Libraries linked to libunbound.so

Anand Buddhdev anandb at ripe.net
Fri Oct 19 16:06:15 UTC 2018


Hi Petr,

I can't answer for the unbound developers, but I have a couple of
hackish ideas:

1. For the daemon package, build it with static linking and enable the
systemd and dnstap options when building. Then package this as the
"unbound" package. Next, rebuild, with dynamic linking, and leave out
the systemd and dnstap options, and package the libraries as
"unbound-libs". The downside here is that it can be confusing.

2. Build unbound with dynamic linking. For the first build, disable
systemd and dnstap, and package the libraries as "unbound-libs". Next,
build it again, with systemd and dnstap enabled, and create two
packages: "unbound" and "unbound-libs-heavy", and make "unbound" depend
on "unbound-libs-heavy".

This way, other applications can just keep using the "light" library
package called "unbound-libs", but the daemon can depend on the heavy
libs package, and nothing else should need it. But the big downside here
is that there would be name conflicts. If "unbound-libs" is already
installed, and then later a user wants to install unbound, and that
wants the heavy libraries, then you can't install them into the same
place, so the library files would probaby have to be renamed.

Yuck. Having written this down, I see that option #2 is quite
complicated. Option #1 is simpler, because the daemon doesn't depend on
anything else.

Regards,
Anand

On 19/10/2018 17:34, Petr Mensik via Unbound-users wrote:
> Hi unbound users!
> 
> I am comaintainer of Fedora unbound package. I was considering enabling
> --enable-systemd and --enable-dnstap in our unbound. It is somehow
> invasive however. Our unbound package has library part (unbound-libs)
> and daemon package (unbound) separated. Daemon requires library package.
> Both systemd and dnstap are linked into library itself. But I think
> clients using unbound library cannot take any advantage from them.
> 
> I cannot find a reason why they should anyway. libunbound is popular for
> DNSSEC verification. That is great. But is there a simple way to unbound
> have only required dependencies like SSL, LZMA linked into? If I enable
> those features, every package linking libunbound will depend also on
> dnstap and systemd libraries. Is there any plan to move some libraries
> only to unbound daemon? Is there reason why it is the current way? How
> is it handled on other distributions?
> 
> Best Regards,
> Petr
> 



More information about the Unbound-users mailing list