Skip to content
Jump to bottom

julia: remove leftover RPATH from pcre shared libraries #92

Merged
merged 1 commit into from
Aug 18, 2016
Merged

julia: remove leftover RPATH from pcre shared libraries #92

merged 1 commit into from
Aug 18, 2016

Conversation

donald
Copy link
Collaborator

@donald donald commented Aug 18, 2016

Without this change the julia build system installed the
two pcre shared libraries /usr/lib/julia/libpcre2-8.so.0.2.0
and /usr/lib/julia/libpcre2-posix.so.0.0.0 with an RPATH
to a build directory (eg.
/dev/shm/bee-root/julia/julia-0.4.6-0/source/usr/lib) which is
a security problem if the build directory is in a public
writable temp space as is the case here.

The patch

--- a/deps/Makefile
+++ b/deps/Makefile
@@ -788,9 +788,6 @@ PCRE_OBJ_TARGET = $(build_shlibdir)/libpcre2-8.$(SHLIB_EXT)

 # Force optimization for PCRE flags (Issue #11668)
 PCRE_CFLAGS = -O3
-ifneq ($(OS),WINNT)
-PCRE_LDFLAGS = "-Wl,-rpath,'$(build_libdir)'"
-endif

 pcre2-$(PCRE_VER).tar.bz2:
        $(JLDOWNLOAD) $@ https://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre2-$(PCRE_VER).tar.bz2
--

fixed the problem only for one of the two libraries, as the RPATH of
the other one is also set by the pcre build system.

@thomas
Copy link
Collaborator

thomas commented Aug 18, 2016

Nb: A good example for using the postinstall feature.

pmenzel
pmenzel reviewed Aug 18, 2016
View reviewed changes
julia.be0
@@ -66,6 +66,11 @@ mee_install() {
}
# by default this may be 'make install DESTDIR="${D}"'

mee_install_post() {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Add the URL of the GitHub Julia issue here as a comment?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

did so.

@pmenzel
Copy link
Collaborator

pmenzel commented Aug 18, 2016

The alternative would be to package libpcre2 ourselves, and tell Julia to take the system one. Currently, Mariux does not ship that library.

$ ls -l /usr/lib/libpcre*
-rw-r--r-- 1 root system 1274334 Jan 20  2016 /usr/lib/libpcre.a
lrwxrwxrwx 1 root system      16 Jan 20  2016 /usr/lib/libpcre.so -> libpcre.so.1.2.6
lrwxrwxrwx 1 root system      16 Jan 20  2016 /usr/lib/libpcre.so.1 -> libpcre.so.1.2.6
-rwxr-xr-x 1 root system  773995 Jan 20  2016 /usr/lib/libpcre.so.1.2.6
-rw-r--r-- 1 root system   49246 Jan 20  2016 /usr/lib/libpcrecpp.a
lrwxrwxrwx 1 root system      19 Jan 20  2016 /usr/lib/libpcrecpp.so -> libpcrecpp.so.0.0.1
lrwxrwxrwx 1 root system      19 Jan 20  2016 /usr/lib/libpcrecpp.so.0 -> libpcrecpp.so.0.0.1
-rwxr-xr-x 1 root system   46474 Jan 20  2016 /usr/lib/libpcrecpp.so.0.0.1
-rw-r--r-- 1 root system   24680 Jan 20  2016 /usr/lib/libpcreposix.a
lrwxrwxrwx 1 root system      21 Jan 20  2016 /usr/lib/libpcreposix.so -> libpcreposix.so.0.0.3
lrwxrwxrwx 1 root system      21 Jan 20  2016 /usr/lib/libpcreposix.so.0 -> libpcreposix.so.0.0.3
-rwxr-xr-x 1 root system   21617 Jan 20  2016 /usr/lib/libpcreposix.so.0.0.3
$ sudo bee query libpcre
julia-0.4.6-0.x86_64
  /usr/lib/julia/libpcre2-posix.so.0.0.0
  /usr/lib/julia/libpcre2-posix.so.0//libpcre2-posix.so.0.0.0
  /usr/lib/julia/libpcre2-posix.so//libpcre2-posix.so.0.0.0
  /usr/lib/julia/libpcre2-8.so.0.2.0
  /usr/lib/julia/libpcre2-8.so.0//libpcre2-8.so.0.2.0
  /usr/lib/julia/libpcre2-8.so//libpcre2-8.so.0.2.0
pcre-8.38-0.x86_64
  /usr/lib/libpcre.a
  /usr/lib/libpcreposix.a
  /usr/lib/pkgconfig/libpcre.pc
  /usr/lib/pkgconfig/libpcrecpp.pc
  /usr/lib/pkgconfig/libpcreposix.pc
  /usr/lib/libpcre.so.1//libpcre.so.1.2.6
  /usr/lib/libpcre.so//libpcre.so.1.2.6
  /usr/lib/libpcrecpp.so//libpcrecpp.so.0.0.1
  /usr/lib/libpcrecpp.a
  /usr/lib/libpcreposix.so//libpcreposix.so.0.0.3
  /usr/lib/libpcrecpp.so.0.0.1
  /usr/lib/libpcreposix.so.0//libpcreposix.so.0.0.3
  /usr/lib/libpcrecpp.so.0//libpcrecpp.so.0.0.1
  /usr/lib/libpcreposix.so.0.0.3
  /usr/lib/libpcre.so.1.2.6
pcre_compat-1.0.0-0.x86_64
  /lib/libpcre.so.0//libpcre.so.0.0.1
  /lib/libpcre.so.0.0.1

@donald
julia: remove leftover RPATH from pcre shared libraries
afaf258 
https://github.com/JuliaLang/julia/issues/18106

Without this change the julia build system installed the
two pcre shared libraries /usr/lib/julia/libpcre2-8.so.0.2.0
and /usr/lib/julia/libpcre2-posix.so.0.0.0 with an RPATH
to a build directory (eg.
/dev/shm/bee-root/julia/julia-0.4.6-0/source/usr/lib) which is
a security problem if the build directory is in a public
writable temp space as is the case here.

The patch

--- a/deps/Makefile
+++ b/deps/Makefile
@@ -788,9 +788,6 @@ PCRE_OBJ_TARGET = $(build_shlibdir)/libpcre2-8.$(SHLIB_EXT)

 # Force optimization for PCRE flags (Issue #11668)
 PCRE_CFLAGS = -O3
-ifneq ($(OS),WINNT)
-PCRE_LDFLAGS = "-Wl,-rpath,'$(build_libdir)'"
-endif

 pcre2-$(PCRE_VER).tar.bz2:
        $(JLDOWNLOAD) $@ https://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre2-$(PCRE_VER).tar.bz2
--

fixed the problem only for one of the two libraries, as the RPATH of
the other one is also set by the pcre build system.
@donald
Copy link
Collaborator Author

donald commented Aug 18, 2016

I think we better leave it as self-contained as possible, so we don't end up with deviant behavior of the julia language, because of an unusual version of the pcre library.

@pmenzel pmenzel merged commit 2568584 into master Aug 18, 2016
@pmenzel pmenzel deleted the julia branch August 18, 2016 11:33
Sign in to join this conversation on GitHub.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@donald @thomas @pmenzel