Log In  
Log In  

Hi there!

I'm the maintainer of the ArchLinux "pico-8" AUR package. In short, I wrote a script which installs .zip releases of PICO-8, provided by the user.

When building the package, I found out that the "pico8" binary of both Linux releases (and the Raspberry Pi one too) have an hardcoded RPATH value of "/usr/local/lib".

Here's the first results of the "readelf" command on the "pico8" amd64 binary.

$ readelf -d pico8

Dynamic section at offset 0x1e0dd8 contains 29 entries:
  Tag        Type                         Name/Value
 0x0000000000000001 (NEEDED)             Shared library: [libm.so.6]
 0x0000000000000001 (NEEDED)             Shared library: [libdl.so.2]
 0x0000000000000001 (NEEDED)             Shared library: [libpthread.so.0]
 0x0000000000000001 (NEEDED)             Shared library: [librt.so.1]
 0x0000000000000001 (NEEDED)             Shared library: [libc.so.6]
 0x000000000000000f (RPATH)              Library rpath: [/usr/local/lib]

It means the binary looks for lib files in this directory before anywhere else. This is not a huge issue, as ArchLinux do not use this directory normally, but as this directory is meant for system-wide libraries installed by the user, a conflict could occur if the user would install there their own version of glibc (or malicious software there).

A simple fix would be to delete the RPATH from the binary using "chrpath" or "patchelf" commands, after the build, but before the release.

P#29296 2016-09-24 14:21 ( Edited 2016-10-08 03:07)

Been following @scottmada's work on the AUR; great stuff, super responsive!

@zep this is a great fix!

P#29438 2016-09-26 15:59 ( Edited 2016-09-26 19:59)
:: zep

Interesting. It seems that sdl2-config adds this by default. On my build machine, "sdl2-config --libs" gives:

-L/usr/local/lib -Wl,-rpath,/usr/local/lib -lSDL2

I can't see why it needs to be there though. I've removed it for 0.1.9b, and will see what happens :)

P#30080 2016-10-05 16:49 ( Edited 2016-10-05 20:49)

@zep SDL adds the rpath flag by default; it’s a really questionable decision (I maintain SDL in Debian and we disabled that feature 14 years ago, lol). If you build your own version of the library, I suggest configuring it with --disable-rpath; otherwise I suggest asking your distro maintainers to consider removing it.

P#30086 2016-10-05 18:23 ( Edited 2016-10-05 22:23)

@zep, thanks for fix!

P#30220 2016-10-07 14:23 ( Edited 2016-10-07 18:23)
:: dw817

Offers a Teddy Bear for RPath.


P#30257 2016-10-07 23:07 ( Edited 2016-10-08 03:19)

[Please log in to post a comment]

About | Contact | Updates | Terms of Use
Follow Lexaloffle:        
Generated 2019-01-21 17:50 | 0.030s | 2097k | Q:30