Package: debian-policy Severity: wishlist It happens with unfortunate frequency that a shared library in the archive will be built without linking against all the other libraries it uses symbols from. Although the glibc runtime linker is fairly robust and can usually cope with this lack so long as the application itself is linked against the libraries in question, there are two specific cases where this fails. - The library has gained a dependency without changing sonames. If the shared library does not correctly link to the new library, existing binaries that use the primary library will be unaware of the new dependency and will fail to run. Bug #186042 is a recent example of this. - The library is dynamically loaded using dlopen(), or is linked to by another object that is dlopen()ed. In this case, the safeguards against unresolved symbols are not available at the time the application is linked. In some cases, this can result in an inability to load the DSO (#179886, which shows the problem but doesn't include much of the diagnosis); in others, it causes segfaults (#165960). Not linking shared libraries against the other libraries they use also subverts the effectiveness of the shlibs system. Therefore, I believe Policy should both be explicit about the need for such linking, and provide recommendations to packagers that help prevent mislinked libraries. Below is the proposed text change to Policy. This may fit better in chapter 9, but chapter 11 is where compile-time options are currently discussed. Regards, -- Steve Langasek postmodern programmer Index: policy.sgml =================================================================== RCS file: /cvs/debian-policy/debian-policy/policy.sgml,v retrieving revision 1.118 diff -u -r1.118 policy.sgml --- policy.sgml 19 Apr 2003 10:33:14 -0000 1.118 +++ policy.sgml 30 Apr 2003 03:17:36 -0000 @@ -5731,6 +5731,19 @@ </p> <p> + Although not enforced by the build tools, shared libraries + must be linked against all libraries that they use symbols from + in the same way that binaries are. This ensures the correct + functioning of the <ref id="sharedlibs-shlibdeps">shlibs</ref> + system and guarantees that all libraries can be safely opened + with <tt>dlopen()</tt>. Packagers may wish to use the gcc + option <tt>-Wl,-z,defs</tt> when building a shared library. + Since this option enforces symbol resolution at build time, + a missing library reference will be caught early as a fatal + build error. + </p> + + <p> All installed shared libraries should be stripped with <example compact="compact"> strip --strip-unneeded <var>your-lib</var>
Attachment:
pgpwegf2TnaJi.pgp
Description: PGP signature