libtool install preserves temporary rpath of executable

Question

I am modifying a project that is very similar to examples provided by the Automake/libtool documentation. Excerpts:

Top-leve configure.ac:

LT_INIT

Top-level Makefile.am:

ACLOCAL_AMFLAGS = -I m4
SUBDIRS = src doc

./src Makefile.am:

lib_LTLIBRARIES = libname.la
libname_la_SOURCES = <my cc file list>
libname_la_LDFLAGS = -no-undefined -version-info $(GENERIC_LIBRARY_VERSION)
include_HEADERS = <my h file list>

bin_PROGRAMS = progname
progname_SOURCES = <my cc file list>
progname_LDADD = libname.la
progname_LDFLAGS = -static

In a fakeroot environment provided by my package-creation software, I execute the following commands

$ autogen.sh # contains the usual calls to aclocal, libtoolize, automake, autoconf.
$ ./configure --prefix="/usr" --disable-static
$ make
 ...
 /bin/sh ../libtool  --tag=CXX   --mode=link g++ -Wall -g -O2 -static  -o progname progname.o libname.la  <-lLIBRARY_NAME list>
 libtool: link: g++ -Wall -g -O2 -o progname progname.o  ./.libs/libname.so <-lLIBRARY_NAME list> -Wl,-rpath -Wl,<build_dir>/src/.libs
 ...
$ objdump -x src/progname | grep -i rpath
 RPATH                <build_dir>/src/.libs
$ make install
$ objdump -x <fakeroot_dir>/usr/bin/progname | grep -i rpath
 RPATH                <build_dir>/src/.libs

In all three *.la files, libdir='/usr/lib':

• /src/libname.la
• /src/.libs/libname.la
• /usr/lib/libname.la

I understand that RPATH is set for /src/progname to allow execution directly after make. However I was under the impression that during the install rule, libtool would remove this temporary RPATH and replace it with libdir ("/usr/lib" as specified above to configure). Furthermore, modern libtool releases would actually remove RPATH if libdir was present in the system's ld.so search path.

Why is this not happening? As it stands, the temporary RPATH directory is a security risk, allowing anyone to load a malicious libname.so from /src/.libs.

The Fedora RPath Packaging Draft contains some quit useful suggestions to remove RPATH, however I would prefer answers that work within the Autotools framework.

Answer 1

Tell configure.ac to patch the generated $(top_srcdir)/libtool so that -Wl,-rpath -Wl,/... get kicked out

TL;DR - Append the following (β) to configure.ac:

AC_MSG_RESULT([configure: removing rpath from libtool...])
sed -i.old s/'^hardcode_libdir_flag_spec.*$'/'hardcode_libdir_flag_spec="-D__LIBTOOL_IS_A_FOOL__"'/g libtool
diff -u0 libtool.old libtool

• If you use LT_OUTPUT (please stop doing that), β should be after LT_OUTPUT
• Otherwise β should be after AC_OUTPUT

Answer 2

I think what's happening here is that libtool is getting confused by your usage of -static — what you want is what usually happens by default with libtool, and that is to trigger relinking of the binaries so that it drops the DT_RPATH definition.

But since you're telling the tool that you want a full static build, it expects the relinking to be unnecessary, and thus does not perform it.

On the other hand I'm surprised that libtool does not error out when you use -static and --disable-static.