Bug 609613
Summary: | nss-softokn : does not adhere to Static Library Packaging Guidelines | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Michael Schwendt <bugs.michael> |
Component: | nss-softokn | Assignee: | Elio Maldonado Batiz <emaldona> |
Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | low | Docs Contact: | |
Priority: | low | ||
Version: | 14 | CC: | emaldona, kengert, pasteur, rrelyea |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | nss-util-3.12.8-1.fc12 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2010-10-05 13:38:29 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Michael Schwendt
2010-06-30 16:58:40 UTC
This bug appears to have been reported against 'rawhide' during the Fedora 14 development cycle. Changing version to '14'. More information and reason for this action is here: http://fedoraproject.org/wiki/BugZappers/HouseKeeping * In general, packagers are strongly encouraged not to ship static libs unless a compelling reason exists. Usage of static libraries is internal to nss. We do have loading code to load the crypto library dynamically. Yes, static linking with a library that dynammically (via ldopen) loads the crypto libarries. That way no one needs to include -lsoftoknb3 -lfreebl3 in their conpile line. There is exception to the rule. glibc ships a mini crypto library for doing hashes and it calls libfreebl3.so which has some special API for it. [...]$ ldd /lib/libcrypt.so.1 linux-gate.so.1 => (0x005b8000) libc.so.6 => /lib/libc.so.6 (0x00110000) libfreebl3.so => /lib/libfreebl3.so (0x06a69000) /lib/ld-linux.so.2 (0x0048f000) libdl.so.2 => /lib/libdl.so.2 (0x0066b000) ..... The client code of nss generally invokes crypto services via the PK11_ wrapper calls in nss (libnss3.so) and not via calls to libraries in nss-softokn. In fact the higher layes of nss use dynamic linking and don't even expose the libaries nsss-softokn. For example, let's look at nss [... ~]$ ldd /usr/lib/libnss3.so linux-gate.so.1 => (0x0037b000) libnssutil3.so => /usr/lib/libnssutil3.so (0x05435000) libplc4.so => /lib/libplc4.so (0x02baf000) libplds4.so => /lib/libplds4.so (0x02ba9000) libnspr4.so => /lib/libnspr4.so (0x03507000) libpthread.so.0 => /lib/libpthread.so.0 (0x00672000) libdl.so.2 => /lib/libdl.so.2 (0x0066b000) libc.so.6 => /lib/libc.so.6 (0x004b1000) /lib/ld-linux.so.2 (0x0048f000) Similarly with the other libraries from the nss package, you won't see references to softoken. "Packages which explicitly need to link against the static version must BuildRequire: foo-static, so that the usage can be tracked." I still need to understand better the implications of the "-static" suffix before I change the spec file. Do I really need it? > I still need to understand better the implications of the > "-static" suffix before I change the spec file. It is a package naming suffix similar to -devel, but for (sub-)packages which contain static libraries. These (sub-)packages can also be virtual ones, e.g. as explained in the linked guidelines for the case when a library -devel packages doesn't contain shared libs. In package nss-softokn-freebl-devel you would add Provides: nss-softokn-freebl-static = %{version}-%{release} and that would suffice. Everything that had "BuildRequires: nss-softokn-freebl-devel" before, would need to change that to "BuildRequires: nss-softokn-freebl-static" in order to meet the packaging guidelines. > Do I really need it? Only with a proper naming scheme for packages, which contain static libraries, it becomes possible to run queries on a src.rpm repository and search for all packages that need -static packages for building. Exceptions to the packaging guidelines require FESCo approval. nss-3.12.7-8.fc14,nss-softokn-3.12.7-7.fc14 has been submitted as an update for Fedora 14. https://admin.fedoraproject.org/updates/nss-3.12.7-8.fc14,nss-softokn-3.12.7-7.fc14 nss-3.12.7-8.fc13,nss-softokn-3.12.7-7.fc13 has been submitted as an update for Fedora 13. https://admin.fedoraproject.org/updates/nss-3.12.7-8.fc13,nss-softokn-3.12.7-7.fc13 nss-3.12.7-8.fc14, nss-softokn-3.12.7-7.fc14 has been pushed to the Fedora 14 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update nss nss-softokn'. You can provide feedback for this update here: https://admin.fedoraproject.org/updates/nss-3.12.7-8.fc14,nss-softokn-3.12.7-7.fc14 Closed by: fedora-report-static-batch.py nss-3.12.8-2.fc14,nss-softokn-3.12.8-1.fc14,nss-util-3.12.8-1.fc14 has been submitted as an update for Fedora 14. https://admin.fedoraproject.org/updates/nss-3.12.8-2.fc14,nss-softokn-3.12.8-1.fc14,nss-util-3.12.8-1.fc14 nss-util-3.12.8-1.fc12,nss-softokn-3.12.8-1.fc12,nss-3.12.8-2.fc12 has been submitted as an update for Fedora 12. https://admin.fedoraproject.org/updates/nss-util-3.12.8-1.fc12,nss-softokn-3.12.8-1.fc12,nss-3.12.8-2.fc12 nss-3.12.8-2.fc13, nss-softokn-3.12.8-1.fc13, nss-util-3.12.8-1.fc13 has been pushed to the Fedora 13 stable repository. If problems still persist, please make note of it in this bug report. nss-3.12.8-2.fc14, nss-softokn-3.12.8-1.fc14, nss-util-3.12.8-1.fc14 has been pushed to the Fedora 14 stable repository. If problems still persist, please make note of it in this bug report. nss-util-3.12.8-1.fc12, nss-softokn-3.12.8-1.fc12, nss-3.12.8-2.fc12 has been pushed to the Fedora 12 stable repository. If problems still persist, please make note of it in this bug report. |