QA Notice: /usr/sbin/suexec2 is setXid, dynamically linked and using lazy bindings. This combination is generally discouraged. Try: CFLAGS='-Wl,-z,now' emerge apache Reproducible: Always Steps to Reproduce: Expected Results: Please, treat this in the ebuild when you have a few minutes to spare. Thanks. ;-)
I've seen this error, but I have no idea what it means or how to fix it. Any suggestions?
(In reply to comment #1) > I've seen this error, but I have no idea what it means or how to fix it. Any > suggestions? The fix is to link the binary with -Wl,-z,now man ld: <snip> When generating an executable or shared library, mark it to tell the dynamic linker to resolve all symbols when the program is started, or when the shared library is linked to using dlopen, instead of deferring function call resolution to the point when the function is first called. </snip> As for explanation, iirc this check was added by vapier or solar, so they are best qualified to explain. ;)
There are more bugs on this issue in Bugzilla: http://bugs.gentoo.org/buglist.cgi?query_format=advanced&short_desc_type=allwordssubstr&short_desc=&long_desc_type=substring&long_desc=dynamically+linked+and+using+lazy+bindings&bug_file_loc_type=allwordssubstr&bug_file_loc=&status_whiteboard_type=allwordssubstr&status_whiteboard=&keywords_type=allwords&keywords=&bug_status=UNCONFIRMED&bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&bug_status=RESOLVED&bug_status=VERIFIED&bug_status=CLOSED&emailassigned_to1=1&emailtype1=substring&email1=&emailassigned_to2=1&emailreporter2=1&emailcc2=1&emailtype2=substring&email2=&bugidtype=include&bug_id=&chfieldfrom=&chfieldto=Now&chfieldvalue=&cmdtype=doit&order=Reuse+same+sort+as+last+time&field0-0-0=noop&type0-0-0=noop&value0-0-0= By using those additional CFLAGS, gcc passes the linker (ld) the flag "-z now" which stands for this: <snip src="man ld"> now When generating an executable or shared library, mark it to tell the dynamic linker to resolve all symbols when the program is started, or when the shared library is linked to using dlopen, instead of deferring function call resolution to the point when the function is first called. </snip> Somehow these CFLAGS need to be used while compiling suexec2.
Created attachment 68846 [details, diff] apache-suexec-nolazybinding.diff This adds "-Wl,-z,now" to the linker flags of the suexec binary.
fixed in CVS.
Now that portage-2.0.53 is out, if someone is using FEATURES="stricter", this is considered a fatal error. I ran into this with the latest stable version (apache-2.0.54-r31). What is the possibility of getting a version of apache stabilized that contains this fix?
