💾 Archived View for gemini.susa.net › linux_runtime_linking_debug.gmi captured on 2022-01-08 at 13:50:54. Gemini links have been rewritten to link to archived content

View Raw

More Information

⬅️ Previous capture (2021-11-30)

-=-=-=-=-=-=-

What I do to debug library issues.

I compiled and installed GnuTLS to get some features that my distribution package was missing. However the next time I tried to clone a repository, git complained with an error.

The error I'm getting is: -

git-remote-https: relocation error: /usr/lib/x86_64-linux-gnu/libcurl-gnutls.so.4: symbol gnutls_srp_allocate_client_credentials, version GNUTLS_3_4 not defined in file libgnutls.so.30 with link time reference

So, I locate the files relating to this shared object...

~$ locate libgnutls.so.30

/usr/lib/x86_64-linux-gnu/libgnutls.so.30
/usr/lib/x86_64-linux-gnu/libgnutls.so.30.13.1
/usr/local/lib/libgnutls.so.30
/usr/local/lib/libgnutls.so.30.28.0

My local installation shows up, along with the original Debian copies of the library.

Some commands that can help here:

    nm -gC <file> - list (extern) object file symbols in a readable format.
    readelf -sW <file> - list symbols, one per line, of an elf file.
    ldd <file> - list shared object dependencies

In this case, I start with 'ldd' to see what relates to gnutls...

~$ ldd /usr/lib/git-core/git-remote-https|grep gnutls
        libcurl-gnutls.so.4 => /usr/lib/x86_64-linux-gnu/libcurl-gnutls.so.4
        libgnutls.so.30 => /usr/local/lib/libgnutls.so.30

So, libcurl-gnutls refers to Debian's library, which has a link time reference to my own locally built GnuTLS library. Let's see if the symbol is in my library...

readelf -sW /usr/local/lib/libgnutls.so.30|grep gnutls_srp_allocate_client

Nope! What about in Debian's?

readelf -sW /usr/lib/x86_64-linux-gnu/libgnutls.so.30|grep gnutls_srp_allocate_client

 1241: 000767c0  37 FUNC  GLOBAL DEFAULT 12 gnutls_srp_allocate_cl...@@GNUTLS_3_4

Yup! So, this is probably down to whatever options I used to ./configure GnuTLS when I built it - I used --disable-srp-authentication when building, so that's kind of a strong clue! I reconfigured, compiled, and installed my GnuTLS and my original git command now works.

There were a number of solutions to this - I could have made Debian's library the default and overridden when I need to use the newer version of GnuTLS, but I'd lose the general enhancements that the more recent version offered (particularly relevant for security-related code). The link below is a good reference on shared libraries and how how manage them.

See the tldp.org HOWTO for more information.