Python2 is being deprecated; freeipa should compile under python3 instead

Bug #1802177 reported by Aaron Thomas on 2018-11-07
This bug affects 1 person
Affects Status Importance Assigned to Milestone
freeipa (Ubuntu)

Bug Description

When installing ipa-client on ubuntu, it pulls in python2 packages on LTS servers. IPA is an authentication service, and while ubuntu 18.04+ uses python3 by default for system services and software installs (no python2 installed by default), IPA is still being built using python2. This isn't necessary (you can compile all the packages using just python3 with not much effort), and creates the problem that in a year while the LTS server is still supported, the underlying python interpreter will not be supported for security updates for an authentication service.

Building these packages to use the python3 dependencies instead of the python2 versions would be better for everyone, and almost no code change is needed to do so.

This is not yet a security vulnerability; but it might be one waiting to happen.

Timo Aaltonen (tjaalton) wrote :

Are you saying that this should be done in 18.04? Not going to happen, besides there are missing dependencies which don't have python3 version packaged yet, like talloc, ldb, samba etc...

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers