[Unbound-users] Unbound release 1.4.12

W.C.A. Wijngaards wouter at NLnetLabs.nl
Tue Jul 19 08:24:32 UTC 2011

Hash: SHA1

On 07/18/2011 10:00 PM, Juergen Daubert wrote:
> On Mon, Jul 18, 2011 at 05:19:35PM +0200, Gábor Lénárt wrote:
> [...]
>> However, I am still having problems to get the "old behaviour". How can I
>> compile unbound to link against libldns statically? I couldn't figure out
>> without ugly hacks (see my previous mail), it seems even
>> "--enable-static-exe" does not work (and also it sounds a bit "dangerous"
>> when help of the configure script talks about "for debug purposes"), ldns
>> is still linked dynamically, at least output of ldd on unbound binary
>> shows libldns too.
> Build but _not_ install ldns <somewhere> with the configure option 
> --disable-shared. After that configure unbound to use your just built 
> ldns with --with-ldsn=<somewhere>, thats all ;)

Yes that is a way to install from source:
   get ldns; unpack, ./configure --disable-shared; make
   get unbound; unpack, ./configure --with-ldns=theldnsbuilddir; make
This results in a static link to the ldns library.  Unbound can use the
ldns compile build directory directly, you do not have to install the
ldns you link to.
(If you want to static link to libevent, do the same for libevent).

- --enable-static-exe gives -static to gcc at the link stage.

Unbound reports the linked ldns library when you do unbound -h
it also reports libcrypto version and libevent version.

Because unbound uses a small part of ldns (when on verbosity lower than
4, because then it prints packets with ldns), it is not particularly
sensitive to updates in ldns; apart from features (e.g. GOST support).

The builtin ldns tarball had three history milestones
1 builtin tarball used if no systemlib or systemlib too old.
2 builtin tarball used only if expressly specified
3 no tarball

- From what I understand in this thread, there are (linux-)package
maintainers, that prefer to not have a tarball inside unbound.  Because
they use dynamic libraries and are scared it may mess up their careful
dependency management in the package system.  There are source-users, on
debian-stable, ubuntu-LTS, that want a security-updated unbound (like,
its latest release), and want to do so outside of the (very old)
packages for that system, and thus want to keep this unbound-only ldns
library outside of the package system (static link, in /opt/local, ...).
BSD ports maintainers have not voiced an opinion.

What would help here is a feature that helps non-package installs
without frustrating package maintainers.  But I do not know what that
would be.

Best regards,
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/


More information about the Unbound-users mailing list