Percona XtraBackup moved to https://jira.percona.com/projects/PXB

Possible License issue with XtraBackup

Bug #1668224 reported by Daniël van Eeden on 2017-02-27

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Percona XtraBackup moved to https://jira.percona.com/projects/PXB	New	Undecided	Unassigned

Bug Description

It looks like XtraBackup as distributed in binary form by Percona is build with -DWITH_SSL=system which means it is linked against OpenSSL.

storage/innobase/xtrabackup/COPYING seems to indicate XtraBackup is GPLv2 licensed.

This combination might be an issue:
https://people.gnome.org/~markmc/openssl-and-the-gpl.html
https://people.debian.org/~bap/dfsg-faq.html (Question 28)
https://lintian.debian.org/tags/possible-gpl-code-linked-with-openssl.html

Revision history for this message

Daniël van Eeden (dveeden) wrote on 2017-02-27:

Looks to be introduced by https://github.com/percona/percona-xtrabackup/commit/3766cd5eb307a9601c4803159430bd088c1da120

Revision history for this message

Sergei Glushchenko (sergei.glushchenko) wrote on 2017-02-27:

Percona Server is linked with GPL as well and I believe MySQL is linked with OpenSSL too

Revision history for this message

Daniël van Eeden (dveeden) wrote on 2017-02-27:

"MySQL Community Edition binary distributions are compiled using yaSSL"
Source: https://dev.mysql.com/doc/refman/5.7/en/openssl-versus-yassl.html

As far as I know the reason the community edition is compiled against YaSSL is this incompatibility. Enterprise Edition is compiled against OpenSSL, that is possible because enterprise edition is not GPL.

Revision history for this message

Vadim Tkachenko (vadim-tk) wrote on 2017-02-28:

Dynamic linking against OpenSSL is a complex topic.
For example Fedora says
https://fedoraproject.org/wiki/Licensing:FAQ?rd=Licensing/FAQ#What.27s_the_deal_with_the_OpenSSL_license.3F
"However, we consider that the OpenSSL library is a system library, as defined by the GPL, on Fedora and therefore we are allowed to ship GPL software that links to the OpenSSL library."

On Centos 7 we also can see:

yum install mariadb-server

ldd /usr/libexec/mysqld
        linux-vdso.so.1 => (0x00007ffe4bfae000)
        libpthread.so.0 => /lib64/libpthread.so.0 (0x00007fbecaf2f000)
        libaio.so.1 => /lib64/libaio.so.1 (0x00007fbecad2d000)
        libz.so.1 => /lib64/libz.so.1 (0x00007fbecab16000)
        libcrypt.so.1 => /lib64/libcrypt.so.1 (0x00007fbeca8df000)
        libdl.so.2 => /lib64/libdl.so.2 (0x00007fbeca6db000)
        libssl.so.10 => /lib64/libssl.so.10 (0x00007fbeca46c000)
        libcrypto.so.10 => /lib64/libcrypto.so.10 (0x00007fbeca082000)
        libstdc++.so.6 => /lib64/libstdc++.so.6 (0x00007fbec9d79000)
        libm.so.6 => /lib64/libm.so.6 (0x00007fbec9a76000)
        libc.so.6 => /lib64/libc.so.6 (0x00007fbec96b5000)
        /lib64/ld-linux-x86-64.so.2 (0x00007fbecc900000)
        libfreebl3.so => /lib64/libfreebl3.so (0x00007fbec94b2000)
        libgssapi_krb5.so.2 => /lib64/libgssapi_krb5.so.2 (0x00007fbec9263000)
        libkrb5.so.3 => /lib64/libkrb5.so.3 (0x00007fbec8f7c000)
        libcom_err.so.2 => /lib64/libcom_err.so.2 (0x00007fbec8d78000)
        libk5crypto.so.3 => /lib64/libk5crypto.so.3 (0x00007fbec8b45000)
        libgcc_s.so.1 => /lib64/libgcc_s.so.1 (0x00007fbec892f000)
        libkrb5support.so.0 => /lib64/libkrb5support.so.0 (0x00007fbec871f000)
        libkeyutils.so.1 => /lib64/libkeyutils.so.1 (0x00007fbec851b000)
        libresolv.so.2 => /lib64/libresolv.so.2 (0x00007fbec8301000)
        libselinux.so.1 => /lib64/libselinux.so.1 (0x00007fbec80d9000)
        libpcre.so.1 => /lib64/libpcre.so.1 (0x00007fbec7e78000)

rpm -qf /lib64/libssl.so.10
openssl-libs-1.0.1e-60.el7.x86_64

On Centos 7 we also can see:

yum install mariadb-server

ldd /usr/libexec/mysqld
        linux-vdso.so.1 =>  (0x00007ffe4bfae000)
        libpthread.so.0 => /lib64/libpthread.so.0 (0x00007fbecaf2f000)
        libaio.so.1 => /lib64/libaio.so.1 (0x00007fbecad2d000)
        libz.so.1 => /lib64/libz.so.1 (0x00007fbecab16000)
        libcrypt.so.1 => /lib64/libcrypt.so.1 (0x00007fbeca8df000)
        libdl.so.2 => /lib64/libdl.so.2 (0x00007fbeca6db000)
        libssl.so.10 => /lib64/libssl.so.10 (0x00007fbeca46c000)
        libcrypto.so.10 => /lib64/libcrypto.so.10 (0x00007fbeca082000)
        libstdc++.so.6 => /lib64/libstdc++.so.6 (0x00007fbec9d79000)
        libm.so.6 => /lib64/libm.so.6 (0x00007fbec9a76000)
        libc.so.6 => /lib64/libc.so.6 (0x00007fbec96b5000)
        /lib64/ld-linux-x86-64.so.2 (0x00007fbecc900000)
        libfreebl3.so => /lib64/libfreebl3.so (0x00007fbec94b2000)
        libgssapi_krb5.so.2 => /lib64/libgssapi_krb5.so.2 (0x00007fbec9263000)
        libkrb5.so.3 => /lib64/libkrb5.so.3 (0x00007fbec8f7c000)
        libcom_err.so.2 => /lib64/libcom_err.so.2 (0x00007fbec8d78000)
        libk5crypto.so.3 => /lib64/libk5crypto.so.3 (0x00007fbec8b45000)
        libgcc_s.so.1 => /lib64/libgcc_s.so.1 (0x00007fbec892f000)
        libkrb5support.so.0 => /lib64/libkrb5support.so.0 (0x00007fbec871f000)
        libkeyutils.so.1 => /lib64/libkeyutils.so.1 (0x00007fbec851b000)
        libresolv.so.2 => /lib64/libresolv.so.2 (0x00007fbec8301000)
        libselinux.so.1 => /lib64/libselinux.so.1 (0x00007fbec80d9000)
        libpcre.so.1 => /lib64/libpcre.so.1 (0x00007fbec7e78000)

rpm -qf /lib64/libssl.so.10
openssl-libs-1.0.1e-60.el7.x86_64

Revision history for this message

Daniël van Eeden (dveeden) wrote on 2017-03-24:

> Dynamic linking against OpenSSL is a complex topic.

Looks like that's going to change:
https://www.openssl.org/blog/blog/2017/03/20/license/

Revision history for this message

Shahriyar Rzayev (rzayev-sehriyar) wrote on 2018-01-20:

Percona now uses JIRA for bug reports so this bug report is migrated to: https://jira.percona.com/browse/PXB-1428

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.