search

kravietz / pam_tacplus

TACACS+ protocol client library and PAM module in C. This PAM module support authentication, authorization (account management) and accounting (session management)performed using TACACS+ protocol designed by Cisco.
GNU Lesser General Public License v3.0
128 stars 97 forks source link

Unable to build static binary of tacc #98

Open anup19 opened 6 years ago

anup19 commented 6 years ago

I'd like to create a static binary of tacc that would have all the shared libraries built into the binary. However, when I try to supply such arguments to ./configure, its not generating a static binary for tacc.

./configure --enable-static  && make && sudo make install

or

./configure LDFLAGS="-static" && make && sudo make install

did not help.

Any pointers on how to get a static tacc binary?

Thanks!

daveolson53 commented 6 years ago

anup19 notifications@github.com wrote:

I'd like to create a static binary of tacc that would have all the shared libraries built into the binary. However, when I try to supply such arguments to ./configure, its not generating a static binary for tacc.

./configure --enable-static && make && sudo make install or ./configure LDFLAGS="-static" && make && sudo make install

./configure --disable-shared --enable-static

gets me most of the way, but you also need to make this change to Makefile.am, because it has --shared hard-coded:

55,56c55 < #libtac_la_LDFLAGS = -version-info 2:0:0 -shared

libtac_la_LDFLAGS = -version-info 2:0:0 -shared

Still fails, because we get multiple versions of tac_encryption defined (it's also the case when shared, but apparently we mostly luck out, because the shared library and executable get resolved to their local copies).

So fix that:

--- a/tacc.c +++ b/tacc.c @@ -74,7 +74,7 @@ void timeout_handler(int signum);

define USE_SYSTEM 1

/ globals / -int tac_encryption = 1; +extern int tac_encryption; typedef unsigned char flag; flag quiet = 0; char user = NULL; / global, because of signal handler */ @@ -139,6 +139,8 @@ int main(int argc, char **argv) { exit(EXIT_ERR); }

That doesn't get you a fully static, but it gets you the libpam libraries static, which I am guessing is what you meant.

/bin/bash ./libtool --tag=CC --mode=link gcc -Wall -Wextra -Werror -I ./libtac/include -g -O2 -o tacc tacc-tacc.o libtac.la -lutil -lcrypto -lcrypto -lpam libtool: link: gcc -Wall -Wextra -Werror -I ./libtac/include -g -O2 -o tacc tacc-tacc.o ./.libs/libtac.a -lutil -lcrypto -lpam make[1]: Leaving directory '/work/marvel-06/olson/Tacacs/Upstream/pam_tacplus-github' monster-08 14:39_pam_tacplus-github.662 ldd tacc linux-vdso.so.1 (0x00007ffc3ed98000) libutil.so.1 => /lib/x86_64-linux-gnu/libutil.so.1 (0x00007f304fc6a000) libcrypto.so.1.0.0 => /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.0 (0x00007f304f86e000) libpam.so.0 => /lib/x86_64-linux-gnu/libpam.so.0 (0x00007f304f65d000) libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f304f2b2000) libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f304f0ae000) libaudit.so.1 => /lib/x86_64-linux-gnu/libaudit.so.1 (0x00007f304ee87000) /lib64/ld-linux-x86-64.so.2 (0x00005619a3c06000)

In theory, if you have all the static lib dev packages installed, you could use LDFLAGS=-static also, but that gets messier.

Dave Olson olson@cumulusnetworks.com