libselinux: bad separation between public and private API/ABI

[kloczek]

I've been trying to link everything in libselinux using only shared libraries but looks like libselinux src/matchpathcon.c is expecting myprint() which seems is only used in that program will be provided by libselinux.
In attachment is patch which I've been trying to use and which produces errors on linking with:

make[1]: Leaving directory '/home/tkloczko/rpmbuild/BUILD/libselinux-3.0/utils'
make[1]: Entering directory '/home/tkloczko/rpmbuild/BUILD/libselinux-3.0/utils'
gcc -Wl,-z,relro -Wl,--as-needed  -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld  -L../src  sefcontext_compile.o ../src/regex.o  -lselinux -lpcre2-8  -L../src -lselinux -lsepol -o sefcontext_compile
/usr/bin/ld: sefcontext_compile.o: in function `process_line':
/home/tkloczko/rpmbuild/BUILD/libselinux-3.0/utils/../src/label_file.h:441: undefined reference to `read_spec_entries'
/usr/bin/ld: /home/tkloczko/rpmbuild/BUILD/libselinux-3.0/utils/../src/label_file.h:528: undefined reference to `compat_validate'
/usr/bin/ld: /home/tkloczko/rpmbuild/BUILD/libselinux-3.0/utils/../src/label_file.h:514: undefined reference to `myprintf'
/usr/bin/ld: /home/tkloczko/rpmbuild/BUILD/libselinux-3.0/utils/../src/label_file.h:444: undefined reference to `selinux_log'
/usr/bin/ld: /home/tkloczko/rpmbuild/BUILD/libselinux-3.0/utils/../src/label_file.h:455: undefined reference to `myprintf'
/usr/bin/ld: /home/tkloczko/rpmbuild/BUILD/libselinux-3.0/utils/../src/label_file.h:455: undefined reference to `selinux_log'
/usr/bin/ld: /home/tkloczko/rpmbuild/BUILD/libselinux-3.0/utils/../src/label_file.h:514: undefined reference to `selinux_log'
/usr/bin/ld: /home/tkloczko/rpmbuild/BUILD/libselinux-3.0/utils/../src/label_file.h:503: undefined reference to `myprintf'
/usr/bin/ld: /home/tkloczko/rpmbuild/BUILD/libselinux-3.0/utils/../src/label_file.h:503: undefined reference to `selinux_log'
collect2: error: ld returned 1 exit status
make[1]: *** [<builtin>: sefcontext_compile] Error 1

libselinux-no_static_libraries.patch.txt

BTW. Why whole SELinux modules are not using autoconf/automake/libtool or meson?
Maintaining your custom Makefile files seems is like trying to reinvent the wheel. With ac/m/lt or meson building shared only version would be OOTB.

[stephensmalley]

sefcontext_compile is tightly coupled to libselinux internals, so it is odd man out. Could possibly be moved into its own directory under libselinux. WRT autotools, there have been attempts in the past to convert selinux userspace to use autotools but they never could seem to produce a working result that included existing use cases; you can see the legacy of one such attempt on the autotools branch. Not fundamentally opposed but we'd need maintainer buy-in to maintaining the autotools or meson based build system going forward.

[kloczek]

I've been working with autorools more than 15y.

Can you point on patches related to that resources? I'll try to help to polish that :)

[kloczek]

Really it does't matte autortools or meson. Both are working working only if everything is correctly implemented.

[kloczek]

Biggest obstacle which I see so far is that whole SELinux has test suite not well localised in each component.

[stephensmalley]

The last attempt is available in the autotools branch of the selinux repository, https://github.com/SELinuxProject/selinux/tree/autotools. obviously requires a major re-base/update and addressing whatever lingering problems it had. Old discussions can be found by searching for autotools in https://lore.kernel.org/selinux