Maintained by: NLnet Labs

[Unbound-users] Unbound release 1.4.12

lst_hoe02 at kwsoft.de
Tue Jul 19 11:51:04 CEST 2011


Zitat von "W.C.A. Wijngaards" <wouter at NLnetLabs.nl>:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 07/18/2011 10:00 PM, Juergen Daubert wrote:
>> On Mon, Jul 18, 2011 at 05:19:35PM +0200, Gábor Lénárt wrote:
>>
>> [...]
>>
>>> However, I am still having problems to get the "old behaviour". How can I
>>> compile unbound to link against libldns statically? I couldn't figure out
>>> without ugly hacks (see my previous mail), it seems even
>>> "--enable-static-exe" does not work (and also it sounds a bit "dangerous"
>>> when help of the configure script talks about "for debug purposes"), ldns
>>> is still linked dynamically, at least output of ldd on unbound binary
>>> shows libldns too.
>>
>> Build but _not_ install ldns <somewhere> with the configure option
>> --disable-shared. After that configure unbound to use your just built
>> ldns with --with-ldsn=<somewhere>, thats all ;)
>
> Yes that is a way to install from source:
>    get ldns; unpack, ./configure --disable-shared; make
>    get unbound; unpack, ./configure --with-ldns=theldnsbuilddir; make
> This results in a static link to the ldns library.  Unbound can use the
> ldns compile build directory directly, you do not have to install the
> ldns you link to.
> (If you want to static link to libevent, do the same for libevent).
>
> - --enable-static-exe gives -static to gcc at the link stage.
>
> Unbound reports the linked ldns library when you do unbound -h
> it also reports libcrypto version and libevent version.
>
> Because unbound uses a small part of ldns (when on verbosity lower than
> 4, because then it prints packets with ldns), it is not particularly
> sensitive to updates in ldns; apart from features (e.g. GOST support).
>
> The builtin ldns tarball had three history milestones
> 1 builtin tarball used if no systemlib or systemlib too old.
> 2 builtin tarball used only if expressly specified
> 3 no tarball
>
> - From what I understand in this thread, there are (linux-)package
> maintainers, that prefer to not have a tarball inside unbound.  Because
> they use dynamic libraries and are scared it may mess up their careful
> dependency management in the package system.  There are source-users, on
> debian-stable, ubuntu-LTS, that want a security-updated unbound (like,
> its latest release), and want to do so outside of the (very old)
> packages for that system, and thus want to keep this unbound-only ldns
> library outside of the package system (static link, in /opt/local, ...).
> BSD ports maintainers have not voiced an opinion.
>
> What would help here is a feature that helps non-package installs
> without frustrating package maintainers.  But I do not know what that
> would be.

I would vote for 2 so the built-in ldns is only used if explicitly  
asked for. Thsi way no package maintainer should get in trouble and  
those who find it useful can still compile unbound as before.

Many Thanks

Andreas