Hi,

Maybe this is a noob question but I am still curious: if I only needed to upgrade a dependency of a package, would I have to reinstall that particular package for changes to be put into effect? For example, I need to upgrade NSS for security reasons but FireFox depends on NSS, so would I need to reinstall FireFox?

I'm not sure if I fully understand how dependencies work but in my mind, if there are problems/holes in a dependency, wouldn't that imply the same for the other package that depends on it? Or are they separate entities and all links/paths immediately get updated?

I should probably know the answer to this question as I have a suspicion that I wouldn't have to reinstall the other package, but I am not confident in my reasoning and would like to check with someone who knows as I am still learning.

It depends. Sometimes, e.g. when the soname of a library changes you'll need to rebuild all the packages depending on that library.

This is where the difference between LFS and a distro relying on a package management system really comes to light. Such systems conventionally record versioned dependencies into the package and will force you to reinstall dependent packages if needed. OTOH, in LFS you're on your own. You'll need to investigate yourself what has changed in NSS and how it can affect its compatibility with your Firefox build. A simple security fix most probably won't.

That said, rebuilding Firefox won't hurt. You'll stay on the safe side this way, and it's an piece of software that needs to be updated frequently anyway. But this can quickly become a royal PITA when a library like Glibc that a lot of stuff depends on, gets an upgrade.

If it's a library (and most dependencies are libraries), it works through two symbolic links. There is libfoo.so (the linkname) and that is what the program is actually built against. libfoo.so points to libfoo.so.x (the soname), which in turn points to the actual library libfoo.so.x.y.z. So as long as x doesn't change (i.e. it's not a new major version), the linkname doesn't need to be updated.

That, in fact, is a bad example as Firefox contains its own internal nss, so is not dependant on the nss package. And in fact most nss updates do not force recompilations as their API is consistent, you just replace the new package only.

But as sometone else already remarked: if the MAJOR version of a .so file changes, i.e. from .so.42 to .so.43 then you will have to recompile everything that depends ON that .so library.

Thanks guys, that was informative!

After writing that post and thinking about it later, I figured it would depend on the package because some packages require a re-installation like shadow or harfbuzz. But as shruggy said, in LFS you're on your own which is why I had to ask to double check.

@ehartman, it was a bad example, maybe harfbuzz and freetype or shadow and linux-pam would of been better examples.