Libraries linked to libunbound.so

[Robert Edmonds]

Petr Mensik via Unbound-users wrote:
> I am comaintainer of Fedora unbound package. I was considering enabling
> --enable-systemd and --enable-dnstap in our unbound. It is somehow
> invasive however. Our unbound package has library part (unbound-libs)
> and daemon package (unbound) separated. Daemon requires library package.
> Both systemd and dnstap are linked into library itself. But I think
> clients using unbound library cannot take any advantage from them.
> 
> I cannot find a reason why they should anyway. libunbound is popular for
> DNSSEC verification. That is great. But is there a simple way to unbound
> have only required dependencies like SSL, LZMA linked into? If I enable
> those features, every package linking libunbound will depend also on
> dnstap and systemd libraries. Is there any plan to move some libraries
> only to unbound daemon? Is there reason why it is the current way? How
> is it handled on other distributions?

The unbound daemon binary itself actually does not dynamically link
against libunbound. The libunbound library is needed for the
unbound-anchor and unbound-host utilities.

What I do in the Debian package is perform multiple builds. One build is
for the unbound daemon and enables dnstap and other features. The
libunbound artifacts from this build are discarded (if there were a
--without-libunbound option I would use it for this build). Another
build is for the library itself (configure --with-libunbound-only)
without the extra add-ons.

This allows libunbound, unbound-anchor, and unbound-host to avoid the
extra dependencies required by dnstap. Only the "unbound" package that
contains the daemon has the extra dnstap dependencies.

-- 
Robert Edmonds
edmonds at debian.org