As discussed in the URL above, binaries in /sbin should preferably be linking against /lib and not /usr/lib as /usr might not be mounted at boot. $ ldd /sbin/iptables linux-gate.so.1 => (0xf57fe000) libip4tc.so.0 => /usr/lib/libip4tc.so.0 (0xb77d9000) libxtables.so.4 => /usr/lib/libxtables.so.4 (0xb77d1000) libm.so.6 => /lib/libm.so.6 (0xb77ac000) libc.so.6 => /lib/libc.so.6 (0xb7661000) libdl.so.2 => /lib/libdl.so.2 (0xb765d000) /lib/ld-linux.so.2 (0xb77e6000) Giving --libdir=/lib to iptables config script should place the above libraries in lib. Reproducible: Always
Thank you for report. Fixed in 1.4.9.1-r1 with the following: @@ -25,6 +25,7 @@ src_configure() { econf \ --sbindir=/sbin \ + --libdir=/$(get_libdir) \ --libexecdir=/$(get_libdir) \ --enable-devel \ --enable-libipq \ @@ -56,4 +57,10 @@ newinitd "${FILESDIR}"/iptables-1.3.2.init ip6tables || die newconfd "${FILESDIR}"/ip6tables-1.3.2.confd ip6tables || die fi + + # Remove .la from /lib, keep static archives in /usr/lib + find "${D}" -type f -name '*.la' -exec rm -rf '{}' '+' || die "la removal failed" + dodir /usr/$(get_libdir)/ + mv "${D}"/$(get_libdir)/*.a "${D}"/usr/$(get_libdir)/ || die "failed to mv static libs" + gen_usr_ldscript libip4tc.so libip6tc.so libipq.so libiptc.so libxtables.so
that isnt really the way to go about it. minor: no need to quote plus marks. it really should keep /usr/lib and then do something like: gen_usr_ldscript -a ip{4,6}tc ipq iptc xtables screwing around with linker scripts and static archives is dead
ive dropped all the /usr->/ code and replaced it with just the ldscript func i referred to. i also restored the .la files since the .pc files dont properly express static dependencies. http://sources.gentoo.org/net-firewall/iptables/iptables-1.4.9.1-r2.ebuild?r1=1.1&r2=1.2
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4fc9966a33ed4f82e6c10f3dc518326fa1063cde commit 4fc9966a33ed4f82e6c10f3dc518326fa1063cde Author: Eli Schwartz <eschwartz93@gmail.com> AuthorDate: 2024-02-06 15:29:48 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2024-02-06 22:49:31 +0000 net-firewall/iptables: remove usr-ldscript support Per news item 2024-01-05-usr-initramfs, we no longer support this use case. It is fragile and hacky and leads to bizarre forms of load errors. The functionality is, despite being called "split-usr", not really about split-usr at all. [sam: Add bug #332175 and bug #498878 ref.] Bug: https://bugs.gentoo.org/332175 Bug: https://bugs.gentoo.org/498878 Signed-off-by: Eli Schwartz <eschwartz93@gmail.com> Signed-off-by: Sam James <sam@gentoo.org> .../iptables/{iptables-1.8.9-r1.ebuild => iptables-1.8.9-r2.ebuild} | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3e7b22c10763d2352b5770266c755667549e94f9 commit 3e7b22c10763d2352b5770266c755667549e94f9 Author: Sam James <sam@gentoo.org> AuthorDate: 2024-02-20 05:21:00 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2024-02-20 05:21:00 +0000 net-firewall/iptables: drop usr-ldscript Per news item. Bug: https://bugs.gentoo.org/332175 Signed-off-by: Sam James <sam@gentoo.org> net-firewall/iptables/iptables-1.8.10-r1.ebuild | 179 ++++++++++++++++++++++++ 1 file changed, 179 insertions(+)
