Unfortunate dynamic linking for everything

Richard Coleman richardcoleman at mindspring.com
Wed Nov 19 18:04:03 PST 2003

Gordon Tetlow wrote:
> On Tue, Nov 18, 2003 at 08:03:23PM -0500, dyson at iquest.net wrote:
>>However, PAM and NSS 'tricks' really seem to be exactly that,
>>and certainly worthy of special builds.  However, that isn't
>>necessary, yet still not building everything with a shared
> Things like nss_ldap (which is used *heavily* at my place of employment)
> are some reasons that FreeBSD doesn't make it into more places. It was
> the reason why FreeBSD isn't being used here. Calling them 'tricks'
> (and succumbing to the name calling you wanted to avoid) doesn't change
> the fact that every major contender (IRIX, Solaris, Linux to name a few)
> all support this feature set.

The fact that you can't easily do centralized authentication (nss_ldap 
and pam_ldap) with FreeBSD is a major show stopper.  At my former 
employer, we built several very large systems that required centralized 
authentication using ldap.  We had to use Linux, since none of the BSD's 
supported this correctly at the time.

I don't really care whether everything is statically or dynamically 
linked.  With the fast machines and huge disks these days, bloat is not 
much of an issue.  But nss and pam need to work correctly.  If the folks 
that are against dynamic linking have an alternate method to make this 
work, I'm all for it.  But it needs to be more than theory.  We need code.

To be honest, I've never understood the (seemingly irrational) 
resistance against this change.  Solaris made this change 10 years ago.

Richard Coleman
richardcoleman at mindspring.com

More information about the freebsd-current mailing list