On pe, 26 maalis 2021, Charalampos Stratakis wrote:
Hi all. Some time ago there was a discussion from the Fedora Packaging Committee [0] about automatically disallowing the usage of RPATH in Fedora to bring it in-line with the packaging guidelines[1]. Essentially a package MUST remove the RPATH entry from its binaries and/or .so files if it is detected by the check-rpaths script [2] coming from the rpm-build package. However, the script was never run during rpmbuild so it was on the discretion of the packager if they'd check for it or not. The intention is to enable the check through redhat-rpm-config during the the invocation of %__os_install_post. An opt-out mechanism will be provided for cases where it's absolutely necessary. After an analysis of all the x86_64 packages, 92 fail to build due to an RPATH issue detected by the check-rpaths script [3]. Full list is provided bellow. Everything will be implemented through a Fedora change and all the packagers that their package has been affected by the preliminary analysis will be contacted first.
The logic for banning RPATH in the packaging guidelines operates terms like "usually smarter than" and "usually do not permit" but has very little to describe why this should be done. It also lacks clarity for the most common valid use of Rpath, namely, a plugin support for an application. For example, Samba has a number of internal libraries in /usr/lib64/samba which have to be linked to by any plugin built for Samba, even when it is provided by a different package. This situation is not described in the packaging guidelines and practically ignored. "Alternatives to Rpath" in this cases do not exist because adding custom configuration file into a system-wide dynamic linker configuration is the last thing you should do for this use case at all. It is interesting that the behavior of check-rpaths script also isn't really outlawing any plugin's Rpath use either so you don't see Samba or similar plugin-based applications in the list of affected packages. To me it looks like the packaging guidelines are incomplete and misleading and better be clarified with regards to Rpath use.
Thoughts and feedback are welcome. [0] https://pagure.io/packaging-committee/issue/886 [1] https://docs.fedoraproject.org/en-US/packaging-guidelines/#_beware_of_rpath [2] https://github.com/rpm-software-management/rpm/blob/6b21e736a3e47071b33ff7c34e5cfb5447997e18/scripts/check-rpaths-worker [3] https://copr.fedorainfracloud.org/coprs/cstratak/rpath/builds/ List of packages affected so far: Maintainers by package: Io-language limb NLopt besser82 SDL_image jwrdegoede limb moezroy WindowMaker sham1 abc brouhaha jjames somlo audiofile ajax alexl caillon caolanm limb rhughes rstrode ssp binutils aoliva jakub jankratochvil law mcermak nickc cfitsio orion sergiopr community-mysql hhorak ljavorsk mmuzila mschorm compat-guile18 jskarvad limb mlichvar tkorbar condor bbockelm bcotton eerlands matt matyas stevetraylen tstclair ttheisen valtri conky-manager moceap czmq denisarnaud jpo eb moceap petersen esc jmagne ettercap limb fcl rmattes thofmann fortune-mod sheltren shlomif freeradius cipherboy nkondras rharwood glib2 alexl caillon caolanm mbarnes mclasen rhughes rstrode rtcm ssp gnokii limb robert snirkel gpgme fkluknav ignatenkobrain isimluk rdieter gpick luya gupnp-dlna kalev zeenix hdf orion sagitter jq hguemar lon k3guitune dtimms kdebase3 jreznik kkofler rdieter than kdegames3 kkofler rdieter than kdepim3 jreznik ovasik rdieter than kicad avigne coremodule lkundrak stevenfalco tnorth koffice-kivio kkofler rdieter komparator nbecker laszip devrim neteler smani levmar aalvarez brouhaha libXcm cicku kwizart libburn cwickert fkluknav hhorak pcahyna robert libcommuni atim libdkimpp dfateyev libdxfrw hobbes1069 spot libeXosip2 nucleo libisoburn fkluknav hhorak robert libkkc ueno libminc ignatenkobrain liboping fab lkundrak libosip2 nucleo libprelude fab totol librfid kushal lutok jmmv mcpp kmatsui mef mingw-qt5-qt3d epienbro smani mingw-qt5-qtbase epienbro smani mingw-qt5-qtdeclarative epienbro smani mingw-qt5-qttools epienbro smani mod_wsgi jdornak jkaluza jorton lmacken mrunge mongo-c-driver remi ncview deji orion nightview lkundrak openjade ovasik openscap evgenyz isimluk jcerny matyc mmarhefk pvrabec vpolasek wsato pam_mount lupinix steve till pam_yubico nb ohaessler wzzrd perl-SDL jwrdegoede pinentry branto jjelen rdieter plotmm