Bug 1442133
| Summary: | Do not link libkrad, liblber, libldap_r and libsss_nss_idmap to every binary in IPA | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | Petr Vobornik <pvoborni> | ||||||
| Component: | ipa | Assignee: | IPA Maintainers <ipa-maint> | ||||||
| Status: | CLOSED ERRATA | QA Contact: | Scott Poore <spoore> | ||||||
| Severity: | unspecified | Docs Contact: | |||||||
| Priority: | unspecified | ||||||||
| Version: | 7.4 | CC: | jcholast, ksiddiqu, pvoborni, rcritten, spoore, tscherf | ||||||
| Target Milestone: | rc | ||||||||
| Target Release: | --- | ||||||||
| Hardware: | Unspecified | ||||||||
| OS: | Unspecified | ||||||||
| Whiteboard: | |||||||||
| Fixed In Version: | ipa-4.5.0-7.el7 | Doc Type: | If docs needed, set a value | ||||||
| Doc Text: | Story Points: | --- | |||||||
| Clone Of: | Environment: | ||||||||
| Last Closed: | 2017-08-01 09:48:56 UTC | Type: | --- | ||||||
| Regression: | --- | Mount Type: | --- | ||||||
| Documentation: | --- | CRM: | |||||||
| Verified Versions: | Category: | --- | |||||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||||
| Embargoed: | |||||||||
| Attachments: |
|
||||||||
|
Description
Petr Vobornik
2017-04-13 15:48:33 UTC
Upstream ticket: https://pagure.io/freeipa/issue/6846 Fixed upstream master: https://pagure.io/freeipa/c/4322b57e313105611df39e99097993ba4161ab42 ipa-4-5: https://pagure.io/freeipa/c/207864a61a748a9032e67bf0f1782379e44fb5aa Verified.
Version ::
ipa-server-4.5.0-13.el7.x86_64
Result ::
[root@rhel7-3 ~]# cat linktest.sh
for rpm in ipa-server ipa-client; do
echo
echo "++++++++++++++ $rpm +++++++++++++++"
echo
for file in $(rpm -ql $rpm|egrep "/sbin/|/bin/|lib.*.so$"); do
file $file|grep -q ELF
if [ $? -eq 0 ]; then
echo " ============= $file ==============="
ldd $file |sort | egrep "libkrad|liblber|libldap_r|libsss_nss_idmap"|awk '{print " " $1 " " $2 " " $3}'
fi
done
done
[root@rhel7-3 ~]# rpm -q ipa-server
ipa-server-4.5.0-13.el7.x86_64
[root@rhel7-3 ~]# sh linktest.sh > ipa450_linktest.out
# Then on a RHEL7.3 server:
[root@ipa1 ~]# sh linktest > ipa440_linktest.out
[root@ipa1 ~]# scp ipa440_linktest.out root.122.73:/root
Password:
ipa440_linktest.out 100% 4034 3.9KB/s 00:00
# Now to compare and see what's changed:
[root@rhel7-3 ~]# diff ipa440_linktest.out ipa450_linktest.out
5d4
< libkrad.so.0 => /lib64/libkrad.so.0
9d7
< libkrad.so.0 => /lib64/libkrad.so.0
13d10
< libkrad.so.0 => /lib64/libkrad.so.0
17d13
< libkrad.so.0 => /lib64/libkrad.so.0
22d17
< libkrad.so.0 => /lib64/libkrad.so.0
26d20
< libkrad.so.0 => /lib64/libkrad.so.0
30d23
< libkrad.so.0 => /lib64/libkrad.so.0
34d26
< libkrad.so.0 => /lib64/libkrad.so.0
38d29
< libkrad.so.0 => /lib64/libkrad.so.0
42d32
< libkrad.so.0 => /lib64/libkrad.so.0
46d35
< libkrad.so.0 => /lib64/libkrad.so.0
50d38
< libkrad.so.0 => /lib64/libkrad.so.0
54d41
< libkrad.so.0 => /lib64/libkrad.so.0
58d44
< libkrad.so.0 => /lib64/libkrad.so.0
62d47
< libkrad.so.0 => /lib64/libkrad.so.0
64d48
< libkrad.so.0 => /lib64/libkrad.so.0
66d49
< libkrad.so.0 => /lib64/libkrad.so.0
73a57
> libldap_r-2.4.so.2 => /lib64/libldap_r-2.4.so.2
75a60
> libldap_r-2.4.so.2 => /lib64/libldap_r-2.4.so.2
You can see that most of the differences above are that the libkrad links are no longer included in the ipa4.5 binaries.
Created attachment 1282267 [details]
ipa 4.5 linktest output
Created attachment 1282269 [details]
ipa 4.4 linktest output
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2017:2304 |