Hi there,
I’ve asked a similar question regarding PXC8 over on PXC8 tarball glibc version suitable for RHEL8? but is there a reason there is only a glibc2.17 tarball version of Percona XtraBackup 8 available?
Similar to PXC8, the glibc2.17 tarball of Percona XtraBackup 8 contains old openssl-1.0.2k libs which tend to get pinged by vulnerability scans these days.
I guess I was hoping there might be el8 (glibc2.28) and el9 (glibc2.34) versions of these available.
many thanks,
Neil
I noticed that Evgeniy has answered already on the other thread: PXC8 tarball glibc version suitable for RHEL8? - #3 by Evgeniy_Patlan
Let me add a couple of cents to the response.
First of all: you are right: the way how we build the tarballs is actually creating this potential issue you have brought up. We are discussing internally if and when we can change the approach we have for the tarballs and create them per specific operating system, instead of making them generic. This way there is a higher chance you will see the solution compiled with latest version of glibc. While this is a topic we have on our radars, there is no ETA for the solution that I can share at the moment. I’ll make a note to update you as soon as we have a plan in place.
This brings me to part two of my answer: the alternatives. I am afraid that at the moment the only way to assure newer version of glibc being used is either to use the packages compiled for specific OSes, or to compile the software yourself.
Which is why I wanted to ask you about the reasons you go with the tarballs. In the other thread you mentioned the inability to deploy software with the root permissions. Do you mind sharing a few more details with me? I am super happy to jump on a quick call if that make things easier.
Regards,
Bartek
Group PM at Percona
Thank you for the response Bartek - I’ll drop you a private message.
Neil
Unanswered | Unsolved | Solved
MySQL, InnoDB, MariaDB and MongoDB are trademarks of their respective owners.
Copyright © 2006 - 2021 Percona LLC. All rights reserved.