Distribute Shared Object with Executable (Best Practice?)

Question

I need to distribute a version of OpenSSL with my application. I can't use Ubuntu's because the distro currently disables TLSv1.1 and TLSv1.2.

I've read a few posts about how to solve a missing shared object (for example, How to add shared library search path to a executable file?).

My concern is that I have a library that has the same name as that of the disto, and its binary compatible with the distro.

My question is, is there a best practice for distributing a shared objects where collision are expected?

score 2 · Answer 1 · answered Dec 20 '13 at 22:52

2

Put the SO in a private directory, and add that directory to the $LD_LIBRARY_PATH environment variable in a wrapper script before running the executable.

answered Dec 20 '13 at 22:52

Ignacio Vazquez-Abrams

776,304
153
1,341
1,358

Thanks Ignacio. There's two problems with that (sorry, I should have listed them). First, I don't want people to have to LD_LIBRARY_PATH. Second, this runs as root, so LD_LIBRARY_PATH is not honored (even with `sudo -E`). – jww Dec 20 '13 at 23:02
@noloader people don't need to set LD_LIBRARY_PATH, you create a shell script, place it together with your executable, the shell script sets LD_LIBRARY_PATH and runs the executable. People run the shell script (with e.g. sudo) instead of the real executable. – nos Dec 26 '13 at 21:30
Thanks nos. Is there any reading on Best Practices for doing this? I know there's a lot of potential problems with the runtime linker (DLL Hell and Binary Planting are not just Windows problems). See, for example, [Breaking the links: Exploiting the linker](https://www.nth-dimension.org.uk/pub/BTL.pdf‎). – jww Dec 30 '13 at 08:34

score 2 · Answer 2 · answered Jan 09 '14 at 14:59

As opposed to setting the LD_LIBRARY_PATH environment variable in a wrapper script, you can also compile your executable with extra linker flags that add directories to search for shared libraries.

The linker flag is -Wl,-rpath,<path to lib directory>

As an example, say you are installing your app to /opt/myapp/bin, you could also have a folder /opt/myapp/lib, and in that folder you place your libssl.so. Then you would compile your app with the extra linker flag -Wl,-rpath,/opt/myapp/lib. Then when you run your app, it will look in that folder first before searching the standard folders for shared libraries.

Distribute Shared Object with Executable (Best Practice?)

2 Answers2

Linked