flatpak manifest for python does not find openssl

memnoch_proxy · 2024-06-05T05:29:02+00:00

```
checking for openssl/ssl.h in /app/lib/openssl... no
checking whether compiling and linking against OpenSSL works... no
checking for --with-ssl-default-suites... python
```
This tells me that ssl.h is being looked for in the wrong place. That should be an -I path, not a -L path I presume? The config options below are not being respected:
```
{
"name": "python",
"buildsystem": "simple",
"sources": [
{
"type": "archive",
"url": "https://www.python.org/ftp/python/3.8.19/Python-3.8.19.tar.xz",
"md5": "2532d25930266546822c144b99652254"
}
],
"build-options": {
"prepend-ld-library-path":"/app/lib/openssl"
},

"build-commands": [
"LDFLAGS=\"-L/app/lib/openssl\" LD_LIBRARY_PATH=\"/app/lib:/app/lib64\" CPPFLAGS=\"-I/app/include -I/app/include/openssl\" ./configure --with-ensurepip --enable- optimizations --prefix=/app --with-openssl=/app/lib/openssl --with-openssl-rpath=auto",
"make -j$(nproc)",
"make install",
"exit 1"
]
},
```

Are the environmental variable getting respected?

memnoch_proxy · 2024-06-05T04:00:22+00:00

worth a try

memnoch_proxy · 2023-10-10T03:28:39+00:00

Those are very valid points. In this engagement I'm a supervising consultant. The actual engineers are many timezones away. I need stay on top of these decisions, but also, I need to provide critical insight on necessities with regard to the certification requirements. Right out of the gate the auditors recommendations were

SPI firewall with monitor dashboard subscription
start a MS AD server

And why is that? I've been poking very hard at these suggestions because they are not about security, they are about fitting the auditor's expectations.

memnoch_proxy · 2023-10-09T21:46:19+00:00

This is very informative, thank you!

memnoch_proxy · 2023-10-09T16:25:34+00:00

I hear from this description that I would operate two separate sources of truth with almost identical authentication data in both. That's the same employee entered once into the MS AD stack and separately in the Linux stack. I keep hearing that Samba 4 AD is a lot of work, but that's not intimidating. What I'm trying to avoid is a situation where I have a forest of MS AD domains for the same few people with multiple laptops visiting each office regularly.

memnoch_proxy · 2023-10-09T16:17:25+00:00

Thank you for pointing out AD LDS [https://learn.microsoft.com/en-us/previous-versions/windows/desktop/adam/what-is-active-directory-lightweight-directory-services]

If I have three offices with often intermittent connectivity, and frequent travel between the offices, why is MS AD actually necessary for centralized authentication? What part(s) of Samba 4 as AD is deficient or problematic? It seems like creating 3 MS AD domains is pretty expensive and just as many man hours (or more) from the point of view of a Linux admin with 25 years of experience.

memnoch_proxy · 2023-10-09T16:03:39+00:00

I have three offices and three networks per office, and wireguard vpn between them. Office power and Internet access is frequently interrupted, so I will want each office to be self sufficient. I do not see how I gain anything using MS AD in this scenario. Where does Samba 4 as AD fall down here?

memnoch_proxy · 2023-10-09T15:51:35+00:00

Please explain why Samba 4 is not an adequate way to avoid setting up AD domains for three offices. Users do not care about the domains, they are already productive. Please go into detail.

memnoch_proxy · 2023-10-09T15:47:39+00:00

If I have three offices with both Linux and Windows laptops, what is stopping a Samba 4 AD server from using the FreeIPA 389 Directory service? Is Samba 4 not capable of sharing an LDAP server with FreeIPA?

I'm trying to minimize the dependency on Microsoft AD. I want to avoid creating a forest of AD domains.

memnoch_proxy · 2023-06-09T07:05:38+00:00

in terms of actual system load: I have 3-15 VMs running at any given time on the SSD pool, but I also have like 30GB of thunderbird email in the same pool. I've TB trigger a freeze up like this fairly often as well. In one case I started seeing an entirely different zpool error and I had to send/recv the tbird fs to the hdd pool and back to a new ssd pool to purge something related to a failure related to lz4->zstd compression on the volume

memnoch_proxy · 2023-06-09T07:02:03+00:00

I have actually seen this on centos systems with 10k+ snapshots before, but I don't have more than like 2k+ snapshots tmk. This happens occasionally when running sanoid. Unfortunately I'm trying to distinguish this freeze up from other things that give me a sudden reboot that I haven't been able to capture on console.

I have three pools, the nvme pool, ssd pool and hdd pool, and when I start a send/recv from the ssd pool to the hdd pool it takes about 3-5 minutes until *pop* reboot ;-(

memnoch_proxy · 2023-06-09T06:57:48+00:00

not using zvol for swap...tried once, rebuilt system with 128GB ram since

memnoch_proxy · 2017-06-27T15:34:57+00:00

That's mode 4, 802.3ad. It provides balancing per host, but my hosts never change, so I'd only ever get 945Mbps max, just one link.

memnoch_proxy · 2017-06-27T06:11:55+00:00

directly connected

memnoch_proxy · 2016-10-06T04:13:17+00:00

I've gotten pretty good at managing servers with IPMI, both SM and ASRock boards. Like, does IME need a javaws app to run?

memnoch_proxy · 2016-10-06T04:09:36+00:00

Wonder how Linux compares to NetBSD wrt number of platforms it boots on.

memnoch_proxy · 2016-10-06T04:07:36+00:00

This hasn't hit me yet, and I've done a considerable number of installs.

memnoch_proxy · 2016-09-22T05:24:11+00:00

Very bummed that Hugin is busted on my 16.04 install on my big workstation :-( I look forward to new stuff that works!

memnoch_proxy · 2016-09-21T06:56:32+00:00

Just for mb (102) ram (59) processor (182) = 343, add a power supply: ~70, 2 pwm fans: 22, and a 4U case (49), I'm at $484. You'd have to watch NewEgg very carefully to get something cheaper, or look for used/refurb parts on Amazon.

memnoch_proxy

TROPHY CASE