Autoconf and configure features that people find valuable

April 27, 2024

In the wake of the XZ Utils backdoor, which involved GNU Autoconf, it has been popular to suggest that Autoconf should go away. Some of the people suggesting this have also been proposing that the replacement for Autoconf and the 'configure' scripts it generates be something simpler. As a system administrator who interacts with configure scripts (and autoconf) and who deals with building projects such as OpenZFS, it is my view that people proposing simpler replacements may not be seeing the features that people like me find valuable in practice.

(For this I'm setting aside the (wasteful) cost of replacing Autoconf.)

Projects such as OpenZFS and others rely on their configuration system to detect various aspects of the system they're being built on that can't simply be assumed. For OpenZFS, this includes various aspects of the (internal) kernel 'API'; for other projects, such as conserver, this covers things like whether or not the system has IPMI libraries available. As a system administrator building these projects, I want them to automatically detect all of this rather than forcing me to do it by hand to set build options (or demanding that I install all of the libraries and so on that they might possibly want to use).

As a system administrator, one large thing that I find valuable about configure is that it doesn't require me to change anything shipped with the software in order to configure the software. I can configure the software using a command line, which means that I can use various means to save and recall that command line, ranging from 'how to build this here' documentation to automated scripts.

Normal configure scripts also let me and other people set the install location for the software. This is a relatively critical feature for programs that may be installed as a Linux distribution package, as a *BSD third party package, by the local system administrator, or by an individual user putting them somewhere in their own home directory, since all four of these typically need different install locations. If a replacement configure system does not accept at least a '--prefix' argument or the equivalent, it becomes much less useful in practice.

Many GNU configure scripts also let the person configuring the software set various options for what features it will include, how it will behave by default, and so on. How much these are used varies significantly between programs (and between people building the program), but some of the time they're critical for selecting defaults and enabling (or disabling) features that not everyone wants. A replacement configure system that doesn't support build options like these is less useful for anyone who wants to build such software with non-standard options, and it may force software to drop build options entirely.

(There are some people who would say that software should not have build options any more than it should have runtime configuration settings, but this is not exactly a popular position.)

This is my list, so other people may well value other features that are supported by Autoconf and configure (for example, the ability to set C compiler flags, or that it's well supported for building RPMs).


Comments on this page:

By Alexis at 2024-04-27 22:37:50:

i'd be interested in your thoughts on this post on rachelbythebay's blog:

So, okay, fine, at some point it made sense to run programs to empirically determine what was supported on a given system. What I don't understand is why we kept running those stupid little shell snippets and little bits of C code over and over. It's like, okay, we established that this particular system does <library function foobar> with two args, not three. So why the hell are we constantly testing for it over and over?

Why didn't we end up with a situation where it was just a standard thing that had a small number of possible values, and it would just be set for you somewhere? Whoever was responsible for building your system (OS company, distribution packagers, whatever) could leave something in /etc that says "X = flavor 1, Y = flavor 2" and so on down the line.

...

[I]t's still normal to ship a .tar.gz with an absolute crap-ton of dumb little macro files that run all kinds of inscrutable tests that give you the same answers that they did the last time they ran on your machine or any other machine like yours, and WILL give the same answers going forward.

That means it's totally normal to ship all kinds of really crazy looking stuff, and so when someone noticed that and decided to use that as their mechanism for extracting some badness from a so-called "test file" that was actually laden with their binary code, is it so surprising that it happened? To me, it seems inevitable.

By cks at 2024-04-28 00:58:13:

There has been some movement toward a style of almost statically known package configuration, with tools like pkg-config. Where there are API differences between versions of packages, these tools could presumably be extended to provide ways to report this (I think today some of this is done by versioning the package name).

However, broadly rachelbythebay's post is focused on what I could call the broad system API, where you can assume that most or all systems of this type (say 'Debian version X') have the same APIs with the same behavior, so there's no point in testing for it over and over. There is another important class of things that configure can test for, which covers optional APIs, like whether or not IPMI libraries are available, and behavior that isn't even exposed as an API (eg, the specific kernel version and its internal behavior). These are more or less always going to need some sort of specific dynamic check, even if the check is 'does pkg-config know about IPMI library X and can tell us how to use it'.

Configure's dynamic probing is also mechanism neutral (and cross system), which is an important consideration in practice because the open source world almost never agrees on a single mechanism for things. Even pkg-config isn't universally used, although I think it's pretty common (at least on Linux).

(I believe modern versions of autoconf try to have configure use pkg-config for a lot of things if it's available, although they can't necessarily do checks of specific APIs without test compiles.)

By hester at 2024-04-28 09:55:04:

There is another important class of things that configure can test for, which covers optional APIs, like whether or not IPMI libraries are available, and behavior that isn't even exposed as an API (eg, the specific kernel version and its internal behavior).

Some of these seem like misfeatures to me. Kernel versions change after programs are installed, so how can it make sense to check at build time? It doesn't even seem possible when cross-compiling.

And I've been bitten too many times by scripts automatically disabling features because some library wasn't installed when building. Even distributions have had bugs like this, where the packager forgot to list a build dependency, and some feature such as IPMI just disappears on an update. Or appears when I build it myself, because I had an optional package installed for unrelated reasons (and I don't think there's such as thing as a build-anti-dependency).

DESTDIR is an important feature not mentioned yet. One would have to be a little crazy to run "make install" as root; but DESTDIR makes it possible to run that as a normal user, then copy and chown the resulting tree after inspecting it. Much better than --prefix, because most programs shouldn't be hard-coding absolute paths into their binaries anyway.

By cks at 2024-04-28 13:51:07:

OpenZFS checks internal kernel APIs because it builds a kernel module and intends to work on a very wide range of kernel versions (and the Linux kernel has no such thing as a stable API). This is imperfect but generally works, even in the face of kernel structures changing fields, kernel functions changing arguments, and what kernel functions to call to do things changing over time.

As far as optional or your choice of libraries goes, Conserver has chosen (for whatever reason) to not require you to build and have the IPMI libraries but instead make IPMI Serial over LAN support optional. Another area of compile time detection of libraries is when there are multiple alternate libraries and some people have reasons to pick one or another. For example, OpenSSL versus GnuTLS for TLS support, which is a choice offered by a number of programs. You could force the person building the software to make a specific choice and then have the build error out if their choice is not present, but this is often considered unfriendly by build configuration systems (and leads to its own errors if you accidentally don't set the option at all).

By Ian Z aka nobrowser at 2024-04-28 14:46:45:

Detecting optional libraries (and their versions and API levels) would be much easier if everyone just started providing pkgconfig files.

By hester at 2024-04-28 18:36:53:

OpenZFS checks internal kernel APIs because it builds a kernel module and intends to work on a very wide range of kernel versions

But that shouldn't involve "detect[ing] various aspects of the system [it's] being built on"; it should be probing the APIs of the system it's being built for. It's kind of important that the module be built for the kernel you intend to boot, especially if that source (or the root filesystem) is stored in OpenZFS.

(I guess your statement is in some sense true, in that the presence of the next-kernel headers is as aspect of the system being built on.)

You could force the person building the software to make a specific choice and then have the build error out if their choice is not present, but this is often considered unfriendly by build configuration systems

I get the user-friendliness aspect, but I value predictability more. Maybe the scripts should have a big "--auto" switch to explicitly ask for as much automation as possible? Distros, of course, shouldn't use that, except perhaps once to generate the "configure" command line to put in the source package. This suggests that, for reproducibility, it'd be good to print such a command line, rather than just the human-readable "detected FOO: yes".

Scripts could also detect that they're being run from a TTY, and if no arguments are present, ask the user whether to auto-detect the optional features.

A lot of Autoconf configure scripts have the opposite of —auto which is called --enable-maintainer-mode and prevents the script from changing build dependencies based on their availability. No autodetection is done to change defaults, they stay in force unless overridden by arguments, and if a dependency is missing the build just fails instead of succeeding by building a lesser-featured artifact.

Written on 27 April 2024.
« I wish projects would reliably use their release announcements mechanisms
How I (used to) handle keeping track of how I configured software »

Page tools: View Source, View Normal.
Search:
Login: Password:

Last modified: Sat Apr 27 22:29:37 2024
This dinky wiki is brought to you by the Insane Hackers Guild, Python sub-branch.