On Sat, May 08, 2021 at 12:44:32PM +0100, Richard W.M. Jones wrote:
Some random questions about this:
- How many existing packages are affected? Can this be analyzed and
the maintainers notified?
- If I want to analyze my own packages to see if they contain
rpaths, is it sufficient to run this?
chrpath --list --keepgoing <binaries> <sofiles> | grep RUNPATH
I ran that on /usr/lib64 and found samba seems to use
RUNPATH=/usr/lib64/samba
It's possible to use rpminspect to check RPATH and RUNPATH values. A
run I did on a number of packages a few months ago showed we have (or
had) lots of things with /builddir RPATH values.
In the case of Samba, /usr/lib64/samba can be allowed by adding that
to the allowed list in an rpminspect.yaml file locally.
Thanks,
--
David Cantrell <dcantrell(a)redhat.com>
Red Hat, Inc. | Boston, MA | EST5EDT