Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 23 Aug 2006 13:36:04 +0300
From:      Kostik Belousov <kostikbel@gmail.com>
To:        Alexander Leidinger <Alexander@Leidinger.net>
Cc:        Dag-Erling Sm??rgrav <des@des.no>, freebsd-current@freebsd.org, LI Xin <delphij@delphij.net>, Michael Bushkov <bushman@rsu.ru>
Subject:   Re: [HEADS UP]: OpenLDAP+nss_ldap+nss_modules separated patch and more (SoC)
Message-ID:  <20060823103604.GB64800@deviant.kiev.zoral.com.ua>
In-Reply-To: <20060823121157.yawh6f8e844w4osc@netchild.homeip.net>
References:  <44E9582C.2010400@rsu.ru> <44EAA213.6010507@delphij.net> <002901c6c5ba$628b67d0$9800a8c0@carrera> <86hd0423zk.fsf@xps.des.no> <44EB302A.7010106@rsu.ru> <20060823121157.yawh6f8e844w4osc@netchild.homeip.net>

next in thread | previous in thread | raw e-mail | index | archive | help

--DKU6Jbt7q3WqK7+M
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, Aug 23, 2006 at 12:11:57PM +0200, Alexander Leidinger wrote:
> If someone doesn't like the base system libldap, but wants the =20
> nss_ldap stuff, this way will not work out. While building the base =20
> system, no 3rd party libs are known to the build infrastructure.
>=20
> Conflicting libs aren't good and some people may want to have more =20
> recent versions of a lib installed. To solve this issue phk didn't =20
> importet "libxml", but renamed it to "libbsdxml" (we only need to =20
> update the lib if we need a new feature, or if there's a security =20
> problem). This way base system tools are able to use a XML lib while =20
> ports can use a more recent version of it (ports aren't using our =20
> version of the lib).
>=20
> So this is not like the openssl or kerberos cases from the =20
> lib-handling point of view (I'm talking about the ports<->basesystem =20
> interaction, not about updating the lib in the basesystem).
>=20
> An idea which wasn't suggested yet is to install a renamed version (I =20
> would suggest libbaseldap instead of libbsdldap or libldap_i, but I =20
> don't really care about the name) and a link from the original name =20
> (only the .so and .a, but not the .so.X) to the new name. This link =20
> can be protected with a WITHOUT_LIBLDAP_LINK switch (or the other way =20
> around... depending on what we want to achieve). This way it is =20
> possible to link with the renamed lib in the base system, to use the =20
> base system version of the lib in ports, and to use the lib from ports =
=20
> if desired (a recompile of ports may be needed in the last case, yes).

This will not work. bsdxml is used inside the system binaries. No binary
links again expat and bsdxml simultaneously. Would such binary exists,
it could experience problems.

On the other hand, application using openldap from the ports has high chance
loading nss_ldap (e.g., due to nsswitch.conf). If nss_ldap linked against
renamed library, this would cause the crash.

In fact, similar problem was fixed not so long time ago by Dag-Erling
in the pam_ssh (duplicating existing symbols by the pam).

--DKU6Jbt7q3WqK7+M
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (FreeBSD)

iD8DBQFE7C+UC3+MBN1Mb4gRAv7yAKCm6UCzJqHEnHDOUjEQaLn0LrDlNQCgkdS0
iv2EP6RcrT+TMDEtG5EkhUw=
=LeKh
-----END PGP SIGNATURE-----

--DKU6Jbt7q3WqK7+M--



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060823103604.GB64800>