BIND 9.4.1-P1 compilation settings.

vincent.blondel at ing.be vincent.blondel at ing.be
Sun Oct 7 12:19:42 UTC 2007 

Hello all,

Sorry for this delayed answer but we got lots of work this week and did
not have the time to answer.

So for my little problem I finally found a solution ( I think so .. ). 

First of all concerning the 'Killed' message I always got when compiling
as root with my build script I noticed these lines are not well
appreciated and caused the problem ..

   INSTALL="/usr/local/bin/install -c -o bin -g bin"
   INSTALL_DATA="/usr/local/bin/install  -o bin -g bin -m 444"
   INSTALL_PROGRAM="/usr/local/bin/install  -s -o bin -g bin -m 555"
   INSTALL_SCRIPT="/usr/local/bin/install  -o bin -g bin -m 555"

I do not know why this is causing problem but anyway I made many many
compilatons tests and since I removed these entries problem completely
disappeared.

Concerning the problem with compiling some static and other ones dynamic
libraries in the same compilation binary I also finally found a
workaround. I copied /usr/local/ssl directory in my home directory by
removing all *.so libraries. I also moved /usr/local/ssl into
/usr/local/ssl.old to let disappear the presence of all crypto dynamic
libraries. I finally updated my compilation script by 

 * removing all bind dynamic libraries : '--disable-shared'
 * enabling crypto with '--with-openssl=/ING/HOME/u7206160/ssl'
 * setting variable LDFLAGS="-L/ING/HOME/u7206160/ssl/lib/libssl.a
-L/ING/HOME/u7206160/ssl/lib/libcrypto.a"

This is the complete script

/usr/bin/env  \
    CC="/usr/local/bin/cc"  \
    CXX="/usr/local/bin/c++"   \
    CFLAGS="-O2 -pipe" \
    LDFLAGS="-L/ING/HOME/u7206160/ssl/lib/libssl.a
-L/ING/HOME/u7206160/ssl/lib/libcrypto.a"  \
    AUTOCONF="/usr/local/bin/autoconf" \
    AUTOHEADER="/usr/local/bin/autoheader"  \
    AUTOIFNAMES="/usr/local/bin/ifnames" \
    AUTOM4TE="/usr/local/bin/autom4te" \
    AUTORECONF="/usr/local/bin/autoreconf" \
    AUTOSCAN="/usr/local/bin/autoscan" \
    AUTOUPDATE="/usr/local/bin/autoupdate"  \
    SHELL=/bin/sh  \
    CONFIG_SHELL=/bin/sh  \
    ./configure --prefix=$PREFIX --sysconfdir=/etc/named
--localstatedir=/var \
                --disable-shared --disable-ipv6 --disable-linux-caps \
                --with-openssl=/ING/HOME/u7206160/ssl --enable-threads
make
make install

and now I get 'I hope so' requested result :

165156 1976 -rwxr-xr-x   1 root     other     2012428 Oct  7 11:25
/usr/local/bin/dig
165157 1968 -rwxr-xr-x   1 root     other     2000116 Oct  7 11:25
/usr/local/bin/host
165158 1968 -rwxr-xr-x   1 root     other     2000776 Oct  7 11:25
/usr/local/bin/nslookup
165161 1936 -rwxr-xr-x   1 root     other     1969420 Oct  7 11:25
/usr/local/bin/nsupdate
165166    3 -rwxr-xr-x   1 root     other        2989 Oct  7 11:25
/usr/local/bin/isc-config.sh
132124 2368 -rwxr-xr-x   2 root     other     2412404 Oct  7 11:25
/usr/local/sbin/named
132124 2368 -rwxr-xr-x   2 root     other     2412404 Oct  7 11:25
/usr/local/sbin/lwresd
132125  376 -rwxr-xr-x   1 root     other      370476 Oct  7 11:25
/usr/local/sbin/rndc
132126  920 -rwxr-xr-x   1 root     other      925968 Oct  7 11:25
/usr/local/sbin/rndc-confgen
132127  944 -rwxr-xr-x   1 root     other      955592 Oct  7 11:25
/usr/local/sbin/dnssec-keygen
132128 1928 -rwxr-xr-x   1 root     other     1959452 Oct  7 11:25
/usr/local/sbin/dnssec-signzone
132129 1976 -rwxr-xr-x   1 root     other     2014148 Oct  7 11:25
/usr/local/sbin/named-checkconf
132130 1896 -rwxr-xr-x   1 root     other     1931108 Oct  7 11:25
/usr/local/sbin/named-checkzone
132131    1 lrwxrwxrwx   1 root     other          15 Oct  7 11:25
/usr/local/sbin/named-compilezone -> named-checkzone
165100  472 -rw-r--r--   1 root     other      467554 Oct  7 11:25
/usr/local/lib/libisc.a
165101   38 -rw-r--r--   1 root     other       38556 Oct  7 11:25
/usr/local/lib/libisccc.a
165148 2104 -rw-r--r--   1 root     other     2145090 Oct  7 11:25
/usr/local/lib/libdns.a
165149   96 -rw-r--r--   1 root     other       97880 Oct  7 11:25
/usr/local/lib/libisccfg.a
165150   40 -rw-r--r--   1 root     other       40710 Oct  7 11:25
/usr/local/lib/libbind9.a
165151   94 -rw-r--r--   1 root     other       95900 Oct  7 11:25
/usr/local/lib/liblwres.a

