Permissions for shared libraries in Kerberos

Robbie Harwood rharwood at
Wed Nov 18 15:38:35 EST 2020

Robbie Harwood <rharwood at> writes:

> Ken Hornstein <kenh at> writes:
>> I have been working on packaging up our Kerberos code into a RPM (to
>> upgrade our ancient dusty old Kerberos RPMs), and I had been running
>> into a problem where shared library dependencies were not being
>> processed properly.  More specifically, the executables were saying,
>> "hey, I depend on", but the RPM wouldn't ever figure
>> out the shared library PROVIDED "", so you'd get a
>> bunch of unresolved dependencies.  We had this same problem with our
>> ancient old dusty Kerberos RPMs, but I wanted to fix this correctly
>> for once.
>> Fast forward a distressingly large number of late-night hours later
>> digging into the guts of RPM, the reason for this is simple.  The
>> automatic dependency scripts only extract symbols from shared
>> libraries if they have the execute bit set, and MIT Kerberos installs
>> all of the shared libraries as mode 644.
> Fedora seems to take care of this transparently - I don't have any
> special logic to mark them executable.

Gah, spoke too soon.  I patch shlib.conf to make install them

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
Url :

More information about the krbdev mailing list