From owner-freebsd-current@FreeBSD.ORG Wed Aug 23 10:38:33 2006 Return-Path: X-Original-To: freebsd-current@freebsd.org Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C816816A4DA for ; Wed, 23 Aug 2006 10:38:33 +0000 (UTC) (envelope-from kostikbel@gmail.com) Received: from fw.zoral.com.ua (fw.zoral.com.ua [213.186.206.134]) by mx1.FreeBSD.org (Postfix) with ESMTP id 37CBD43D8F for ; Wed, 23 Aug 2006 10:37:43 +0000 (GMT) (envelope-from kostikbel@gmail.com) Received: from deviant.kiev.zoral.com.ua (root@deviant.kiev.zoral.com.ua [10.1.1.148]) by fw.zoral.com.ua (8.13.4/8.13.4) with ESMTP id k7NAa4Le027493 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 23 Aug 2006 13:36:04 +0300 (EEST) (envelope-from kostikbel@gmail.com) Received: from deviant.kiev.zoral.com.ua (kostik@localhost [127.0.0.1]) by deviant.kiev.zoral.com.ua (8.13.8/8.13.8) with ESMTP id k7NAa5r1077724; Wed, 23 Aug 2006 13:36:05 +0300 (EEST) (envelope-from kostikbel@gmail.com) Received: (from kostik@localhost) by deviant.kiev.zoral.com.ua (8.13.8/8.13.8/Submit) id k7NAa48I077723; Wed, 23 Aug 2006 13:36:04 +0300 (EEST) (envelope-from kostikbel@gmail.com) X-Authentication-Warning: deviant.kiev.zoral.com.ua: kostik set sender to kostikbel@gmail.com using -f Date: Wed, 23 Aug 2006 13:36:04 +0300 From: Kostik Belousov To: Alexander Leidinger Message-ID: <20060823103604.GB64800@deviant.kiev.zoral.com.ua> References: <44E9582C.2010400@rsu.ru> <44EAA213.6010507@delphij.net> <002901c6c5ba$628b67d0$9800a8c0@carrera> <86hd0423zk.fsf@xps.des.no> <44EB302A.7010106@rsu.ru> <20060823121157.yawh6f8e844w4osc@netchild.homeip.net> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="DKU6Jbt7q3WqK7+M" Content-Disposition: inline In-Reply-To: <20060823121157.yawh6f8e844w4osc@netchild.homeip.net> User-Agent: Mutt/1.4.2.2i X-Virus-Scanned: ClamAV version 0.88.4, clamav-milter version 0.88.4 on fw.zoral.com.ua X-Virus-Status: Clean X-Spam-Status: No, score=1.4 required=5.0 tests=SPF_NEUTRAL, UNPARSEABLE_RELAY autolearn=no version=3.1.4 X-Spam-Level: * X-Spam-Checker-Version: SpamAssassin 3.1.4 (2006-07-25) on fw.zoral.com.ua Cc: Dag-Erling Sm??rgrav , freebsd-current@freebsd.org, LI Xin , Michael Bushkov Subject: Re: [HEADS UP]: OpenLDAP+nss_ldap+nss_modules separated patch and more (SoC) X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Aug 2006 10:38:34 -0000 --DKU6Jbt7q3WqK7+M Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Aug 23, 2006 at 12:11:57PM +0200, Alexander Leidinger wrote: > If someone doesn't like the base system libldap, but wants the =20 > nss_ldap stuff, this way will not work out. While building the base =20 > system, no 3rd party libs are known to the build infrastructure. >=20 > Conflicting libs aren't good and some people may want to have more =20 > recent versions of a lib installed. To solve this issue phk didn't =20 > importet "libxml", but renamed it to "libbsdxml" (we only need to =20 > update the lib if we need a new feature, or if there's a security =20 > problem). This way base system tools are able to use a XML lib while =20 > ports can use a more recent version of it (ports aren't using our =20 > version of the lib). >=20 > So this is not like the openssl or kerberos cases from the =20 > lib-handling point of view (I'm talking about the ports<->basesystem =20 > interaction, not about updating the lib in the basesystem). >=20 > An idea which wasn't suggested yet is to install a renamed version (I =20 > would suggest libbaseldap instead of libbsdldap or libldap_i, but I =20 > don't really care about the name) and a link from the original name =20 > (only the .so and .a, but not the .so.X) to the new name. This link =20 > can be protected with a WITHOUT_LIBLDAP_LINK switch (or the other way =20 > around... depending on what we want to achieve). This way it is =20 > possible to link with the renamed lib in the base system, to use the =20 > base system version of the lib in ports, and to use the lib from ports = =20 > if desired (a recompile of ports may be needed in the last case, yes). This will not work. bsdxml is used inside the system binaries. No binary links again expat and bsdxml simultaneously. Would such binary exists, it could experience problems. On the other hand, application using openldap from the ports has high chance loading nss_ldap (e.g., due to nsswitch.conf). If nss_ldap linked against renamed library, this would cause the crash. In fact, similar problem was fixed not so long time ago by Dag-Erling in the pam_ssh (duplicating existing symbols by the pam). --DKU6Jbt7q3WqK7+M Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (FreeBSD) iD8DBQFE7C+UC3+MBN1Mb4gRAv7yAKCm6UCzJqHEnHDOUjEQaLn0LrDlNQCgkdS0 iv2EP6RcrT+TMDEtG5EkhUw= =LeKh -----END PGP SIGNATURE----- --DKU6Jbt7q3WqK7+M--