NOTES.UNIX 4.0 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091
  1. NOTES FOR UNIX LIKE PLATFORMS
  2. =============================
  3. For Unix/POSIX runtime systems on Windows, please see NOTES.WIN.
  4. OpenSSL uses the compiler to link programs and shared libraries
  5. ---------------------------------------------------------------
  6. OpenSSL's generated Makefile uses the C compiler command line to
  7. link programs, shared libraries and dynamically loadable shared
  8. objects. Because of this, any linking option that's given to the
  9. configuration scripts MUST be in a form that the compiler can accept.
  10. This varies between systems, where some have compilers that accept
  11. linker flags directly, while others take them in '-Wl,' form. You need
  12. to read your compiler documentation to figure out what is acceptable,
  13. and ld(1) to figure out what linker options are available.
  14. Shared libraries and installation in non-default locations
  15. ----------------------------------------------------------
  16. Every Unix system has its own set of default locations for shared
  17. libraries, such as /lib, /usr/lib or possibly /usr/local/lib. If
  18. libraries are installed in non-default locations, dynamically linked
  19. binaries will not find them and therefore fail to run unless they get a
  20. bit of help from a defined runtime shared library search path.
  21. For OpenSSL's application (the 'openssl' command), our configuration
  22. scripts do NOT generally set the runtime shared library search path for
  23. you. It's therefore advisable to set it explicitly when configuring
  24. unless the libraries are to be installed in directories that you know
  25. to be in the default list.
  26. Runtime shared library search paths are specified with different
  27. linking options depending on operating system and versions thereof, and
  28. are talked about differently in their respective documentation;
  29. variations of RPATH are the most usual (note: ELF systems have two such
  30. tags, more on that below).
  31. Possible options to set the runtime shared library search path include
  32. the following:
  33. -Wl,-rpath,/whatever/path
  34. -R /whatever/path
  35. -rpath /whatever/path
  36. OpenSSL's configuration scripts recognise all these options and pass
  37. them to the Makefile that they build. (In fact, it recognises anything
  38. starting with '-Wl,' as a linker option, so for example, HP-UX'
  39. '-Wl,+b,/whatever/path' would be used correctly)
  40. Please do not use verbatim directories in your runtime shared library
  41. search path! Some OpenSSL config targets add an extra directory level
  42. for multilib installations. To help with that, the produced Makefile
  43. includes the variable LIBRPATH, which is a convenience variable to be
  44. used with the runtime shared library search path options, as shown in
  45. this example:
  46. $ ./config --prefix=/usr/local/ssl --openssldir=/usr/local/ssl \
  47. '-Wl,-rpath,$(LIBRPATH)'
  48. On modern ELF based systems, there are two runtime search paths tags to
  49. consider, DT_RPATH and DT_RUNPATH. Shared objects are searched for in
  50. this order:
  51. 1. Using directories specified in DT_RPATH, unless DT_RUNPATH is
  52. also set.
  53. 2. Using the environment variable LD_LIBRARY_PATH
  54. 3. Using directories specified in DT_RUNPATH.
  55. 4. Using system shared object caches and default directories.
  56. This means that the values in the environment variable LD_LIBRARY_PATH
  57. won't matter if the library is found in the paths given by DT_RPATH
  58. (and DT_RUNPATH isn't set).
  59. Exactly which of DT_RPATH or DT_RUNPATH is set by default appears to
  60. depend on the system. For example, according to documentation,
  61. DT_RPATH appears to be deprecated on Solaris in favor of DT_RUNPATH,
  62. while on Debian GNU/Linux, either can be set, and DT_RPATH is the
  63. default at the time of writing.
  64. How to choose which runtime search path tag is to be set depends on
  65. your system, please refer to ld(1) for the exact information on your
  66. system. As an example, the way to ensure the DT_RUNPATH is set on
  67. Debian GNU/Linux systems rather than DT_RPATH is to tell the linker to
  68. set new dtags, like this:
  69. $ ./config --prefix=/usr/local/ssl --openssldir=/usr/local/ssl \
  70. '-Wl,--enable-new-dtags,-rpath,$(LIBRPATH)'