You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@impala.apache.org by mi...@apache.org on 2023/07/01 01:11:28 UTC
[impala] 01/03: IMPALA-12252: Support distcc server on Ubuntu 20.04
This is an automated email from the ASF dual-hosted git repository.
michaelsmith pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/impala.git
commit 5fe088f9526ce0c460e095b7f639d4af46e0f97d
Author: Zoltan Borok-Nagy <bo...@cloudera.com>
AuthorDate: Wed Jun 28 17:11:47 2023 +0200
IMPALA-12252: Support distcc server on Ubuntu 20.04
This patch updates our scripts to support our distcc server to be
executed on Ubuntu 20.04.
One issue to overcome was because of a security fix in distcc. Newer
versions only allow compiler programs to be executed if they have
a symlink under /usr/lib/distcc.
Testing:
* tested manually
Change-Id: I3cb4dbb210ec22195450dd1a0cb64e00a4559c19
Reviewed-on: http://gerrit.cloudera.org:8080/20137
Reviewed-by: Impala Public Jenkins <im...@cloudera.com>
Tested-by: Impala Public Jenkins <im...@cloudera.com>
---
bin/distcc/distcc_server_bootstrap.sh | 9 +++++++--
bin/distcc/distcc_server_setup.sh | 11 +++++++++--
2 files changed, 16 insertions(+), 4 deletions(-)
diff --git a/bin/distcc/distcc_server_bootstrap.sh b/bin/distcc/distcc_server_bootstrap.sh
index 187366478..3c5ee77d7 100755
--- a/bin/distcc/distcc_server_bootstrap.sh
+++ b/bin/distcc/distcc_server_bootstrap.sh
@@ -36,8 +36,8 @@ fi
OS_ID=$(source /etc/os-release && echo $ID)
OS_VERSION=$(source /etc/os-release && echo $VERSION_ID)
if [[ "$OS_ID" == Ubuntu ]]; then
- if ! [[ $OS_VERSION == 16.04 || $OS_VERSION == 18.04 ]]; then
- echo "This script only supports Ubuntu 16.04 and 18.04" >&2
+ if ! [[ $OS_VERSION == 16.04 || $OS_VERSION == 18.04 || $OS_VERSION == 20.04 ]]; then
+ echo "This script only supports Ubuntu 16.04, 18.04, and 20.04" >&2
exit 1
fi
fi
@@ -72,4 +72,9 @@ sudo -u distccd -H bash <<"EOF"
DOWNLOAD_CDH_COMPONENTS=false ./bin/bootstrap_toolchain.py
EOF
+# To resolve CVE-2004-2687, newer distcc versions only allow programs to be executed
+# if they have a symlink under '/usr/lib/distcc'.
+# https://github.com/distcc/distcc/commit/dfb45b528746bf89c030fccac307ebcf7c988512
+sudo ln -s $(which ccache) /usr/lib/distcc/ccache
+
(cd impala && ./bin/distcc/distcc_server_setup.sh "$@")
diff --git a/bin/distcc/distcc_server_setup.sh b/bin/distcc/distcc_server_setup.sh
index 8d5d7bb98..05a88d90b 100755
--- a/bin/distcc/distcc_server_setup.sh
+++ b/bin/distcc/distcc_server_setup.sh
@@ -60,8 +60,9 @@ ALLOWED_NETS=$1
OS_ID=$(source /etc/os-release && echo "$ID")
OS_VERSION=$(source /etc/os-release && echo "$VERSION_ID")
if [[ "$OS_ID" == ubuntu ]]; then
- if ! [[ $OS_VERSION == 14.04 || $OS_VERSION == 16.04 || $OS_VERSION == 18.04 ]]; then
- echo "This script only supports Ubuntu 14.04, 16.04 and 18.04" >&2
+ if ! [[ $OS_VERSION == 14.04 || $OS_VERSION == 16.04 || $OS_VERSION == 18.04 || \
+ $OS_VERSION == 20.04 ]]; then
+ echo "This script only supports Ubuntu 14.04, 16.04, 18.04, and 20.04" >&2
exit 1
fi
LINUX_FLAVOUR=ubuntu
@@ -125,3 +126,9 @@ service ${DISTCCD_SERVICE} restart
echo "Symlinking /opt/Impala-Toolchain to default toolchain location"
ln -f -s -T "${IMPALA_HOME}/toolchain" /opt/Impala-Toolchain
+
+# To resolve CVE-2004-2687, newer distcc versions only allow programs to be executed
+# if they have a symlink under '/usr/lib/distcc'.
+# https://github.com/distcc/distcc/commit/dfb45b528746bf89c030fccac307ebcf7c988512
+echo "Creating symlink for ccache:"
+ln -s $(which ccache) /usr/lib/distcc/ccache