如何为 x86_64-unknown-linux-musl 构建依赖于 curl 的可执行文件
How to build an executable that depends on curl for x86_64-unknown-linux-musl
我在 amd64 Debian 机器上,正在尝试构建 x86_64-unknown-linux-musl 可执行文件。我的 Cargo.toml:
里有这个
[dependencies]
curl = "0.4"
当我 运行 cargo build --target=x86_64-unknown-linux-musl 我得到
这个:
error: failed to run custom build command for `libz-sys v1.0.10`
process didn't exit successfully: `/tmp/foo/target/debug/build/libz-sys-c20da5f29c41e515/build-script-build` (exit code: 101)
--- stdout
OPT_LEVEL = Some("0")
PROFILE = Some("debug")
TARGET = Some("x86_64-unknown-linux-musl")
debug=true opt-level=0
HOST = Some("x86_64-unknown-linux-gnu")
TARGET = Some("x86_64-unknown-linux-musl")
TARGET = Some("x86_64-unknown-linux-musl")
HOST = Some("x86_64-unknown-linux-gnu")
CC_x86_64-unknown-linux-musl = None
CC_x86_64_unknown_linux_musl = None
TARGET_CC = None
CC = None
HOST = Some("x86_64-unknown-linux-gnu")
CROSS_COMPILE = None
TARGET = Some("x86_64-unknown-linux-musl")
HOST = Some("x86_64-unknown-linux-gnu")
CFLAGS_x86_64-unknown-linux-musl = None
CFLAGS_x86_64_unknown_linux_musl = None
TARGET_CFLAGS = None
CFLAGS = None
running: "./configure" "--prefix=/tmp/foo/target/x86_64-unknown-linux-musl/debug/build/libz-sys-e109627694e9981e/out"
Compiler error reporting is too harsh for ./configure (perhaps remove -Werror).
** ./configure aborting.
--- stderr
thread 'main' panicked at 'failed to run successfully: exit code: 1', /home/tshepang/.cargo/registry/src/github.com-1ecc6299db9ec823/libz-sys-1.0.10/build.rs:189
当我重新运行它时:
error: failed to run custom build command for `openssl-sys v0.9.6`
process didn't exit successfully: `/tmp/foo/target/debug/build/openssl-sys-ac9c042b062dad1d/build-script-build` (exit code: 101)
--- stderr
thread 'main' panicked at '
Could not find directory of OpenSSL installation, and this `-sys` crate cannot
proceed without this knowledge. If OpenSSL is installed and this crate had
trouble finding it, you can set the `OPENSSL_DIR` environment variable for the
compilation process.
If you're in a situation where you think the directory *should* be found
automatically, please open a bug at https://github.com/sfackler/rust-openssl
and include information about your system as well as this message.
$HOST = x86_64-unknown-linux-gnu
$TARGET = x86_64-unknown-linux-musl
openssl-sys = 0.9.6
当我本地构建时一切正常,即 cargo build --target=x86_64-unknown-linux-gnu。
四处寻找,了解到一个环境变量,PKG_CONFIG_ALLOW_CROSS:
PKG_CONFIG_ALLOW_CROSS=true cargo build --target=x86_64-unknown-linux-musl
在这样做的过程中,我还发现我缺少 Debian 软件包
名为 libcurl4-openssl-dev.
运行 ldd target/target/x86_64-unknown-linux-musl/debug/foo
指示可执行文件是动态链接的,然后搜索
此外,我了解了另一个环境变量,
PKG_CONFIG_ALL_STATIC:
PKG_CONFIG_ALL_STATIC=true PKG_CONFIG_ALLOW_CROSS=true cargo build --target=x86_64-unknown-linux-musl
这揭示了一大堆失踪的部门,所有这些(幸运的是)
有 Debian 依赖项。但是安装所有这些都没有帮助,因为,
最后,我仍然坐在一个不是的可执行文件上
静态链接 .
