Mysql was droped two years ago.
https://git.ipfire.org/?p=ipfire-2.x.git;a=commit;h=2d5940daca7ccdf94796979a247d645a14191a11
I know, but it worked without problems until today i decided update from 138 to 141. What old version i must restore to get addon back? I use none of ipfire todays improwements.
Stange. IPFire 2.19 core119 should remove mysql. And its a bad idea to use such old version. It was years outdated at time of remove.
The pakfire trees for 2.19 contain no addons anymore. Only the files needed for upgrade.
1 Like
But I have no other option but to get the version that still has this addon no matter how old - 90 users cannot login into computers. And we have no other server computers (and no need such untill now) where i can install mysql for only two tables.
For login only, there are other possibilities ( within IPFire also ).
These could have been installed in the time since mysql was dropped.
Then you can only try to copy a static linked binary from here: https://dev.mysql.com/downloads/mysql/
But im not sure if this work.
I have mysql installation files, but what commands for manual installation (ipfire is debian, redhat, ubuntu or what like?)
Hi all,
Marcel do have actual versions of MariaDB but since he build it in a whole environment like the Mailproxy --> https://forum.ipfire.org/viewtopic.php?f=17&t=17360 and the Mailserver --> https://forum.ipfire.org/viewtopic.php?f=17&t=17360 this version might be highly adapted to his needs, not sure if this is therefore a help for you.
You can fin in here --> https://git.ipfire.org/?p=people/mlorenz/ipfire-2.x.git;a=blob;f=lfs/mariadb;h=b65518be7b520ff958d895deb59b2322fa2cfc08;hb=70b6affe0dcfa42997ee5fac7141bdd7f0bfe4d3 the building instructions (LFS file) and in here the packages --> https://people.ipfire.org/~mlorenz/pak/ .
Take care if you use them, write him may in one of the topics.
As an idea,
Best,
Erik
Thanks for ideas!
Found a temporary solution - import my database into external server mysql database of another organisation and redirect ipfire’s mysql port to that external server (as ipfire is firewall).
But however, let me express my thoughts about that situation here.
Why do software authors feel it is imperative to eliminate old things that work well (especially if they are open source). Even though security risks are theoretically open, I am aware of them, and maybe I have a configuration that does not matter. I started using ipfire 2.15 with only 4 services, so I still do it, I don’t need any more. Now, overnight, I have to figure out how to throw out ipfire and install something else (firewall+DNS+DHCP+mysql) there.
When I started working on PCs, for example, the Autocad program came on a single 1.44MB floppy disk and ran hundreds of kilobytes of RAM. Today, it takes up a few gigabytes of computer, requires large amounts of computer memory, but in essence, it has not increased in speed, nor has basic functionality changed. Just a variety of beauties, some of which don’t require anything. The software, unlike cars, does not rust and should be allowed to run for as long as the user likes it.
And ipfire likes me!
Twentytwo open CVE is not a theoretical risk.
https://www.cvedetails.com/vulnerability-list/vendor_id-185/product_id-316/version_id-55499/Mysql-Mysql-5.0.36.html
The other thing it that it was incompatible with gcc/glibc updates and has not build anymore…
1 Like
Please do not recommend installing any third party software on your firewall.
It is not maintained, and I personally find it very questionable where this is all coming from and how it is being published. It is simply unsafe software.
About software ( and other things made by humans ): There never a complete and error free version!
In contrast to solid state products ( cars, houses, … ) errors and incomplete functions can be easily corrected, when they are known. But these deficiencies can also be abused.
Thus it is recommended not to use unsupported software longer than necessary.
That is why we have package managers that simply update packages. Those packages are signed and you can trust that they are coming from a source you trust.
Those there are not, and once people installed them, they will run them until they break. Let’s be honest.
1 Like
Sorry, if my last sentence wasn’t exact enough.
Deficiencies in software can be abused much easier because of the nature of the product.
Especially in a security application one should minimize these!!
Hope, this clears my opinion.
Sorry for my try to help in the wrong way !
am having again a package here on the platform which is also not signed and therefore not trusted, should i finish this kind of working with another and delete it ?
Best,
Erik
IMHO: Wouldn’t it be the better way to combine the existing forces in the community and agree on a standard scope in Ipfire and maintain it together, instead of arguing about the projects developed in many places by lone fighters with a lot of passion?
Only my 2 cents For the functionality of a firewall everything around network and VPN as secure as possible no more and no less.
Regards
Could it be submitted to the IPFire Developers for review and approval?
Spoken for myself, at the current state no. My requirement is to get a deeper know how of a possible new addon, which means also a deeper testing before i make a merge request. Apart from that, the question above is more a principal then a specific one.
Best,
Erik
You can of course build things and test them. I would hope that everything will be integrated into the distribution at some point. It is probably worth to talk about this first and then start the work.
But it is definitely dangerous when a number of users uses this in production. It will never be updated and expose those users to some vulnerabilities - depending on what it is. That is where I see the problem.
That would be great, but some people (not taking part in this discussion unfortunately) like doing their own thing. They can do it, because IPFire is Open Source software and the license allows it. But just because it is allowed, doesn’t mean that it is a good idea.
1 Like