orphan python2.7 churchyard cstratak torsava vstinner qucs avigne jskarvad qwtpolar volter rarian nonamedotc rb_libtorrent fale mooninite rrdtool jskarvad scap-workbench evgenyz jcerny matyc mbarabas mlysonek mmarhefk pvrabec wsato scipy cstratak jspaleta nforro orion tomspur ttomecek sofia-sip orphan sqlite2 spot stp amdunn jjames suitesparse deji jkastner mjakubicek nphilipp orion sylfilter aarem texlive-base spot tracker amigadave deji garnacho ignatenkobrain mcrha rishi tracker-miners garnacho kalev rishi usnic-tools honli vanessa_logger hubbitus verbiste cicku icon tartare woff2 erack tpopela xbsql spot xdotool ohaessler orion slankes xeus qulogic xmms spot yaz cicku guidograzioli zinnia liangsuilong pwu zvbi buc jwrdegoede mchehab Packages by maintainer: aalvarez levmar aarem sylfilter ajax audiofile alexl audiofile glib2 amdunn stp amigadave tracker aoliva binutils atim libcommuni avigne kicad qucs bbockelm condor bcotton condor besser82 NLopt branto pinentry brouhaha abc levmar buc zvbi caillon audiofile glib2 caolanm audiofile glib2 churchyard python2.7 cicku libXcm verbiste yaz cipherboy freeradius coremodule kicad cstratak python2.7 scipy cwickert libburn deji ncview suitesparse tracker denisarnaud czmq devrim laszip dfateyev libdkimpp dtimms k3guitune eerlands condor epienbro mingw-qt5-qt3d mingw-qt5-qtbase mingw-qt5-qtdeclarative mingw-qt5-qttools erack woff2 evgenyz openscap scap-workbench fab liboping libprelude fale rb_libtorrent fkluknav gpgme libburn libisoburn garnacho tracker tracker-miners guidograzioli yaz hguemar jq hhorak community-mysql libburn libisoburn hobbes1069 libdxfrw honli usnic-tools hubbitus vanessa_logger icon verbiste ignatenkobrain gpgme libminc tracker isimluk gpgme openscap jakub binutils jankratochvil binutils jcerny openscap scap-workbench jdornak mod_wsgi jjames abc stp jjelen pinentry jkaluza mod_wsgi jkastner suitesparse jmagne esc jmmv lutok jorton mod_wsgi jpo czmq jreznik kdebase3 kdepim3 jskarvad compat-guile18 qucs rrdtool jspaleta scipy jwrdegoede SDL_image perl-SDL zvbi kalev gupnp-dlna tracker-miners kkofler kdebase3 kdegames3 koffice-kivio kmatsui mcpp kushal librfid kwizart libXcm law binutils liangsuilong zinnia limb Io-language SDL_image audiofile compat-guile18 ettercap gnokii ljavorsk community-mysql lkundrak kicad liboping nightview lmacken mod_wsgi lon jq lupinix pam_mount luya gpick matt condor matyas condor matyc openscap scap-workbench mbarabas scap-workbench mbarnes glib2 mcermak binutils mchehab zvbi mclasen glib2 mcrha tracker mef mcpp mjakubicek suitesparse mlichvar compat-guile18 mlysonek scap-workbench mmarhefk openscap scap-workbench mmuzila community-mysql moceap conky-manager eb moezroy SDL_image mooninite rb_libtorrent mrunge mod_wsgi mschorm community-mysql nb pam_yubico nbecker komparator neteler laszip nforro scipy nickc binutils nkondras freeradius nonamedotc rarian nphilipp suitesparse nucleo libeXosip2 libosip2 ohaessler pam_yubico xdotool orion cfitsio hdf ncview scipy suitesparse xdotool orphan plotmm sofia-sip ovasik kdepim3 openjade pcahyna libburn petersen eb pvrabec openscap scap-workbench pwu zinnia qulogic xeus rdieter gpgme kdebase3 kdegames3 kdepim3 koffice-kivio pinentry remi mongo-c-driver rharwood freeradius rhughes audiofile glib2 rishi tracker tracker-miners rmattes fcl robert gnokii libburn libisoburn rstrode audiofile glib2 rtcm glib2 sagitter hdf sergiopr cfitsio sham1 WindowMaker sheltren fortune-mod shlomif fortune-mod slankes xdotool smani laszip mingw-qt5-qt3d mingw-qt5-qtbase mingw-qt5-qtdeclarative mingw-qt5-qttools snirkel gnokii somlo abc spot libdxfrw sqlite2 texlive-base xbsql xmms ssp audiofile glib2 steve pam_mount stevenfalco kicad stevetraylen condor tartare verbiste than kdebase3 kdegames3 kdepim3 thofmann fcl till pam_mount tkorbar compat-guile18 tnorth kicad tomspur scipy torsava python2.7 totol libprelude tpopela woff2 tstclair condor ttheisen condor ttomecek scipy ueno libkkc valtri condor volter qwtpolar vpolasek openscap vstinner python2.7 wsato openscap scap-workbench wzzrd pam_yubico zeenix gupnp-dlna -- Regards, Charalampos Stratakis Software Engineer Python Maintenance Team, Red Hat _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
-- / Alexander Bokovoy Sr. Principal Software Engineer Security / Identity Management Engineering Red Hat Limited, Finland _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure