sudo and changes in packaging guidelines

Richard W.M. Jones rjones at redhat.com
Fri Apr 13 21:05:47 UTC 2012 

On Fri, Apr 13, 2012 at 04:36:07PM -0400, Adam Jackson wrote:
> On 4/13/12 3:19 PM, Richard W.M. Jones wrote:
> >On Fri, Apr 13, 2012 at 10:47:00AM -0700, Toshio Kuratomi wrote:
> >>Although (since I know Rich works on OCaml stuff) since OCaml is compiled to
> >>C before being compiled to object code, this section might still apply.
> >
> >OCaml isn't compiled to C, it's compiled direct to machine code.
> >
> >The OCaml native code compiler supports -fPIC output.  I'm not quite
> >sure if PIE is just PIC applied to the main program, or if there is
> >some other magic it does.
> 
> PIE produces a position independent executable.  This is not the
> same thing as an executable that just happens to have been linked
> together from PIC code.  It's more like a DSO that happens to have a
> main() function.

As usual I'm being dumb, but I still don't understand the difference.

Anyhow we're not quite there with OCaml:

  $ echo 'print_endline "hello"' > foo.ml

  $ ocamlopt -fPIC foo.ml
  $ readelf -d a.out | grep TEXTREL         # [1]

  $ ocamlopt -fPIC -cclib -pie foo.ml
  /usr/bin/ld: /usr/lib64/ocaml/libasmrun.a(roots.o): relocation R_X86_64_32S against `caml_frametable' can not be used when making a shared object; recompile with -fPIC
  /usr/lib64/ocaml/libasmrun.a: could not read symbols: Bad value
  collect2: error: ld returned 1 exit status
  File "caml_startup", line 1, characters 0-1:
  Error: Error during linking

That static library includes the garbage collector.  I have a
non-upstream patch which makes the runtime into a shared library, and
it's probably a good time to look at that again.

Is there anything else apart from passing -fPIC to the compiler and
-pie to the linker which needs to be done to make a PIE executable?

Rich.

[1] http://www.linuxfromscratch.org/~manuel/hlfs-book/glibc-2.4/chapter02/pie.html

-- 
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
virt-df lists disk usage of guests without needing to install any
software inside the virtual machine.  Supports Linux and Windows.
http://et.redhat.com/~rjones/virt-df/

More information about the devel mailing list