Hi Jack,
On 19/06/15 19:05, Jack Perdue wrote:
Howdy all,
The whole toolchain/bundle thread has sparked
me to express a frustration I've had of late.
Lately, the default for EB has been to use the
OpenSSL included with the system (via openssl-devel
on RHEL). This makes sense in terms of keeping
up to date with needed security fixes.
However, on RHEL, openssl-devel requires zlib-devel.
And unless great care is taking during the configure_step,
most packages will invariably pick up the version in /usr
and not the one at $EBROOTZLIB.
I think just including zlib as a dependency suffices?
Since the zlib module will update $LIBRARY_PATH, $CPATH, etc., it should
win over the system zlib?
Unless you're using a compiler that blatently ignores these environment
variables...
I work around this by "yum install openssl-devel" and
then "rpm -e zlib-devel --nodeps". But I'm not sure that's
the best solution.
Well, that will only work out if you don't need zlib for anything else
on the system...
binutils requires zlib too, for example.
What would be a better one?????
This relates to a post on the Lmod-users mailing list I answered just
now: a Nix build environment that isolates you from the OS (in the sense
that you're in full control over what is visible/provided by the OS)
*may* be a solution.
However, since you would want OpenSSL to be available, but not zlib
which is required by it, I'm not sure if it'll work out well...
Another solution is another form of jail, where you selectively
whitelist (libraries and include) files that EasyBuild is allowed to
pick up from the OS.
This can be done via a $LD_PRELOAD library what hijacks the system calls
that open files.
I was playing around with the HashDist jail tool a while ago, but I
never got it to work...
regards,
Kenneth
