Bug 242487

Summary: Cannot static link with f7 krb5-devel package
Product: [Fedora] Fedora Reporter: Michael Cronenworth <mike>
Component: krb5Assignee: Nalin Dahyabhai <nalin>
Status: CLOSED WONTFIX QA Contact: Brian Brock <bbrock>
Severity: low Docs Contact:
Priority: low    
Version: 7   
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2007-06-04 19:46:52 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Michael Cronenworth 2007-06-04 14:45:39 UTC 
Description of problem: ar files (.a) are missing from the krb5-devel package. I
was able to static link in Fedora Core 6 just fine. I upgraded to Fedora 7
yesterday. I can no longer static link (complains it cannot find library).


Version-Release number of selected component (if applicable): 1.6-6


How reproducible: Always


Steps to Reproduce:
1. Compile C object
2. Use -static link option
3.
  
Actual results: /usr/bin/ld: cannot find -lkrb5support


Expected results: Static linked application


Additional info:
Comment 1 Nalin Dahyabhai 2007-06-04 17:52:19 UTC 
Static libraries haven't been supported since just after 1.5.  Because libkrb5
now makes use of loadable modules, and statically-linked binaries can't always
use loadable modules, they were turned off.  (It was pretty easy for me to adapt
to this because the default Fedora policy is to build without static libraries.)

Is there a specific reason you need static libraries, for example, something
which can not be made to work with shared libraries?  If not, then I'm inclined
to leave this in its current state.
Comment 2 Michael Cronenworth 2007-06-04 18:01:18 UTC 
I use Fedora as my development system for my workplace. I work with a
proprietary (closed source) application that requires static linking to insure
binary compatibility. In some parts of the commercial world, people are not
always running on the same version of the operating system -- and cannot easily
upgrade.

My main requirement is the use of the SSL library, which on Fedora, has been
compiled with KRB5 support. Is there a reason that Fedora (Gentoo doesn't) adds
KRB5 support?

Am I stuck building a custom RPM?
Comment 3 Nalin Dahyabhai 2007-06-04 19:43:03 UTC 
I'm afraid you'll have to either build with static libssl and dynamic
libkrb5, or rebuild the krb5 package to include static libraries.

The .spec file has conditional logic to override the build behavior and
generate them -- I have to mention that certain things (server location
and preauthentication modules) mightn't work, but then if you're using
it via libssl you shouldn't be affected.  Install the source package, and
change the line which reads
  %define build_static 0
so that it instead says
  %define build_static 1
and then build the package.

At the time I think we were looking to be able to optionally use Kerberos
for authentication and key exchange in SSL clients and servers, but I don't
think we really explored it beyond compiling it, nor do I have any data on
whether or not people are even using the functionality.
Comment 4 Nalin Dahyabhai 2007-06-04 19:46:52 UTC 
Whoops, I need to close this as wontfix because (ATM) I'm not planning
on modifying the package as built for the repositories due to expected
increase in module use as we go forward.  At some point, deviating from
upstream on static libraries isn't going to be technically possible, and
I'm not keen on deviating for the general case even while it's still
sort-of possible.