From: Alyssa Ross <hi@alyssa.is>
To: James Carter <jwcart2@gmail.com>
Cc: selinux@vger.kernel.org, Petr Lautrbach <lautrbach@redhat.com>,
Nicolas Iooss <nicolas.iooss@m4x.org>,
Daniel Burgener <dburgener@linux.microsoft.com>,
Dan Walsh <dwalsh@redhat.com>,
eparis@redhat.com
Subject: Re: [PATCH 2/2] policycoreutils: use pkg-config for libsemanage
Date: Fri, 27 Jun 2025 17:04:51 +0200 [thread overview]
Message-ID: <877c0xfcoc.fsf@alyssa.is> (raw)
In-Reply-To: <CAP+JOzTCEYA0x11_XP+8=O4Yixh7UgpO+JhRPRz_jutfL_-GMQ@mail.gmail.com>
[-- Attachment #1: Type: text/plain, Size: 3068 bytes --]
James Carter <jwcart2@gmail.com> writes:
> On Wed, Jun 25, 2025 at 6:41 AM Alyssa Ross <hi@alyssa.is> wrote:
>>
>> libaudit and libbz2 are only required to be in the linker path for
>> static builds. For dynamic builds, they'll be discovered through ELF
>> metadata. pkg-config knows how to do the right thing in both cases,
>> so just use it rather than listing libsemanage's dependencies
>> manually.
>>
>> Fixes: da6cd3d8 ("Support static-only builds")
>> Closes: https://lore.kernel.org/r/87bjqebpre.fsf@redhat.com
>> Signed-off-by: Alyssa Ross <hi@alyssa.is>
>> ---
>> policycoreutils/Makefile | 3 ++-
>> policycoreutils/semodule/Makefile | 3 +--
>> policycoreutils/setsebool/Makefile | 3 +--
>> 3 files changed, 4 insertions(+), 5 deletions(-)
>>
>> diff --git a/policycoreutils/Makefile b/policycoreutils/Makefile
>> index 7acd51dd..0f3d62f2 100644
>> --- a/policycoreutils/Makefile
>> +++ b/policycoreutils/Makefile
>> @@ -3,7 +3,8 @@ SUBDIRS = setfiles load_policy newrole run_init secon sestatus semodule setseboo
>> PKG_CONFIG ?= pkg-config
>>
>> LIBSELINUX_LDLIBS := $(shell $(PKG_CONFIG) --libs libselinux)
>> -export LIBSELINUX_LDLIBS
>> +LIBSEMANAGE_LDLIBS := $(shell $(PKG_CONFIG) --libs libsemanage)
>> +export LIBSELINUX_LDLIBS LIBSEMANAGE_LDLIBS
>>
>
> I think that we actually want something like:
> ifeq ($(DISABLE_SHARED),y)
> LIBSELINUX_LDLIBS := $(shell PKG_CONFIG_PATH=../libselinux/src
> $(PKG_CONFIG) --libs libselinux --static)
> LIBSEMANAGE_LDLIBS := $(shell PKG_CONFIG_PATH=../libsemanage/src
> $(PKG_CONFIG) --libs libsemanage --static)
> else
> LIBSELINUX_LDLIBS := $(shell PKG_CONFIG_PATH=../libselinux/src
> $(PKG_CONFIG) --libs libselinux)
> LIBSEMANAGE_LDLIBS := $(shell PKG_CONFIG_PATH=../libsemanage/src
> $(PKG_CONFIG) --libs libsemanage)
> endif
> As originally written, it is going to find the installed libselinux.pc
> and libsemanage.pc files which are not going to reflect any changes
> made to these files in the current build (I noticed this because your
> patch does make changes).
I see. It hadn't occurred to me that selinux userspace supported being
built all at once like this; I'd only seen all the components built
individually, which is evidently also what Petr is doing. Your proposed
solution wouldn't be compatible with different components being
installed to different prefixes, which is how we do it in Nixpkgs, where
every package is installed to a unique prefix.
> Also, I believe that "--static" is needed to generate the right libs
> for a static build.
I /think/ it's generally expected that if you want static builds you set
e.g. PKG_CONFIG="pkg-config --static". For example, a quick look at the
pkg-config autoconf macros tells me that they don't try to detect
whether to pass it or not, and in Nixpkgs we inject --static for static
builds. Your proposal would also be a change in the meaning of
DISABLE_SHARED, which until now hasn't changed how anything is built,
just disabled things.
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 227 bytes --]
next prev parent reply other threads:[~2025-06-27 15:04 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-02-11 21:16 [PATCH v3] Support static-only builds Alyssa Ross
2025-02-11 22:11 ` Daniel Burgener
2025-02-12 9:16 ` Alyssa Ross
2025-02-12 15:11 ` Daniel Burgener
2025-02-12 16:11 ` Daniel Burgener
2025-02-13 11:48 ` Alyssa Ross
2025-03-31 15:38 ` James Carter
2025-04-07 18:04 ` James Carter
2025-06-23 12:34 ` [PATCH v3] Support static-only builds - unconditional `-laudit -lbz2` in non-static policycoreutils build Petr Lautrbach
2025-06-25 10:41 ` [PATCH 1/2] libsemanage: add missing libaudit private library Alyssa Ross
2025-06-25 10:41 ` [PATCH 2/2] policycoreutils: use pkg-config for libsemanage Alyssa Ross
2025-06-26 16:54 ` James Carter
2025-06-27 15:04 ` Alyssa Ross [this message]
2025-06-27 18:07 ` James Carter
2025-06-28 8:37 ` Alyssa Ross
2025-07-01 15:12 ` James Carter
2025-07-01 15:12 ` [PATCH 1/2] libsemanage: add missing libaudit private library James Carter
2025-07-02 17:34 ` James Carter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=877c0xfcoc.fsf@alyssa.is \
--to=hi@alyssa.is \
--cc=dburgener@linux.microsoft.com \
--cc=dwalsh@redhat.com \
--cc=eparis@redhat.com \
--cc=jwcart2@gmail.com \
--cc=lautrbach@redhat.com \
--cc=nicolas.iooss@m4x.org \
--cc=selinux@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.