glibc, read-only sources, and static linking
bet at rahul.net
Wed Oct 20 10:43:21 PDT 2004
2004-10-20T17:32:08 Matthew Burgess:
> [ Bennett doesn't like shared libs ]
> Well, if one of your libs is used in more than one place and that
> lib has a security vulnerability you lose the only other advantage
> of shared libs that I know of - because it's shared, you only have
> to upgrade the one lib.
A very good point. Right now, I've only got about 150 packages, a
full recompile of the whole schmeer takes only a couple of hours on
a quick box, so I've really not had to deal with it.
The next thing I'm going to be working on is automated dependency
tracking, focusing on built-time dependency documentation, since
there's where the majority of my inter-package dependencies live.
(I'm planning on analyzing the output of strace -efile as a first
So I'm expecting to be able to
grep -l openssl /var/lib/bpm/*/depends | \
xargs -l dirname | \
xargs -l bpmbuild
to cope with the routine example of this problem.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: not available
More information about the hlfs-dev