RPM package creation results in unlinked libraries when installed

Hi, I am trying to create an rpm package to easily distribute a package to other sensors but seem to be doing something wrong when building the package. The package builds okay but when installed, I end up with an error, which is "bro: error while loading shared libraries: libbroker.so.0: cannot open shared object file: No such file or directory."

Running ldd, shows "not found" but on a working instance, the path is populated (/opt/bro/lib/libbroker.so.0). I also double checked that the file exists on the file system and it's there.

I can launch broctl and run a few commands but when I do "deploy," I get the above error.

On the build system, I have installed the prerequisite software using yum.
yum install cmake make gcc gcc-c++ flex bison libpcap-devel openssl-devel python-devel swig zlib-devel rpm-build
Also installed pf_ring from an rpm using the ntop.org repo.

The process I followed for building the package was:
git clone --recursive https://github.com/bro/bro.git
cd bro
LDFLAGS="-lpfring -lpcap" ./configure --prefix=/opt/bro --with-pcap=/usr/local/ --pkg-name-prefix=Bro --binary-package
cd build
make package
scp the file to the intended sensor
yum localinstall Bro-2.5-725-Linux-x86_64.rpm

The [root@bro00 ~]# ldd /opt/bro/bin/bro |grep libbroker
libbroker.so.0 => not found

Both the build machine and the intended install target are setup the same. They are Centos 7.5.1804 (Core) VM's running on VMware 6.5 with kernel 3.10.0-862.6.3.el7.x86_64.

Compiling BRO from source but leaving off the --binary-package flags resulted in a working install on the build machine as well using make && make install. I am not sure what piece I am missing here so any advice would be appreciated.


The [root@bro00 ~]# ldd /opt/bro/bin/bro |grep libbroker
     libbroker.so.0 => not found

Generally seems like you'll want to to teach ld to search inside the
non-standard /opt/bro/lib/ path.

e.g. look more into how to change /etc/ld.so.conf or
/etc/ld.so.conf.d/ and running `ldconfig`.

Or if you just wanted to restrict the search behavior to a shell and
not the entire system, the LD_LIBRARY_PATH environment variable will
do that.

Compiling BRO from source but leaving off the --binary-package flags
resulted in a working install on the build machine as well using make &&
make install. I am not sure what piece I am missing here so any advice
would be appreciated.

One of the things the --binary-package flag does is prevent the use of
RPATHs in the final binary. Normally, an RPATH is like hard-coding
the path to a shared library. The thought behind disabling RPATHs
when using the --binary-package is that it's generally more flexible
to allow the linker to dynamically find it (e.g. via the configuration
mentioned above), and I may recall that various Linux distros tend to
frown upon using RPATHs in their packaging ecosystems anyway (so
serves as good example to follow along).

- Jon

Thanks for the reply, that got me going the right direction I think, at least it works now. I created a file in /etc/ld.so.conf.d/ named bro-x86_64.conf with the path to /opt/bro/lib and ran ldconfig, which got everything working.

I notice there are pre/post install scripts in the build directory. Is this the right place to add commands to be executed during the deployment? Is there a different file that won't get mangled if the repo gets updated or should I just beware and copy changes back in every time I need to do a new build from source?


I'm not sure exactly which scripts you mean, but yeah it doesn't sound
safe to trust that changes to stuff in the build directory won't be
clobbered at a later time, so may be a good idea to maintain those
changes as part of your own separate script.

- Jon

Thanks Jon, I found the right ones located in the /bro/cmake folder. Specifically, package_postupgrade.sh.in and package_preinstall.sh.in, which look like the right ones to edit. However, those didn't cover my entire needs. I figure managing the creation of the /etc/ld.so.conf.d/bro-x86_64.conf file is well handled using the spec file. However, I was having some trouble figuring out where/what to update to make changes stick(I'm still not sure of the right way to do it but I'll keep looking). Eventually, I found the CPackRPM.cmake file, which has a template and then it made sense to me(sorta). Is there any documentation for creating a new template? The way I worked around this as a temporary solution was editing the template in CPackRPM.cmake, which is bad form I'm sure but it works. It's also entirely possible that I am making this way more difficult than it needs to be because of my complete ignorance of the cmake build/package system. Any insights of that process would be welcomed as well.