags -shared PositionIndependentCFlags LibraryRpathLoadFlags
#endif
#ifndef PositionIndependentCFlags
#define PositionIndependentCFlags -fPIC
@@ -48,13 +62,13 @@
#if UseElfFormat
#ifndef ExtraLoadFlags
#ifdef UseInstalled
-#define ExtraLoadFlags -Wl,-rpath,$(USRLIBDIRPATH)
+#define ExtraLoadFlags RpathLoadFlags
#else
-#define ExtraLoadFlags -Wl,-rpath,$(USRLIBDIRPATH) -Wl,-rpath-link,$(BUILDLIBDIR)
+#define ExtraLoadFlags RpathLoadFlags -Wl,-rpath-link,$(BUILDLIBDIR)
#endif
#endif
#ifndef HardCodeLibdirFlag
-#define HardCodeLibdirFlag -Wl,-rpath,$(USRLIBDIRPATH)
+#define HardCodeLibdirFlag RpathLoadFlags
#endif
#endif /* UseElfFormat */
Index: bsdLib.rules
===================================================================
RCS file: /home/x-cvs/xc/config/cf/bsdLib.rules,v
retrieving revision 3.27
diff -u -r3.27 bsdLib.rules
--- bsdLib.rules 20 Nov 2003 00:41:37 -0000 3.27
+++ bsdLib.rules 25 Jan 2004 03:54:32 -0000
@@ -170,6 +170,10 @@
#define ForceNormalLib YES
#endif
+#ifndef UseRpath
+#define UseRpath YES
+#endif
+
#ifndef BaseShLibReqs
#define BaseShLibReqs /* -lc */
#endif
@@ -186,8 +190,18 @@
#ifndef ShLibIncludeFile
#define ShLibIncludeFile <bsdLib.tmpl>
#endif
+#ifndef RpathLoadFlags
+#if UseRpath
+#define RpathLoadFlags -Wl,-rpath,$(USRLIBDIRPATH)
+#else
+#define RpathLoadFlags /**/
+#endif
+#endif
+#ifndef LibraryRpathLoadFlags
+#define LibraryRpathLoadFlags RpathLoadFlags
+#endif
#ifndef SharedLibraryLoadFlags
-#define SharedLibraryLoadFlags -shared -Wl,-rpath,$(USRLIBDIRPATH)
+#define SharedLibraryLoadFlags -shared LibraryRpathLoadFlags
#endif
#ifndef PositionIndependentCFlags
#define PositionIndependentCFlags -fPIC
@@ -197,14 +211,14 @@
#endif
#ifndef ExtraLoadFlags
#ifdef UseInstalled
-#define ExtraLoadFlags -Wl,-rpath,$(USRLIBDIRPATH)
+#define ExtraLoadFlags RpathLoadFlags
#else
-#define ExtraLoadFlags -Wl,-rpath,$(USRLIBDIRPATH) -Wl,-rpath-link,$(BUILDLIBDIR)
+#define ExtraLoadFlags RpathLoadFlags -Wl,-rpath-link,$(BUILDLIBDIR)
#endif
#endif
#ifndef HardCodeLibdirFlag
-#define HardCodeLibdirFlag -Wl,-rpath,$(USRLIBDIRPATH)
+#define HardCodeLibdirFlag RpathLoadFlags
#endif
#if !defined(ShlibGlobalsFlags)
Index: gnuLib.rules
===================================================================
RCS file: /home/x-cvs/xc/config/cf/gnuLib.rules,v
retrieving revision 1.9
diff -u -r1.9 gnuLib.rules
--- gnuLib.rules 11 Oct 2003 09:40:13 -0000 1.9
+++ gnuLib.rules 25 Jan 2004 03:54:48 -0000
@@ -17,6 +17,11 @@
#define ForceNormalLib NO
#endif
+XCOMM XXX To rpath or not to rpath...
+#ifndef UseRpath
+#define UseRpath NO
+#endif
+
#ifndef SharedOldX
#define SharedOldX NO
#endif
@@ -38,10 +43,18 @@
#ifndef ShLibIncludeFile
#define ShLibIncludeFile <gnuLib.tmpl>
#endif
+#ifndef RpathLoadFlags
+#if UseRpath
+#define RpathLoadFlags -Wl,-rpath=$(USRLIBDIRPATH)
+#else
+#define RpathLoadFlags /**/
+#endif
+#endif
+#ifndef LibraryRpathLoadFlags
+#define LibraryRpathLoadFlags RpathLoadFlags
+#endif
#ifndef SharedLibraryLoadFlags
-XCOMM XXX To rpath or not to rpath...
-XCOMM #define SharedLibraryLoadFlags -shared -Wl,-rpath=$(USRLIBDIR)
-#define SharedLibraryLoadFlags -shared
+#define SharedLibraryLoadFlags -shared LibraryRpathLoadFlags
#endif
#ifndef PositionIndependentCFlags
#define PositionIndependentCFlags -fPIC
@@ -52,9 +65,9 @@
#ifndef ExtraLoadFlags
#ifdef UseInstalled
XCOMM XXX Maybe superfluous.
-#define ExtraLoadFlags -Wl,-rpath-link=$(USRLIBDIRPATH)
+#define ExtraLoadFlags RpathLoadFlags -Wl,-rpath-link=$(USRLIBDIRPATH)
#else
-#define ExtraLoadFlags -Wl,-rpath-link=$(BUILDLIBDIR)
+#define ExtraLoadFlags RpathLoadFlags -Wl,-rpath-link=$(BUILDLIBDIR)
#endif
#endif
Index: lnxLib.rules
===================================================================
RCS file: /home/x-cvs/xc/config/cf/lnxLib.rules,v
retrieving revision 3.52
diff -u -r3.52 lnxLib.rules
--- lnxLib.rules 31 Oct 2003 20:49:03 -0000 3.52
+++ lnxLib.rules 25 Jan 2004 03:50:31 -0000
@@ -11,6 +11,10 @@
# define ForceNormalLib NO
#endif
+#ifndef UseRpath
+#define UseRpath NO
+#endif
+
#ifndef SharedOldX
# define SharedOldX NO
#endif
@@ -63,6 +67,16 @@
# ifndef ShLibIncludeFile
# define ShLibIncludeFile <lnxLib.tmpl>
# endif
+#ifndef RpathLoadFlags
+#if UseRpath
+#define RpathLoadFlags -Wl,-rpath,$(USRLIBDIRPATH)
+#else
+#define RpathLoadFlags /**/
+#endif
+#endif
+#ifndef LibraryRpathLoadFlags
+#define LibraryRpathLoadFlags RpathLoadFlags
+#endif
# ifndef SharedLibraryLoadFlags
# define SharedLibraryLoadFlags -shared
# endif
@@ -76,17 +90,17 @@
# if LinuxBinUtilsMajorVersion >= 26
# ifdef UseInstalled
# if LinuxBinUtilsMajorVersion < 27
-# define ExtraLoadFlags -Wl,-rpath-link,$(USRLIBDIRPATH)
+# define ExtraLoadFlags RpathLoadFlags -Wl,-rpath-link,$(USRLIBDIRPATH)
# endif
# else
-# define ExtraLoadFlags -Wl,-rpath-link,$(BUILDLIBDIR)
+# define ExtraLoadFlags RpathLoadFlags -Wl,-rpath-link,$(BUILDLIBDIR)
# endif
# else
-# define ExtraLoadFlags -Wl,-rpath,$(USRLIBDIRPATH)
+# define ExtraLoadFlags RpathLoadFlags
# endif
# endif
# ifndef HardCodeLibdirFlag
-# define HardCodeLibdirFlag -Wl,-rpath,$(USRLIBDIRPATH)
+# define HardCodeLibdirFlag RpathLoadFlags
# endif
# if !defined(ShlibGlobalsFlags)
# define ShlibGlobalsFlags -Wl,-Bsymbolic
