mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2024-11-14 22:32:30 +01:00
a19e14ca2d
ELF ldconfig only maintains the search list, there is no hints Reviewed by: emaste Sponsored by: The FreeBSD Foundation MFC after: 1 week Differential revision: https://reviews.freebsd.org/D30272
180 lines
5.6 KiB
Groff
180 lines
5.6 KiB
Groff
.\"
|
|
.\" Copyright (c) 1993 Paul Kranenburg
|
|
.\" All rights reserved.
|
|
.\" Copyright (c) 2021 The FreeBSD Foundation, Inc.
|
|
.\"
|
|
.\" Portions of this documentation were written by
|
|
.\" Konstantin Belousov <kib@FreeBSD.org> under sponsorship
|
|
.\" from the FreeBSD Foundation.
|
|
.\"
|
|
.\" Redistribution and use in source and binary forms, with or without
|
|
.\" modification, are permitted provided that the following conditions
|
|
.\" are met:
|
|
.\" 1. Redistributions of source code must retain the above copyright
|
|
.\" notice, this list of conditions and the following disclaimer.
|
|
.\" 2. Redistributions in binary form must reproduce the above copyright
|
|
.\" notice, this list of conditions and the following disclaimer in the
|
|
.\" documentation and/or other materials provided with the distribution.
|
|
.\" 3. All advertising materials mentioning features or use of this software
|
|
.\" must display the following acknowledgement:
|
|
.\" This product includes software developed by Paul Kranenburg.
|
|
.\" 3. The name of the author may not be used to endorse or promote products
|
|
.\" derived from this software without specific prior written permission
|
|
.\"
|
|
.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
|
|
.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
|
|
.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
|
|
.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
|
|
.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|
.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
|
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
.\"
|
|
.\" $FreeBSD$
|
|
.\"
|
|
.Dd May 15, 2021
|
|
.Dt LDCONFIG 8
|
|
.Os
|
|
.Sh NAME
|
|
.Nm ldconfig
|
|
.Nd configure the dynamic linker search path for shared libraries
|
|
.Sh SYNOPSIS
|
|
.Nm
|
|
.Op Fl 32
|
|
.Op Fl Rimrsv
|
|
.Op Fl f Ar hints_file
|
|
.Op Ar directory | Ar
|
|
.Sh DESCRIPTION
|
|
.Nm
|
|
utility is used to configure the set of paths used by the dynamic linker
|
|
.Xr ld-elf.so.1 1
|
|
when searching for shared libraries.
|
|
The dynamic linker looks for libraries in a set of built-in system directories
|
|
and any directories specified in the hints file.
|
|
This obviates the need for storing search paths within the executable,
|
|
see the
|
|
.Fl rpath
|
|
option for the static linker
|
|
.Xr ld 1 .
|
|
.Pp
|
|
The hints file is maintained by
|
|
.Nm .
|
|
The
|
|
.Ar directories
|
|
list to be stored in the hints file is supplied on the command line.
|
|
.Pp
|
|
Alternatively to the
|
|
.Ar directories
|
|
list on the command line,
|
|
.Ar files
|
|
may be specified; these are expected to contain directories
|
|
to scan for shared libraries.
|
|
Each directory's pathname must start on a new
|
|
line.
|
|
Blank lines and lines starting with the comment character
|
|
.Ql \&#
|
|
are ignored.
|
|
.Pp
|
|
For security reasons, directories which are world or group-writable or which
|
|
are not owned by root produce warning messages and are skipped, unless
|
|
the
|
|
.Fl i
|
|
option is present.
|
|
.Pp
|
|
The
|
|
.Ev LD_LIBRARY_PATH
|
|
environment variable can be used to specify additional
|
|
shared library search directories.
|
|
.Ev LD_LIBRARY_PATH
|
|
is a
|
|
.Sq \&:
|
|
separated list of directory paths which are searched by
|
|
the dynamic linker
|
|
when it needs to load a shared library.
|
|
It can be viewed as the run-time
|
|
equivalent of the
|
|
.Fl L
|
|
switch of
|
|
.Xr ld 1 .
|
|
.Pp
|
|
The following options are recognized by
|
|
.Nm :
|
|
.Bl -tag -width indent
|
|
.It Fl 32
|
|
Generate the hints for 32-bit ABI shared libraries
|
|
on 64-bit systems that support running 32-bit binaries.
|
|
.It Fl elf
|
|
Ignored for backwards compatibility.
|
|
.It Fl R
|
|
Appends pathnames on the command line to the directory list from
|
|
the hints file.
|
|
.Pp
|
|
This is the default action when no options are given.
|
|
.It Fl f Ar hints_file
|
|
Read and/or update the specified hints file, instead of the standard file.
|
|
This option is provided primarily for testing.
|
|
.It Fl i
|
|
Run in insecure mode.
|
|
The security checks will not be performed.
|
|
.It Fl m
|
|
Instead of replacing the list of the directories to search with the
|
|
directories specified on the command line, merge existing list
|
|
with the specified directories, and write the result to the hints file.
|
|
.It Fl r
|
|
List the current list of the directories from the hints file
|
|
on the standard output.
|
|
The hints file is not modified.
|
|
.Pp
|
|
Scan and print all libraries found on the directories list.
|
|
.It Fl s
|
|
Do not scan the built-in system directory
|
|
.Pq Dq /usr/lib
|
|
for shared libraries.
|
|
.It Fl v
|
|
Switch on verbose mode.
|
|
.El
|
|
.Sh SECURITY
|
|
Special care must be taken when loading shared libraries into the address
|
|
space of
|
|
.Ev set-user-Id
|
|
programs.
|
|
Whenever such a program is run by any user except the owner of the program,
|
|
the dynamic linker will only load shared libraries from paths found in
|
|
the hints file.
|
|
In particular, the
|
|
.Ev LD_LIBRARY_PATH
|
|
is not used to search for libraries.
|
|
Thus,
|
|
.Nm
|
|
serves to specify the trusted collection of directories from which
|
|
shared objects can be safely loaded.
|
|
.Sh FILES
|
|
.Bl -tag -width /var/run/ld-elf.so.hintsxxx -compact
|
|
.It Pa /var/run/ld-elf.so.hints
|
|
Standard hints file for the ELF dynamic linker.
|
|
.It Pa /etc/ld-elf.so.conf
|
|
Conventional configuration file containing directory names for
|
|
invocations with
|
|
.Fl elf .
|
|
.It Pa /var/run/ld-elf32.so.hints
|
|
Conventional configuration files containing directory names for
|
|
invocations with
|
|
.Fl 32 .
|
|
.El
|
|
.Sh SEE ALSO
|
|
.Xr ld 1 ,
|
|
.Xr ld-elf.so.1 ,
|
|
.Xr link 5
|
|
.Sh HISTORY
|
|
A
|
|
.Nm
|
|
utility first appeared in SunOS 4.0, it appeared in its current form
|
|
in
|
|
.Fx 1.1 .
|
|
.Pp
|
|
The name 'hints file' is historic from the times when the file also contained
|
|
hints to the dynamic linker.
|
|
This functionality is not provided for ELF.
|