Steve Langasek writes ("Re: dpkg-shlibdeps and private libraries"): > On Tue, Nov 06, 2007 at 08:51:05AM +0100, Andreas Tille wrote: > FWIW, I don't agree that this is a fix. In one sense it makes /usr/lib > "cleaner" by moving private libs into a private directory; however:
There is at least one significant difference between libraries in /usr/lib and ones in a private application directory: LD_PRELOAD cannot be used to force the loading of the latter by set-id programs. For example, authbind contains /usr/lib/authbind/libauthbind.so.1 which is there for that reason. If I make a symlink into /usr/lib I get this behaviour: -anarres:~> ll -uL --full-time /usr/lib/libauthbind.so.1 -rw-r--r-- 1 root root 5944 2007-11-17 16:18:32.000000000 +0000 /usr/lib/libauthbind.so.1 -anarres:~> date Sat Nov 17 16:19:06 GMT 2007 -anarres:~> LD_PRELOAD=/usr/lib/libauthbind.so.1 really id uid=0(root) gid=100(ian) groups=0(root),4(adm),6(disk),7(lp),8(mail),9(news),24(cdrom),25(floppy),26(tape),29(audio),33(www-data),35(dos),37(operator),40(src),42(shadow),50(staff),60(games),100(ian),200(ian-p),300(exim),500(house),1143(mirror),5063(anarubun) -anarres:~> ll -uL --full-time /usr/lib/libauthbind.so.1 -rw-r--r-- 1 root root 5944 2007-11-17 16:19:10.000000000 +0000 /usr/lib/libauthbind.so.1 -anarres:~> id uid=100(ian) gid=100(ian) groups=0(root),4(adm),6(disk),7(lp),8(mail),9(news),24(cdrom),25(floppy),26(tape),29(audio),33(www-data),35(dos),37(operator),40(src),42(shadow),50(staff),60(games),100(ian),200(ian-p),300(exim),500(house),1143(mirror),5063(anarubun) -anarres:~> This is not desirable. There are other reasons or kinds of library for which /usr/lib is not appropriate, for example application plugins. For example, Tcl extensions are moving into a separate directory. > - By moving the libs out of the default search path, you introduce the > possibility that an unrelated library will have the same name in /usr/lib; > this is a potential source of user confusion, as well as > difficult-to-diagnose corner-case bugs Obviously one still needs to avoid name clashes. > So I think it's better to leave these libraries in /usr/lib instead of using > rpath. My arguments and examples above don't apply to libraries that ought to _only_ be autoloaded via rpath. But not all uses of rpath are wrong. For example the Tcl extension modules in chiark-tcl will be moving out of /usr/lib and because they have interdependencies, rpath will be needed to find them. This can't feasibly be done `by hand' in the Tcl-called initialisation function but there is no application which needs to load the top of the library stack other than Tcl. Ian. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]