←back to thread

The state of binary compatibility on Linux and how to address it

(jangafx.com)
196 points generichuman | 1 comments | 01 Apr 25 22:22 UTC | HN request time: 0s | source
Show context
Jeaye ◴[02 Apr 25 00:21 UTC] No.43552616[source]
I don't understand why they don't just statically link their binaries. First, they said this:

> Even if you managed to statically link GLIBC—or used an alternative like musl—your application would be unable to load any dynamic libraries at runtime.

But then they immediately said they actually statically link all of their deps aside from libc.

> Instead, we take a different approach: statically linking everything we can.

If they're statically linking everything other than libc, then using musl or statically linking glibc will finish the job. Unless they have some need for loading share libs at runtime which they didn't already have linked into their binary (i.e. manual dlopen), this solves the portability problem on Linux.

What am I missing (assuming I know of the security implications of statically linked binaries -- which they didn't mention as a concern)?

replies(6): >>43552647 #>>43552652 #>>43552691 #>>43552703 #>>43552800 #>>43552822 #
masfuerte ◴[02 Apr 25 00:28 UTC] No.43552647[source]
Various things including name (DNS) resolution rely on dynamic linking.
replies(1): >>43552651 #
Jeaye ◴[02 Apr 25 00:30 UTC] No.43552651[source]
Are you saying that a statically linked binary cannot make an HTTP request to `google.com` because it would be unable to resolve the domain name?

There are entire distros, like alpine, built on musl. I find this very hard to believe.

replies(4): >>43552683 #>>43552699 #>>43552733 #>>43555012 #
1. o11c ◴[02 Apr 25 00:46 UTC] No.43552733[source]
All versions of MUSL prior to 1.2.4 (released less than two years ago) would indeed fail to perform DNS lookups in many common cases, and a lot of programs could not run in MUSL as a result. (I'm not aware of what specific deficiencies remain in MUSL, but given the history even when there are explicit standards, I am confident that there are more.) This wasn't related to dynamic linking though.

Glibc's NSS is mostly relevant for LANs. Which is a lot of corporate and home networks.