An additional complication with the kadm5 sonames

Wed Jan 13 11:33:52 EST 2010

On Wed, 2010-01-13 at 10:45 -0500, Sam Hartman wrote:
> Based on that I think a rename to libkadm5clnt-mit.so.7 would be better,
> but I'm happy with any solution that works.

Here's my summary of where we are at:

1. In addition to libkadm5clnt and libkadm5srv, we also have a basename
conflict with libkrb5.  It hasn't led to soname conflicts because
Heimdal uses a high soname suffix (25 in Debian right now) and we use a
low one and never bump it (3 currently).  gssapi doesn't conflict
because we call our library libgssapi_krb5 (even though we have
mechglue) and Heimdal calls its library libgssapi.

2. Non-numeric soname suffixes would work fine on ELF platforms, but
might have trouble on other platforms or if we decided to start using
libtool.  So we don't want to do that, at least for 1.8.

3. Leaving the soname the same, and requiring distributions to use
separate directories, is possible but would present the possibility of
programs loading the wrong library at runtime.  It is desirable to have
different sonames.

4. Bumping the soname version to not conflict would be conservative but
would be a short-term fix, although we could bump the version to
something large like 100 to make the fix more likely to stick.

5. One can imagine a setup where MIT and Heimdal use different library
basenames and have symlinks for the "neutral" names, allowing
development packages to be installed for both at the same time with an
alternatives package deciding which one gets the neutral names.
Packages could link against either the neutral names or the
package-specific ones, depending on whether they work with either
implementation or just one.

However, getting to this point would require much more than changing
just the name of libkadm5clnt and libkadm5srv.  We would also need to
change the basename of libkrb5, which we don't want to do any time soon
since we don't like to change libkrb5's soname, and we would need to
resolve the conflicts with header filenames (this could be handled
through the include path) and the krb5-config binary.

Also, it bears considering how much of this is an upstream source issue
and how much is an OS distribution issue.  Treating the soname part as
an upstream source issue is reasonable since sonames should be
compatible across Linux distributions.

I am reluctant to perform a basename change for 1.8.  We've entered the
testing cycle, it's a shorter one than we're used to for previous
releases, and this does not feel like a conservative change.  At the
moment I favor bumping the libkadm5clnt and libkadm5srv soname suffixes
to 100 and declaring anything more comprehensive to be out of scope for
this release.