Find installed ports depending on one particular library

[mecano]

With the OpenSSL security and after updating, one needs to update ports that are depending on libcrypto(3).

NOTE: Any third-party applications, including those installed from the FreeBSD ports collection, which are statically linked to libcrypto(3) should be recompiled in order to use the corrected code.

Do you have recipies for doing it automatically? I was thinking of using [CMD=]pkg_info -aI[/CMD] with [CMD=]ldd -v[/CMD] then a [CMD=]grep libcrypto[/CMD] but it looks like pkg_info does not output only package names so you may have to use awk to clean the output. Not a very elegant solution, I'm sure there should be better options.

 

[kpa]

Note the wording "which are statically linked to libcrypto(3)". Any port (any binary in fact) that links libcrypto using dynamic linking does not need recompiling unless there's a version bump in the dynamic link library and I don't that the case with this update.

Edit: There have been updates to both the base system libcrypto and the port security/openssl, which one you're using?

 

[mecano]

Thanks to point this out kpa.
I was talking of FreeBSD-SA-12:01.openssl.asc.
The question is still interresting, how to find installed ports that are depending on a library given it name?

 

[kpa]

This is adapted from ldd(1) manual page, it will print out names of ELF binaries in /usr/local/s?bin and and dynamic link libraries the binaries depend on.

# find /usr/local/bin /usr/local/sbin -type f | xargs -n1 file -F ' ' | grep ELF | cut -f1 -d' ' | xargs ldd -f '%A %p\n'


You can then use # pkg_info -W file to figure out to which port a certain file belongs to.

So it becomes something like this:
# find /usr/local/bin /usr/local/sbin /usr/local/libexec -type f | xargs -n1 file -F ' ' | grep ELF | cut -f1 -d' ' | xargs ldd -f '%A\t%p\n' | grep '/lib/libcrypt.so.5$' | cut -f 1 | xargs -n1 pkg_info -W



That's starting to smell like a useful script

 

[mecano]

I have no example part in my ldd(1) manual. Time to jump to FreeBSD 8 I guess. And it works great! Thanks kpa.

What about statically linked libraries in ports as you pointed out? How to find ports that are statically linked to a particular lib?

 

[kpa]

That's a tough one, there may not be any real version information that is carried over from the static link library to the linked binary. I would first try to find out if there are any version strings in the static link library with strings(1) that could be used for comparison and then try to find the same strings in the binaries.

 

[kpa]

Note that the above "script" may not be useful for finding out broken dynamic link library dependencies in ports/packages, for that there's a very handy tool pkg_libchk(1) in sysutils/bsdadminscripts.

 

[mecano]

Thanks kpa for your time and valuable informations will look further these paths.

 

[jef]

pkg_libchk(1) shaved my butt when I read UPDATING but it didn't indicate that openssl.so was changing revision numbers.

(yes, I'm leaving the typo)