[Haskell-cafe] Static executables in minimal Docker containers
Albert Y. C. Lai
trebla at vex.net
Mon Apr 13 21:39:39 UTC 2015
I wonder whether you already know the following, and whether it is
relevant to begin with. (Plus, my knowledge is fairly sketchy.)
Even though you statically link glibc, its code will, at run time,
dlopen a certain part of glibc.
Why: To provide a really uniform abstraction layer over user account
queries, e.g., man 3 getpwnam, regardless of whether the accounts are
from /etc/passwd, LDAP, or whatever.
Therefore, during run time, glibc first reads some config files of the
host to see what kind of user account database the host uses. If it's
/etc/passwd, then dlopen the implementation of getpwnam and friends for
/etc/passwd; else, if it's LDAP, then dlopen the implementation of
getpwnam and friends for LDAP; etc etc.
So that later when you call getpwnam, it will happen to "do the right
thing".
This demands the required *.so files to be accessible during run time.
Moreoever, if you statically link glibc, this also demands the required
*.so files to version-match the glibc you statically link.
(It is the main reason why most people give up on statically linking glibc.)
More information about the Haskell-Cafe
mailing list