Uploaded image for project: 'Data Management'
  1. Data Management
  2. DM-5802

Cmake in mariadbclient finds wrong libz

    XMLWordPrintable

Details

    • Story
    • Status: Done
    • Resolution: Done
    • None
    • None
    • None
    • 1
    • Architecture

    Description

      When building mariadbclient, cmake identifies libz from a separate python installation than the one setup to run the stack. I have an anaconda installation on the disk, and a miniconda installation set up specifically for the lsst stack. During the building process CMake for some reason finds the alternate libz associated with that python installation.

      Attachments

        Issue Links

          Activity

            Binary distributions of Enterprise MySQL apparently use the "bundled" yaSSL rather than OpenSSL. I think that means that it is safe enough for us to use it as well, at least for the time being. The risks and potential impact of an SSL-layer security breach for MySQL access are pretty low at this point, noting that passwords are not secured by SSL.

            In the longer run, for better security, it would be good to find a way to use a common OpenSSL for all parts of the stack. But in the short run, I'm OK with moving forward with bundled yaSSL for mariadbclient.

            ktl Kian-Tat Lim added a comment - Binary distributions of Enterprise MySQL apparently use the "bundled" yaSSL rather than OpenSSL. I think that means that it is safe enough for us to use it as well, at least for the time being. The risks and potential impact of an SSL-layer security breach for MySQL access are pretty low at this point, noting that passwords are not secured by SSL. In the longer run, for better security, it would be good to find a way to use a common OpenSSL for all parts of the stack. But in the short run, I'm OK with moving forward with bundled yaSSL for mariadbclient .
            tjenness Tim Jenness added a comment -

            I take this as approval that I should merge the mariadbclient changes and leave mariadb unchanged. The latter will only cause issues if mariadb is being used as a server on a machine that differs to the one it was built on.

            tjenness Tim Jenness added a comment - I take this as approval that I should merge the mariadbclient changes and leave mariadb unchanged. The latter will only cause issues if mariadb is being used as a server on a machine that differs to the one it was built on.
            mjuric Mario Juric added a comment -

            > As discussed on the community post, Mario Juric requests that we use bundled libz and ssl and I've adjusted the patch to implement that.

            Just to clarify the process (as I've seen the same misunderstanding arise elsewhere): this wasn't meant to be a formal request, just a question/comment! What goes into a release (including potential workarounds) is within the release manager's scope of authority, with some oversight from Architecture re long-term concerns (e.g. cybersecurity).

            mjuric Mario Juric added a comment - > As discussed on the community post, Mario Juric requests that we use bundled libz and ssl and I've adjusted the patch to implement that. Just to clarify the process (as I've seen the same misunderstanding arise elsewhere): this wasn't meant to be a formal request, just a question/comment! What goes into a release (including potential workarounds) is within the release manager's scope of authority, with some oversight from Architecture re long-term concerns (e.g. cybersecurity).
            tjenness Tim Jenness added a comment -

            mjuric your comments carry weight on this project

            My job is to get everyone to (finally) agree on a fix (this ticket was filed two months ago) so I'm glad we have some form of resolution. What goes in the release is a completely different issue. I'm just happy to be able to close the ticket.

            tjenness Tim Jenness added a comment - mjuric your comments carry weight on this project My job is to get everyone to (finally) agree on a fix (this ticket was filed two months ago) so I'm glad we have some form of resolution. What goes in the release is a completely different issue. I'm just happy to be able to close the ticket.
            tjenness Tim Jenness added a comment -

            I have merged the mariadbclient fix and left mariadb using the system libraries. It's trivial to also switch mariadb to bundled libraries if we need to do that later on.

            tjenness Tim Jenness added a comment - I have merged the mariadbclient fix and left mariadb using the system libraries. It's trivial to also switch mariadb to bundled libraries if we need to do that later on.

            People

              tjenness Tim Jenness
              nlust Nate Lust
              John Swinbank, Joshua Hoblitt
              Fabio Hernandez, Frossie Economou, John Swinbank, Joshua Hoblitt, Kian-Tat Lim, Mario Juric, Nate Lust, Tim Jenness, Yvan Calas
              Votes:
              0 Vote for this issue
              Watchers:
              9 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Jenkins

                  No builds found.