On 8/5/2014 3:07 PM, Tijl Coosemans wrote:
On Tue, 05 Aug 2014 14:32:15 -0500 Bryan Drewery wrote:
On 8/5/2014 2:22 PM, Tijl Coosemans wrote:
On Tue, 05 Aug 2014 11:25:54 -0500 Bryan Drewery wrote:
Can office@ chime in on this?
On 8/1/2014 7:27 PM, Bryan Drewery wrote:
On 2014-08-01 08:53, Andrea Venturoli wrote:
On a 10.0/amd64 system:
# cat /usr/ports/UPDATING
...
20140730:
AFFECTS: users of security/libgcrypt
AUTHOR: [email protected]
libgcrypt has been updated to 1.6.1 and all shared libraries
versions have
been bumped. So you need to rebuild all applications that depend on
libgcrypt.
# portmaster -r libgcrypt
or
# portupgrade -fr security/libgcrypt
or
# pkg install -fR security/libgcrypt
...
# pkg info -r libgcrypt|less
libgcrypt-1.6.1_1:
libgnome-keyring-2.32.0_8
gnupg-2.0.25_1
libxslt-1.1.28_4
# pkg info -r libxslt | less
libxslt-1.1.28_4:
rarian-0.8.1_1
gnome-doc-utils-0.20.10_2
gtk-doc-1.18_1
inkscape-0.48.4_4
vala-0.20.1_1
policykit-gnome-0.9.2_7
raptor2-2.0.14
xmlto-0.0.26_2
shiboken-1.2.2
apiextractor-0.10.10_2
libreoffice-4.2.5_3
# portupgrade -frn libgcrypt
---> Listing the results (+:done / -:ignored / *:skipped / !:failed)
+ security/libgcrypt (libgcrypt-1.6.1_1 -> libgcrypt-1.6.1_1)
+ textproc/libxslt (libxslt-1.1.28_4 -> libxslt-1.1.28_4)
+ security/gnupg (gnupg-2.0.25_1 -> gnupg-2.0.25_1)
+ security/libgnome-keyring (libgnome-keyring-2.32.0_8 ->
libgnome-keyring-2.32.0_8)
So, libreoffice is not rebuilt and after "portupgrade -fr libgcrypt"...
# libchk -v | less -S
...
Binaries that are linked with: /usr/local/lib/compat/pkg/libgcrypt.so.19
/usr/local/lib/compat/pkg/libsoup-gnome-2.4.so.1.5.0
/usr/local/lib/libreoffice/program/libxsltfilterlo.so
... libreoffice is still using the old library.
Agreed it is not a pkg problem, nor a portupgrade problem.
libreoffice is not directly depending on libgcrypt so it was not
rebuilt. Only direct dependencies are rebuilt. But this is not really
the problem. The problem is that Libreoffice seems to be doing something
special by building its own libxsltfilterlo.so into its own directory.
So the libxslt rebuild had no idea about it. It's not a file actually
provided by libxslt.
# pkg info -l libxslt|grep /usr/local/lib
/usr/local/lib/libexslt.a
/usr/local/lib/libexslt.la
/usr/local/lib/libexslt.so
/usr/local/lib/libexslt.so.8
/usr/local/lib/libxslt.a
/usr/local/lib/libxslt.la
/usr/local/lib/libxslt.so
/usr/local/lib/libxslt.so.2
Note the lack of libxsltfilterlo.so.
I'd say the instructions were lacking. My guess is a small handfull of
people realize what's going on here and none of the other committers do.
So it's very likely that many UPDATING entries need special libreoffice
care as well and have not had it documented. I.e., every dependency of
libreoffice would require rebuilding libreoffice.
I'm not sure what this program/ dir is, perhaps some cache. It would be
safer to have it disabled so this special care is not needed.
It's not a special cache. It's just a normal library that libreoffice
builds and installs. The library probably links to libexslt using
"pkgconf --libs libexslt" which include -lgcrypt. Libreoffice should
have had its PORTREVISION bumped as part of the libgcrypt update. There
are other ports that should have been bumped. I'll look into it.
Hm, it seems to be building its own libxslt library though and placing
it in its own directory. The rebuilding of libxslt did not update the
one in the libreoffice dir.
libreoffice->libxslt->libgcrypt
Rebuilding libxslt should be enough to link against the newer libgcrypt
and since libxslt has not change it should not require rebuilding
libreoffice.
Libreoffice links with libgcrypt directly. The reason it does so is
because the output of "pkgconf --libs libexslt" is this:
-lexslt -lxslt -lz -lm -lgcrypt -lgpg-error -L/usr/local/lib -lxml2
It's an example of how pkgconfig files can cause overlinking.
Got it.
Libreoffice comes up in this list:
pkg rquery '%o %B' | grep libgcrypt.so | sort
So it should have been bumped as part of the libgcrypt update. I had
actually specifically asked for that list of ports to be included.
Well the problem here was the instructions did not indicate to upgrade
all ports so it would not have caught it anyhow. The instructions were
to use portupgrade/portmaster to things depending on libgcrypt. Perhaps
we need to change our instructions (or portupgrade/portmaster) to use
registered library dependencies as well rather than just package deps.
--
Regards,
Bryan Drewery
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "[email protected]"