我放弃了,最后使用 cross:
cargo install cross
cross build --target=x86_64-unknown-linux-musl
这太简单了,您会在 target/x86_64-unknown-linux-musl/debug 中找到可执行文件。
curl crate 依赖于(直接或间接)两个 crate libz-sys 和 openssl-sys。
名称以“-sys”结尾的箱子通常是一组绑定到本机 C 库的 FFI(外部函数接口)。
构建这样一个“-sys”包需要 linking 到本机库。如果您的目标是 x86_64-unknown-linux-musl,那么您必须 link 到针对 musl 而不是 glic 构建的本机库。但是,您在发行版存储库中找到的大多数软件包都提供针对 glibc 构建的库。
解决方案是自己构建所需的库,link使用 musl 而不是 glibc。
我无法访问 Debian 安装,但在 Ubuntu 16.04 上,OpenSSL 看起来像这样:
# this package provides the "musl-gcc" wrapper
apt-get install musl-tools
# you will also need these, if they are not installed yet
apt-get install pkg-config xutils-dev build-essential
# Download and build OpenSSL against musl
VERS=1.0.2j
export CC=musl-gcc
export MUSL_PREFIX=/usr/local/musl
export C_INCLUDE_PATH="$MUSL_PREFIX/include/"
curl -O https://www.openssl.org/source/openssl-$VERS.tar.gz
tar xvzf openssl-$VERS.tar.gz
cd openssl-$VERS
./config --prefix "$MUSL_PREFIX"
make depend
make
sudo make install
export OPENSSL_DIR=/usr/local/musl/
export OPENSSL_STATIC=1
一旦你有一个相同的 libz(我还没有尝试构建它),你应该能够构建你的板条箱:
cargo build --target=x86_64-unknown-linux-musl
并且生成的二进制文件将在 target/x86_64-unknown-linux-musl/debug/<binary_name>
cross 工具基本上就是这样做的,但是在 Docker 容器中以保持主机清洁。
此构建生成的二进制文件应该是静态 linked,甚至不依赖于 glibc。这也意味着它会更大*,如果在其中一个中发现安全问题,您将需要自行升级任何依赖项(尤其是 OpenSSL)。
*您可能希望在发布的二进制文件上使用 strip。
我在 amd64 Debian 机器上,正在尝试构建 x86_64-unknown-linux-musl 可执行文件。我的 Cargo.toml:
里有这个[dependencies]
curl = "0.4"
当我 运行 cargo build --target=x86_64-unknown-linux-musl 我得到
这个:
error: failed to run custom build command for `libz-sys v1.0.10`
process didn't exit successfully: `/tmp/foo/target/debug/build/libz-sys-c20da5f29c41e515/build-script-build` (exit code: 101)
--- stdout
OPT_LEVEL = Some("0")
PROFILE = Some("debug")
TARGET = Some("x86_64-unknown-linux-musl")
debug=true opt-level=0
HOST = Some("x86_64-unknown-linux-gnu")
TARGET = Some("x86_64-unknown-linux-musl")
TARGET = Some("x86_64-unknown-linux-musl")
HOST = Some("x86_64-unknown-linux-gnu")
CC_x86_64-unknown-linux-musl = None
CC_x86_64_unknown_linux_musl = None
TARGET_CC = None
CC = None
HOST = Some("x86_64-unknown-linux-gnu")
CROSS_COMPILE = None
TARGET = Some("x86_64-unknown-linux-musl")
HOST = Some("x86_64-unknown-linux-gnu")
CFLAGS_x86_64-unknown-linux-musl = None
CFLAGS_x86_64_unknown_linux_musl = None
TARGET_CFLAGS = None
CFLAGS = None
running: "./configure" "--prefix=/tmp/foo/target/x86_64-unknown-linux-musl/debug/build/libz-sys-e109627694e9981e/out"
Compiler error reporting is too harsh for ./configure (perhaps remove -Werror).
