Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-21942

Building 10.5 requires Internet access

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Critical
    • Resolution: Fixed
    • Affects Version/s: 10.5.2
    • Fix Version/s: 10.5.2
    • Component/s: Packaging
    • Labels:
      None

      Description

      While building the latest 10.5 git head I noticed that if requires Internet access during the build. If there is no Internet, it will fail with:

      -- Using src='http://ftp.pcre.org/pub/pcre/pcre2-10.34.zip'
      CMake Error at pcre2-stamp/download-pcre2.cmake:159 (message):
        Each download failed!
       
          error: downloading 'http://ftp.pcre.org/pub/pcre/pcre2-10.34.zip' failed
               status_code: 6
               status_string: "Couldn't resolve host name"
               log:
               --- LOG BEGIN ---
               Could not resolve host: ftp.pcre.org
      

      Requiring mandatory Internet access for a build is bad practice and universally forbidden across all Linux distributions and all places that care about security and reliability.

      All build dependencies should be stated explicitly in the build dependencies, and there should be no need to access the public Internet during the download. If there are any such extra steps, they should be strictly optional. Preferably though there would be no such step at all anywhere.

      I could also go into detail to explain how this feature can be used moderately easily to backdoor all MariaDB 10.5 builds and completely compromise the supply chain security, but I assume all involved parties understand this anyway and this feature was just some temporary misjudgment.

        Attachments

          Activity

            People

            Assignee:
            serg Sergei Golubchik
            Reporter:
            otto Otto Kekäläinen
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: