RPATH of binary contains a forbidden reference to /build/

samuela · March 28, 2021, 10:04pm

I’m getting a weird error when trying to package julia 1.6:

post-installation fixup
shrinking RPATHs of ELF executables and libraries in /nix/store/64i3w967hnmjf5m9kfpd9s5hys8dy2gj-julia-1.6.0
shrinking /nix/store/64i3w967hnmjf5m9kfpd9s5hys8dy2gj-julia-1.6.0/bin/julia
...
shrinking /nix/store/64i3w967hnmjf5m9kfpd9s5hys8dy2gj-julia-1.6.0/lib/libjulia.so.1.6
gzipping man pages under /nix/store/64i3w967hnmjf5m9kfpd9s5hys8dy2gj-julia-1.6.0/share/man/
strip is /nix/store/xdii8qvch5h8chyp0z2is2qzky565w68-binutils-2.35.1/bin/strip
stripping (with command strip and flags -S) in /nix/store/64i3w967hnmjf5m9kfpd9s5hys8dy2gj-julia-1.6.0/lib  /nix/store/64i3w967hnmjf5m9kfpd9s5hys8dy2gj-julia-1.6.0/libexec  /nix/store/64i3w967hnmjf5m9kfpd9s5hys8dy2gj-julia-1.6.0/bin
patching script interpreter paths in /nix/store/64i3w967hnmjf5m9kfpd9s5hys8dy2gj-julia-1.6.0
checking for references to /build/ in /nix/store/64i3w967hnmjf5m9kfpd9s5hys8dy2gj-julia-1.6.0...
RPATH of binary /nix/store/64i3w967hnmjf5m9kfpd9s5hys8dy2gj-julia-1.6.0/lib/julia/libgmpxx.so.4.6.0 contains a forbidden reference to /build/

The last line appears to be the real issue. It looks like it’s coming from https://github.com/NixOS/nixpkgs/blob/47d089b4ad34b0e51d27b3ac83b9acee6f6199e5/pkgs/build-support/setup-hooks/audit-tmpdir.sh.

My best understanding of what’s going on here is that libgmp is vendored in by julia’s build process, and it’s outputting a binary with a dangerous rpath. Does nixpkgs have a standard way of patching rpath’s in this kind of situation? What are my options here?

Happy to post a WIP PR as well!

drupol · July 3, 2023, 6:42am

I’m also looking for a solution on this.

jtojnar · July 3, 2023, 9:15am

You can patch RPATH with patchelf. But ideally, you would figure out why that is happening and correct the project’s build system.

Generally, if a project adds build directories to rpath entries, it is expected to patch them out during installation. If it does not, it should probably be considered a bug in the upstream build script.

For debugging, you could use

nativeBuildInputs = [
  …
  patchelf
];

postInstall = ''
  patchelf --print-rpath "$out/lib/julia/libgmpxx.so.4.6.0"
'';

to find out what is actually in the DT_RUNPATH entry and then grep the project source code for rpath.

In CMake-based projects, you can also sometimes work around this by adding -DCMAKE_SKIP_BUILD_RPATH=ON to cmakeFlags, or ensuring CMAKE_SKIP_INSTALL_RPATH is not on. But the issue still indicates something is wonky with the project’s CMake definitions so a proper solution is is still preferred.

glepage · January 30, 2024, 4:35pm

We are currently facing the same error trying to update brlcad.
https://github.com/NixOS/nixpkgs/pull/279705#issuecomment-1914835516

It has started to happened after this specific commit: Vanilla Tcl build doesn't provide a tclsh executable without version … · BRL-CAD/brlcad@fbdbf04 · GitHub

Any idea on how we could tackle the issue ?