glibc, read-only sources, and static linking

Bennett Todd bet at rahul.net
Wed Oct 20 10:43:21 PDT 2004


2004-10-20T17:32:08 Matthew Burgess:
> [ Bennett doesn't like shared libs ]
> 
> Well, if one of your libs is used in more than one place and that
> lib has a security vulnerability you lose the only other advantage
> of shared libs that I know of - because it's shared, you only have
> to upgrade the one lib.

A very good point. Right now, I've only got about 150 packages, a
full recompile of the whole schmeer takes only a couple of hours on
a quick box, so I've really not had to deal with it.

The next thing I'm going to be working on is automated dependency
tracking, focusing on built-time dependency documentation, since
there's where the majority of my inter-package dependencies live.
(I'm planning on analyzing the output of strace -efile as a first
cut).

So I'm expecting to be able to

	grep -l openssl /var/lib/bpm/*/depends | \
		xargs -l dirname | \
		xargs -l bpmbuild

to cope with the routine example of this problem.

-Bennett
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.linuxfromscratch.org/pipermail/hlfs-dev/attachments/20041020/6048406b/attachment.sig>


More information about the hlfs-dev mailing list