Closed Bug 1395722 Opened 2 years ago Closed 2 years ago
link openssl statically when building sccache
Our current sccache build links in openssl's libraries dynamically. The sonames of the dynamic libraries linked in are specific to the CentOS/Fedora-ish systems that we build on; attempting to run the generated sccache binaries on different systems (e.g. Debian-ish) will result in failure. All of our current automation images are CentOS-based, but for various reasons, Debian-based images may be used in the future, and it would be great to have an sccache binary to run on such systems as well. (It might also be interesting to distribute the sccache binary we use to local developers as well, but that's a bit further off.) Therefore, this patch alters the sccache build on Linux to use static linking for openssl. We cannot use the system openssl we build on because the system openssl links to libkrb5, and the distribution we use for the system images does not provide static libraries of libkrb5. Building openssl ourself enables us to eliminate the libkrb5 dependency. An sccache binary from builds with this patch depends on the following libraries: froydnj@hawkeye:~$ ldd sccache2/sccache linux-vdso.so.1 => (0x00007ffe02b39000) libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007ff0e7403000) librt.so.1 => /lib/x86_64-linux-gnu/librt.so.1 (0x00007ff0e71fb000) libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007ff0e6fdd000) libgcc_s.so.1 => /lib/x86_64-linux-gnu/libgcc_s.so.1 (0x00007ff0e6dc6000) libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007ff0e69fc000) /lib64/ld-linux-x86-64.so.2 (0x0000557c8540b000) libm.so.6 => /lib/x86_64-linux-gnu/libm.so.6 (0x00007ff0e66f2000) which are standard on any Linux distribution.
I am open to suggestions on how to better integrate the openssl build.
Attachment #8903318 - Flags: review?(ted)
Comment on attachment 8903318 [details] [diff] [review] link openssl statically when building sccache Review of attachment 8903318 [details] [diff] [review]: ----------------------------------------------------------------- ::: taskcluster/scripts/misc/build-sccache.sh @@ +57,5 @@ > + > + OPENSSL_BUILD_DIRECTORY=$PWD/ourssl > + pushd $(basename $OPENSSL_TARBALL .tar.gz) > + ./Configure --prefix=$OPENSSL_BUILD_DIRECTORY no-shared linux-x86_64 > + make You probably want a -j `nproc --all` in there to make this a little faster, like we do in other build scripts: https://dxr.mozilla.org/mozilla-central/rev/632e42dca494ec3d90b70325d9c359f80cb3f38a/taskcluster/scripts/misc/build-cctools-port.sh#40 Ideally we wouldn't have to rebuild this for every build, but I don't know how we'd usefully wire that up.
Attachment #8903318 - Flags: review?(ted) → review+
Ah, thanks for the pointer. I additionally modified things to just install the software, not the (extensive!) documentation. Carrying over r+, doing an all-platforms try run just to make sure something didn't break: https://treeherder.mozilla.org/#/jobs?repo=try&revision=cee9351865e7ceae5ba7fec87eed517cfc6a8c9f
Attachment #8904582 - Flags: review+
Pushed by email@example.com: https://hg.mozilla.org/integration/mozilla-inbound/rev/af2599f1d391 link openssl statically when building sccache; r=ted.mielczarek
You need to log in before you can comment on or make changes to this bug.