** ./configure aborting.
--- stderr
thread 'main' panicked at 'failed to run successfully: exit code: 1', /home/tshepang/.cargo/registry/src/github.com-1ecc6299db9ec823/libz-sys-1.0.10/build.rs:189
当我重新运行它时:
error: failed to run custom build command for `openssl-sys v0.9.6`
process didn't exit successfully: `/tmp/foo/target/debug/build/openssl-sys-ac9c042b062dad1d/build-script-build` (exit code: 101)
--- stderr
thread 'main' panicked at '
Could not find directory of OpenSSL installation, and this `-sys` crate cannot
proceed without this knowledge. If OpenSSL is installed and this crate had
trouble finding it, you can set the `OPENSSL_DIR` environment variable for the
compilation process.
If you're in a situation where you think the directory *should* be found
automatically, please open a bug at https://github.com/sfackler/rust-openssl
and include information about your system as well as this message.
$HOST = x86_64-unknown-linux-gnu
$TARGET = x86_64-unknown-linux-musl
openssl-sys = 0.9.6
当我本地构建时一切正常,即 cargo build --target=x86_64-unknown-linux-gnu。
四处寻找,了解到一个环境变量,PKG_CONFIG_ALLOW_CROSS:
PKG_CONFIG_ALLOW_CROSS=true cargo build --target=x86_64-unknown-linux-musl
在这样做的过程中,我还发现我缺少 Debian 软件包 名为 libcurl4-openssl-dev.
运行 ldd target/target/x86_64-unknown-linux-musl/debug/foo
指示可执行文件是动态链接的,然后搜索
此外,我了解了另一个环境变量,
PKG_CONFIG_ALL_STATIC:
PKG_CONFIG_ALL_STATIC=true PKG_CONFIG_ALLOW_CROSS=true cargo build --target=x86_64-unknown-linux-musl
这揭示了一大堆失踪的部门,所有这些(幸运的是) 有 Debian 依赖项。但是安装所有这些都没有帮助,因为, 最后,我仍然坐在一个不是的可执行文件上 静态链接 .
我放弃了,最后使用 cross:
cargo install cross
cross build --target=x86_64-unknown-linux-musl
这太简单了,您会在 target/x86_64-unknown-linux-musl/debug 中找到可执行文件。
curl crate 依赖于(直接或间接)两个 crate libz-sys 和 openssl-sys。
名称以“-sys”结尾的箱子通常是一组绑定到本机 C 库的 FFI(外部函数接口)。
构建这样一个“-sys”包需要 linking 到本机库。如果您的目标是 x86_64-unknown-linux-musl,那么您必须 link 到针对 musl 而不是 glic 构建的本机库。但是,您在发行版存储库中找到的大多数软件包都提供针对 glibc 构建的库。
解决方案是自己构建所需的库,link使用 musl 而不是 glibc。
我无法访问 Debian 安装,但在 Ubuntu 16.04 上,OpenSSL 看起来像这样:
# this package provides the "musl-gcc" wrapper
apt-get install musl-tools
# you will also need these, if they are not installed yet
apt-get install pkg-config xutils-dev build-essential
# Download and build OpenSSL against musl
VERS=1.0.2j
export CC=musl-gcc
export MUSL_PREFIX=/usr/local/musl
export C_INCLUDE_PATH="$MUSL_PREFIX/include/"
curl -O https://www.openssl.org/source/openssl-$VERS.tar.gz
tar xvzf openssl-$VERS.tar.gz
cd openssl-$VERS
./config --prefix "$MUSL_PREFIX"
make depend
make
sudo make install
export OPENSSL_DIR=/usr/local/musl/
export OPENSSL_STATIC=1
一旦你有一个相同的 libz(我还没有尝试构建它),你应该能够构建你的板条箱:
cargo build --target=x86_64-unknown-linux-musl
并且生成的二进制文件将在 target/x86_64-unknown-linux-musl/debug/<binary_name>
cross 工具基本上就是这样做的,但是在 Docker 容器中以保持主机清洁。
此构建生成的二进制文件应该是静态 linked,甚至不依赖于 glibc。这也意味着它会更大*,如果在其中一个中发现安全问题,您将需要自行升级任何依赖项(尤其是 OpenSSL)。
*您可能希望在发布的二进制文件上使用 strip。