u7206160 at wbedskaa ()$ [/ING/HOME/u7206160/gnu/bind] # ldd
/usr/local/sbin/dnssec-signzone
        libdl.so.1 =>    /lib/libdl.so.1
        libnsl.so.1 =>   /lib/libnsl.so.1
        libsocket.so.1 =>        /lib/libsocket.so.1
        libpthread.so.1 =>       /lib/libpthread.so.1
        libthread.so.1 =>        /lib/libthread.so.1
        libc.so.1 =>     /lib/libc.so.1
        libmp.so.2 =>    /lib/libmp.so.2
        /usr/platform/SUNW,Sun-Blade-100/lib/libc_psr.so.1

Now, I already made some tests. BIND is working on my Sun-Blade-100 and
on my dev server Sun-Fire-V210. This is all running fine but what can I
do to check my binaries are well ssl compliant ( in other words both
libssl.a and libcrypto.a are really included in the compiled binary ?? )

Thanks to help me ??

Regards
Vincent.

-----Original Message-----
From: Jim Reid [mailto:jim at rfc1035.com] 
Sent: Sunday, September 30, 2007 10:48 AM
To: Blondel, V. (Vincent)
Subject: Re: BIND 9.4.1-P1 compilation settings.

On Sep 27, 2007, at 07:36, <vincent.blondel at ing.be>  
<vincent.blondel at ing.be> wrote:

> How can I compile statically binaries ... is this the right way ???
>
>
>    --enable-shared=no --enable-static=yes
> --with-openssl=/usr/local/ssl/lib

No. At least not for you. Your problem is unusual: you need a  
specific and rather strange combination of static and dynamic liked  
libraries. This is beyond the capabilities of gnu configure unless  
someone invests a huge amount of effort to make it handle your  
peculiar situation.

What you need to do is edit the Makefiles configure produces. Replace  
the -lssh and -lcrypto references with the explicit pathnames of the  
libraries (static or dynamic) that you want to use.

Consult the list archives for more details. Someone had a related  
problem to yours with MacOSX. Its linker always used the Apple  
supplied versions instead of the locally installed ones, no matter  
what the mumbo-jumbo got fed to configure (=> command line options to  
ld) got used. The archives contain a 5-6 line sed script to make the  
required changes. Adapting that for your needs will be trivial.


This reply is for you. It is not to be rebroadcast on any mailing  
list, blog, newsgroup or web site. Don't send any replies to this  
message to bind-users or any other list/newsgroup.
-----------------------------------------------------------------
ATTENTION:
The information in this electronic mail message is private and
confidential, and only intended for the addressee. Should you
receive this message by mistake, you are hereby notified that
any disclosure, reproduction, distribution or use of this
message is strictly prohibited. Please inform the sender by
reply transmission and delete the message without copying or
opening it.

Messages and attachments are scanned for all viruses known.
If this message contains password-protected attachments, the
files have NOT been scanned for viruses by the ING mail domain.
Always scan attachments before opening them.
-----------------------------------------------------------------

More information about the bind-users mailing list