[DM-5802] Cmake in mariadbclient finds wrong libz - Jira

XML

Word

Printable

Details

Type: Story
Status: Done
Resolution: Done
Fix Version/s: None
Component/s: None
Labels:
None

Story Points:
1
Team:
Architecture

Description

When building mariadbclient, cmake identifies libz from a separate python installation than the one setup to run the stack. I have an anaconda installation on the disk, and a miniconda installation set up specifically for the lsst stack. During the building process CMake for some reason finds the alternate libz associated with that python installation.

Attachments

Issue Links

relates to

DM-5595 daf_persistence build failure on OSX

Done

DM-5170 mariadbclient libssl linking problems on Linux

Won't Fix

Activity

Ascending order - Click to sort in descending order

8 older comments

Hide

Permalink

Kian-Tat Lim added a comment - 08/Jun/16 12:04 PM

Binary distributions of Enterprise MySQL apparently use the "bundled" yaSSL rather than OpenSSL. I think that means that it is safe enough for us to use it as well, at least for the time being. The risks and potential impact of an SSL-layer security breach for MySQL access are pretty low at this point, noting that passwords are not secured by SSL.

In the longer run, for better security, it would be good to find a way to use a common OpenSSL for all parts of the stack. But in the short run, I'm OK with moving forward with bundled yaSSL for mariadbclient.

Show

Kian-Tat Lim added a comment - 08/Jun/16 12:04 PM Binary distributions of Enterprise MySQL apparently use the "bundled" yaSSL rather than OpenSSL. I think that means that it is safe enough for us to use it as well, at least for the time being. The risks and potential impact of an SSL-layer security breach for MySQL access are pretty low at this point, noting that passwords are not secured by SSL. In the longer run, for better security, it would be good to find a way to use a common OpenSSL for all parts of the stack. But in the short run, I'm OK with moving forward with bundled yaSSL for mariadbclient .

Hide

Permalink

Tim Jenness added a comment - 08/Jun/16 12:07 PM

I take this as approval that I should merge the mariadbclient changes and leave mariadb unchanged. The latter will only cause issues if mariadb is being used as a server on a machine that differs to the one it was built on.

Show

Tim Jenness added a comment - 08/Jun/16 12:07 PM I take this as approval that I should merge the mariadbclient changes and leave mariadb unchanged. The latter will only cause issues if mariadb is being used as a server on a machine that differs to the one it was built on.

Hide

Permalink

Mario Juric added a comment - 08/Jun/16 12:34 PM

> As discussed on the community post, Mario Juric requests that we use bundled libz and ssl and I've adjusted the patch to implement that.

Just to clarify the process (as I've seen the same misunderstanding arise elsewhere): this wasn't meant to be a formal request, just a question/comment! What goes into a release (including potential workarounds) is within the release manager's scope of authority, with some oversight from Architecture re long-term concerns (e.g. cybersecurity).

Show

Mario Juric added a comment - 08/Jun/16 12:34 PM > As discussed on the community post, Mario Juric requests that we use bundled libz and ssl and I've adjusted the patch to implement that. Just to clarify the process (as I've seen the same misunderstanding arise elsewhere): this wasn't meant to be a formal request, just a question/comment! What goes into a release (including potential workarounds) is within the release manager's scope of authority, with some oversight from Architecture re long-term concerns (e.g. cybersecurity).

Hide

Permalink

Tim Jenness added a comment - 08/Jun/16 12:37 PM

Mario Juric your comments carry weight on this project

My job is to get everyone to (finally) agree on a fix (this ticket was filed two months ago) so I'm glad we have some form of resolution. What goes in the release is a completely different issue. I'm just happy to be able to close the ticket.

Show

Tim Jenness added a comment - 08/Jun/16 12:37 PM Mario Juric your comments carry weight on this project My job is to get everyone to (finally) agree on a fix (this ticket was filed two months ago) so I'm glad we have some form of resolution. What goes in the release is a completely different issue. I'm just happy to be able to close the ticket.

Hide

Permalink

Tim Jenness added a comment - 08/Jun/16 12:53 PM

I have merged the mariadbclient fix and left mariadb using the system libraries. It's trivial to also switch mariadb to bundled libraries if we need to do that later on.

Show

Tim Jenness added a comment - 08/Jun/16 12:53 PM I have merged the mariadbclient fix and left mariadb using the system libraries. It's trivial to also switch mariadb to bundled libraries if we need to do that later on.

People

Assignee:: Tim Jenness

Reporter:: Nate Lust

Reviewers:: John Swinbank, Joshua Hoblitt

Watchers:: Fabio Hernandez, Frossie Economou, John Swinbank, Joshua Hoblitt, Kian-Tat Lim, Mario Juric, Nate Lust, Tim Jenness, Yvan Calas

Votes:: 0 Vote for this issue

Watchers:: 9 Start watching this issue

Dates

Created:: 19/Apr/16 11:32 AM

Updated:: 08/Jun/16 12:53 PM

Resolved:: 08/Jun/16 12:53 PM

Jenkins

No builds found.

Data Management

Details

Description

Attachments

Issue Links

Activity

People

Dates

Jenkins