[v3] configure: Disable building libcrypt by default
Checks
Context |
Check |
Description |
redhat-pt-bot/TryBot-apply_patch |
success
|
Patch applied to master at the time it was sent
|
redhat-pt-bot/TryBot-32bit |
success
|
Build for i686
|
linaro-tcwg-bot/tcwg_glibc_build--master-arm |
success
|
Testing passed
|
linaro-tcwg-bot/tcwg_glibc_build--master-aarch64 |
warning
|
Patch failed to apply
|
linaro-tcwg-bot/tcwg_glibc_check--master-aarch64 |
warning
|
Patch failed to apply
|
linaro-tcwg-bot/tcwg_glibc_check--master-arm |
warning
|
Patch failed to apply
|
Commit Message
We mentioned eventual dropping of libcrypt in the 2.28 NEWS. Actually
put that plan in motion by first disabling building libcrypt by default.
note in NEWS that the library will be dropped completely in a future
release.
Also add a couple of builds into build-many-glibcs.py.
Signed-off-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
---
Changes from v2:
- Fixed up wording of the manual and NEWS based on various reviews
- Added build-many-glibcs targets for sparc and x86_64
INSTALL | 22 ++++++++++++----------
NEWS | 5 ++++-
configure | 4 ++--
configure.ac | 6 +++---
manual/install.texi | 22 ++++++++++++----------
scripts/build-many-glibcs.py | 8 ++++++--
6 files changed, 39 insertions(+), 28 deletions(-)
Comments
On Jul 17 2023, Siddhesh Poyarekar via Libc-alpha wrote:
> +This option is for hackers and distributions who may not yet be able to
> +use libcrypt alternatives such as libxcrypt and need this legacy
> +implementation as a temporary workaround. libcrypt may be removed in a
> +future release.
The last sentence needs to be restructured so that it doesn't start with
a lower case word.
On 2023-07-17 13:18, Andreas Schwab wrote:
> On Jul 17 2023, Siddhesh Poyarekar via Libc-alpha wrote:
>
>> +This option is for hackers and distributions who may not yet be able to
>> +use libcrypt alternatives such as libxcrypt and need this legacy
>> +implementation as a temporary workaround. libcrypt may be removed in a
>> +future release.
>
> The last sentence needs to be restructured so that it doesn't start with
> a lower case word.
>
Changed it to:
Note that libcrypt may be removed in a future release.
OK with that change?
Thanks,
Sid
On Mon, 17 Jul 2023, Siddhesh Poyarekar via Libc-alpha wrote:
> diff --git a/NEWS b/NEWS
> index f976abccbd..7a973f3949 100644
> --- a/NEWS
> +++ b/NEWS
> @@ -54,7 +54,10 @@ Major new features:
> explicitly enabled, then fortify source is forcibly disabled so to keep
> original behavior unchanged.
>
> -Deprecated and removed features, and other changes affecting compatibility:
> +* libcrypt is no longer built by default, one may use the --enable-crypt
This should not be removing the "Deprecated and removed features, and
other changes affecting compatibility:" section heading.
Am Donnerstag, 20. Juli 2023, 20:05:13 CEST schrieb Joseph Myers:
> On Mon, 17 Jul 2023, Siddhesh Poyarekar via Libc-alpha wrote:
>
> > diff --git a/NEWS b/NEWS
> > index f976abccbd..7a973f3949 100644
> > --- a/NEWS
> > +++ b/NEWS
> > @@ -54,7 +54,10 @@ Major new features:
> > explicitly enabled, then fortify source is forcibly disabled so to keep
> > original behavior unchanged.
> >
> > -Deprecated and removed features, and other changes affecting compatibility:
> > +* libcrypt is no longer built by default, one may use the --enable-crypt
>
> This should not be removing the "Deprecated and removed features, and
> other changes affecting compatibility:" section heading.
>
Reviewed-by: Andreas K. Hüttel <dilfridge@gentoo.org>
With this and the changed wording in the help text, OK and pushed. Thanks!
@@ -228,16 +228,18 @@ if ‘CFLAGS’ is specified it must enable optimization. For example:
By default for x86_64, the GNU C Library is built with the vector
math library. Use this option to disable the vector math library.
-‘--disable-crypt’
- Do not install the passphrase-hashing library ‘libcrypt’ or the
- header file ‘crypt.h’. ‘unistd.h’ will still declare the function
- ‘crypt’. Using this option does not change the set of programs
- that may need to be linked with ‘-lcrypt’; it only means that the
- GNU C Library will not provide that library.
-
- This option is for hackers and distributions experimenting with
- independently-maintained implementations of libcrypt. It may
- become the default in a future release.
