Hey all, Please excuse the (minor) cross-post but I think the technical committee needs to find an answer and that answer then be set in policy.
We need to make a decision on how to properly handle multiple library
versions ending up linked into the same process. A few of the options
that I've heard, though they may not be the best, are:
- Implement versioned symbols
- May cause binary compatibility issues
- Doesn't follow LSB (I believe..)
- Could be difficult to do correctly
- Conflict between library versions
- Wouldn't allow valid setups where the versions aren't linked into
the same process
- Lots of packages would end up uninstallable for certain library
upgrades
- Don't implement versioned symbols
- Continue to have problems with multiple libraries being linked in
- No compatibility issues
At the moment some people have versioned their libraries in order to
fix the issue, potentially breaking compatibility and LSB. Other
people don't have versioned symbols which brings up the problems like
OpenSSL 0.9.6 and 0.9.7 being linked into the same process and
crashing ssh when using libnss-ldap or libpam-ldap.
At the moment I tend to think versioning the symbols is the 'right'
thing to do and we should push to get upstream, other distros and LSB
to do that too. I don't think leaving things the way they are is
acceptable.
Stephen
pgpqizYGlvta8.pgp
Description: PGP signature
