OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Re: Why does mysql have trouble in launching "mysql" and some other ap ps?

From: Tetsuji (maverick6664aquarius.livedoor.com)
Date: Sat Apr 02 2005 - 16:21:59 CST

--Pineau Benjamin<ben.pineaugmail.com> wrote:
>On Apr 2, 2005 9:57 PM, Tetsuji Maverick Rai
><maverick6664aquarius.livedoor.com> wrote:
>> Now I am wondering which *BSD I should use...FreeBSD/NetBSD/OpenBSD....I wonder
>> why it works with FreeBSD while it doesn't with OpenBSD. Does FreeBSD do any tricks
>> with libtool?
>
>No, he just use -pure hazard- a libtool version that matches the one
>used by mysql developpers. As Marc said, this isn't a bug in mysql nor
>in OpenBSD, but rather a problem
>with libtool (wich isn't used to maintain a good compatibility among versions).
>This problem affects also amd64 users, and recent Fedora Core Linux
>distribution etc.
>
>Anyway, it's a very small problem, and once resolved, everything run
>very fine on OpenBSD.
>

okay...it sounds nice. Anyway I will use ports to avoid that.

>> I am thinking of using ports, but usually ports.tar.gz is out of date...
>
>Now the real question: do you *really* need a more recent version of
>mysql ? think about that twice. The ports on OpenBSD are maintaned and
>updated when security problems occurs ... So you miss this great
>avantage by running your own version of mysql.
>
>> Now I have another question; When I build php-4.3.10(oh, now the latest one is 4.3.11) or
>> php-5.0.3, it creates libphp4.so or libphp5.so as an apache module, and at first it
>> *seems* to work with apache. However after rebooting OpenBSD, apache won't
>> launch....I mean "apachectl start" won't complain, but httpd's aren't running. What's the
>> problem? If I remove "Loadmodule modules/libphp4.so" in conf/httpd.conf, apache runs
>> normally.....and it doesn't happen with FreeBSD.
>
>Did you notice that apache, on OpenBSD, runs chrooted ? see the faq
>about that ...
>
>ps: by the way, I wouldn't recommand you to use apache2 (rather than
>1.3.x) on an unix plateform, especially if you want to use a php .so
>(google about this, you'll see it's also
>the opinion of the core php developers).
>

I don't mind the version of mysql so much (especially, both php4 and 5 seem to have problems with password authentication..I have a problem with phpMyAdmin with mysql-4.1.x on Linux/FreeBSD..so I want to stick to mysql-4.0.x. My concern is if any vulnerability is found in *any* of the packages, how I can update. How often is ports.tar.gz updated? Is ports.tar.gz in snapshots directory compatible with older versions of OpenBSD(3.5 or 3.6 or in the future, 3.7 when 3.7 is released)? I'm not

 familiar with OpenBSD yet, so I'd like to know it. I know OpenBSD is very secure.

And another concern is apache-1.3.x comes with OpenBSD by default, not as a package. It means *if* any vulnerability is found with that version of apache, I need to install the new one by hand instead of compiling it in the port directory.

 I will check the chroot trick. It makes sense. Thanks.

PS: I found port is downloadable via cvs. Is it compatible with older versions of OpenBSD releases (3.5,3.6..)?
--------
Tetsuji 'Maverick' Rai
Born to be the luckiest guy in the world! May the Force be with me!
Aviation Joke: http://www.geocities.com/tetsuji_rai
Profile: http://maverick.ns1.name/
http://n.1asphost.com/ro0tless/
maverick6664abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijk.com

-----------------------------------------------
2GB$B$^$G%a!<%k$d2hA|$J$ICy$aJ|Bj!*$5$i$KFCE5$$$C$Q$$"v(B
livedoor $B%.%,%a!<%i!<%W%i%9(B $B!Z?7EP>l![(B
http://gigamailerplus.livedoor.com/