Some interesting information about the shared library execute bit issue.
Why is it that we require the execute bit? I found an old post about it maybe being tied to the kernel protecting overwriting running programs, but no idea if that ever was put it place.
On Fri, 2007-04-06 at 13:13 -0600, Orion Poplawski wrote:
Some interesting information about the shared library execute bit issue.
Why is it that we require the execute bit? I found an old post about it maybe being tied to the kernel protecting overwriting running programs, but no idea if that ever was put it place.
Roland,
Do you know why we only eu-strip libraries if they have the execute bit set? As the cmake folks pointed out, this is the opposite of Debian's policy (never set the libraries executable).
~spot
On Friday 06 April 2007, Tom "spot" Callaway wrote:
On Fri, 2007-04-06 at 13:13 -0600, Orion Poplawski wrote:
Some interesting information about the shared library execute bit issue.
Why is it that we require the execute bit?
I'd be very interested in learning this too. It was also briefly discussed in a recent packaging committee meeting, with no real conclusion: http://fedoraproject.org/wiki/Packaging/IRCLog20070306
Roland,
Do you know why we only eu-strip libraries if they have the execute bit set? As the cmake folks pointed out, this is the opposite of Debian's policy (never set the libraries executable).
Just to clarify, you mean /usr/lib/rpm/redhat/brp-strip?
BTW, kernel modules get stripped only if they're executable as well at end of %install, that one should be an easy one to rectify even if execute bits for shared libs are useful.
Oh, and ldd says "warning: you do not have execution permission for ..." for whatever non-executable is passed to it.
Anyone aware of anything else?
On Friday 06 April 2007 17:53:46 Ville Skyttä wrote:
Anyone aware of anything else?
It's not just the strip part, but if the library isn't marked executable, it isn't processed for requirements, so quite often library requirements can slip through the cracks of rpm's auto req generation. See a recent bug in FC6 where this happened.
On Saturday 07 April 2007, Jesse Keating wrote:
On Friday 06 April 2007 17:53:46 Ville Skyttä wrote:
Anyone aware of anything else?
It's not just the strip part, but if the library isn't marked executable, it isn't processed for requirements, so quite often library requirements can slip through the cracks of rpm's auto req generation.
Oh, indeed, I tested that before posting but the test was faulty; requirements end up missing indeed (but Provides seem to be fine).
Just to clarify, you mean /usr/lib/rpm/redhat/brp-strip?
I think he meant /usr/lib/rpm/find-debuginfo.sh, but brp-strip behaves the same way. I think brp-strip only winds up really doing anything when debuginfo is disabled.
BTW, kernel modules get stripped only if they're executable as well at end of %install, that one should be an easy one to rectify even if execute bits for shared libs are useful.
Indeed, recognizing them has only the same issues that recognizing nonexecutable DSO files does.
Orion Poplawski wrote:
Some interesting information about the shared library execute bit issue.
FYI, I think the patch from http://bugzilla.redhat.com/235673 can address our immediate needs, at least until we hear anything more definitive from upstream.
-- Rex
Orion Poplawski wrote:
Some interesting information about the shared library execute bit issue.
Why is it that we require the execute bit? I found an old post about it maybe being tied to the kernel protecting overwriting running programs, but no idea if that ever was put it place.
So, any closer to an answer on this question?
On Mon, 2007-04-09 at 11:30 -0600, Orion Poplawski wrote:
Orion Poplawski wrote:
Some interesting information about the shared library execute bit issue.
Why is it that we require the execute bit? I found an old post about it maybe being tied to the kernel protecting overwriting running programs, but no idea if that ever was put it place.
So, any closer to an answer on this question?
The short answer: This is how rpm marks files for tracking requires and stripping debuginfo.
Is this the best way to do it? Probably not. Seems like a good target for improvement in upstream rpm. I'm sure they'd love some patches.
~spot
packaging@lists.fedoraproject.org
-
Jesse Keating -
Orion Poplawski -
Rex Dieter -
Roland McGrath -
Tom Callaway -
Ville Skyttä