+‘--enable-crypt’
+ Install the legacy passphrase-hashing library ‘libcrypt’ and the
+ header file ‘crypt.h’. ‘unistd.h’ will declare the function
+ ‘crypt’ regardless of this option. Using this option does not
+ change the set of programs that may need to be linked with
+ ‘-lcrypt’; it only means that the GNU C Library will provide that
+ library.
+
+ This option is for hackers and distributions who may not yet be
+ able to use libcrypt alternatives such as libxcrypt and need this
+ legacy implementation as a temporary workaround. libcrypt may be
+ removed in a future release.
‘--disable-scv’
Disable using ‘scv’ instruction for syscalls. All syscalls will
@@ -54,7 +54,10 @@ Major new features:
explicitly enabled, then fortify source is forcibly disabled so to keep
original behavior unchanged.
-Deprecated and removed features, and other changes affecting compatibility:
+* libcrypt is no longer built by default, one may use the --enable-crypt
+ option to build libcrypt. libcrypt is likely to be removed from the
+ GNU C Library in a future release, so it is recommended that
+ applications port away from it to an alternative such as libxcrypt.
* In the Linux kernel for the hppa/parisc architecture some of the
MADV_XXX constants were changed to have the same values as the other
@@ -1484,7 +1484,7 @@ Optional Features:
architectures
--enable-memory-tagging enable memory tagging if supported by the
architecture [default=no]
- --disable-crypt do not build nor install the passphrase hashing
+ --enable-crypt build and install the legacy passphrase hashing
library, libcrypt
--enable-nss-crypt enable libcrypt to use nss
--enable-systemtap enable systemtap static probe points [default=no]
@@ -4577,7 +4577,7 @@ if test ${enable_crypt+y}
then :
enableval=$enable_crypt; build_crypt=$enableval
else $as_nop
- build_crypt=yes
+ build_crypt=no
fi
@@ -316,10 +316,10 @@ fi
AC_SUBST(memory_tagging)
AC_ARG_ENABLE([crypt],
- AS_HELP_STRING([--disable-crypt],
- [do not build nor install the passphrase hashing library, libcrypt]),
+ AS_HELP_STRING([--enable-crypt],
+ [build and install the legacy passphrase hashing library, libcrypt]),
[build_crypt=$enableval],
- [build_crypt=yes])
+ [build_crypt=no])
AC_SUBST(build_crypt)
AC_ARG_ENABLE([nss-crypt],
@@ -256,16 +256,18 @@ configure with @option{--disable-werror}.
By default for x86_64, @theglibc{} is built with the vector math library.
Use this option to disable the vector math library.
-@item --disable-crypt
-Do not install the passphrase-hashing library @file{libcrypt} or the
-header file @file{crypt.h}. @file{unistd.h} will still declare the
-function @code{crypt}. Using this option does not change the set of
-programs that may need to be linked with @option{-lcrypt}; it only
-means that @theglibc{} will not provide that library.
-
-This option is for hackers and distributions experimenting with
-independently-maintained implementations of libcrypt. It may become
-the default in a future release.
+@item --enable-crypt
+Install the legacy passphrase-hashing library @file{libcrypt} and the
+header file @file{crypt.h}. @file{unistd.h} will declare the function
+@code{crypt} regardless of this option. Using this option does not
+change the set of programs that may need to be linked with
+@option{-lcrypt}; it only means that @theglibc{} will provide that
+library.
+
+This option is for hackers and distributions who may not yet be able to
+use libcrypt alternatives such as libxcrypt and need this legacy
+implementation as a temporary workaround. libcrypt may be removed in a
+future release.
@item --disable-scv
Disable using @code{scv} instruction for syscalls. All syscalls will use
@@ -431,7 +431,9 @@ class Context(object):
{'variant': 'disable-multi-arch',
'arch': 'sparcv9',
'ccopts': '-m32 -mlong-double-128 -mcpu=v9',
- 'cfg': ['--disable-multi-arch']}])
+ 'cfg': ['--disable-multi-arch']},
+ {'variant': 'enable-crypt',
+ 'cfg': ['--enable-crypt']}])
self.add_config(arch='x86_64',
os_name='linux-gnu',
gcc_cfg=['--with-multilib-list=m64,m32,mx32'],
@@ -466,7 +468,9 @@ class Context(object):
{'arch': 'i586',
'ccopts': '-m32 -march=i586'},
{'variant': 'enable-fortify-source',
- 'cfg': ['--enable-fortify-source']}])
+ 'cfg': ['--enable-fortify-source']},
+ {'variant': 'enable-crypt',
+ 'cfg': ['--enable-crypt']}])
self.add_config(arch='x86_64',
os_name='gnu',
gcc_cfg=['--disable-multilib'])