On Sun, Jan 08, 2012 at 11:20:33PM +0000, Matt Burgess wrote:
>
> I thought so too, but read your reply to my commit as a complaint so
> removed them. Maybe I'm a little sensitive :-)
I think a lack of sleep has that effect (and if you're developing,
you're bound to be short of sleep!). I merely noticed that you
had only shown .so libs in the original commit, and thought "ah,
that's better than what I'm using".
>
> Seriously though, I would like to see LFS consider removing as many
> static libs as possible. If nothing else, it helps massively in keeping
> systems secure as you only have to upgrade the *1* copy of the
> compromised library rather than trawl through logs to see what packages
> brought in a copy of the static library. It also helps with the usual
> shared library advantages of only having one copy loaded and one copy on
> disk, though the performance and space benefits are admittedly probably
> negligible on today's machines.
>
> Regards,
>
> Matt.
>
I'm all in favour. Following suggestions from Andy, my base lfs
is down to libc_nonshared, libg, libieee, libm, libpthread_nonshared,
librpcsvc, libsupc++ for static libs in /usr/lib. I've also got
static libs in /usr/lib/gcc : libgcc, libgcc_eh, libgcov - I presume
only gcc will find it easy to use those.
From time to time I've stepped in and deleted libraries when I'm
sure they're not needed. Meanwhile, I rename them to {,.hidden}
until I'm sure I don't need them - still got a load of those from
the toolchain, but I've now built enough to know I don't need them.
[ in my toolkit is a function to list all .a files in /usr/lib,
remove those above from the list, and then rename the rest ]
I'm sure some people developing code prefer static libs.
If we do get rid of these, there is some fun and games for libz in
module-init-tools and for libcrypt in sysvinit (Andy had a
suggestion, but since it's from glibc I've left it as hidden and
just rename it during the sysvinit build).
Also, we forcibly install a libiberty.h header in binutils, as well
as libiberty.a (I thought we force installed the lib, but I was
wrong). Last time I looked, it seemed that all packages which need
libiberty should ship with their own version.
ĸen
--
das eine Mal als Tragödie, das andere Mal als Farce
--
http://linuxfromscratch.org/mailman/listinfo/lfs-dev
FAQ: http://www.linuxfromscratch.org/faq/
Unsubscribe: See the above information page
