Hi Stephen,
This is a hard problem we are trying to work for some time.
Many users ask for new features in packages that increase the dependencies and other users want minimal functionality.
The current dnf from AIX toolbox has embedded curl and does not require toolbox curl to be installed. But if you install any package after that from AIX toolbox that requires curl and openldap will also be installed.
Here is the list of packages those are needed for dnf they are part of
dnf_bundle_aix_71_72.tarca-certificates-2020.06.01-0.aix7.1.ppc.rpm
dnf-4.2.17-32_1.aix7.1.noarch.rpm
dnf-automatic-4.2.17-32_1.aix7.1.noarch.rpm
dnf-data-4.2.17-32_1.aix7.1.noarch.rpm
libcomps-0.1.11-32_1.aix7.1.ppc.rpm
libdnf-0.39.1-32_1.aix7.1.ppc.rpm
libmodulemd-1.5.2-32_1.aix7.1.ppc.rpm
librepo-1.11.0-32_1.aix7.1.ppc.rpm
libsmartcols-2.34-32_1.aix7.1.ppc.rpm
libsolv-0.7.9-32_1.aix7.1.ppc.rpm
libzstd-1.4.4-32_1.aix7.1.ppc.rpm
p11-kit-0.23.16-0.aix7.1.ppc.rpm
p11-kit-tools-0.23.16-0.aix7.1.ppc.rpm
python3-3.7.9-0.aix7.1.ppc.rpm
python3-dateutil-2.8.0-1.aix6.1.noarch.rpm
python3-devel-3.7.9-0.aix7.1.ppc.rpm
python3-dnf-4.2.17-32_1.aix7.1.noarch.rpm
python3-dnf-plugin-migrate-4.0.16-32_1.aix7.1.noarch.rpm
python3-dnf-plugins-core-4.0.16-32_1.aix7.1.noarch.rpm
python3-docs-3.7.9-0.aix7.1.ppc.rpm
python3-gpgme-1.13.1-32_1.aix7.1.ppc.rpm
python3-hawkey-0.39.1-32_1.aix7.1.ppc.rpm
python3-libcomps-0.1.11-32_1.aix7.1.ppc.rpm
python3-libdnf-0.39.1-32_1.aix7.1.ppc.rpm
python3-librepo-1.11.0-32_1.aix7.1.ppc.rpm
python3-six-1.13.0-1.aix6.1.noarch.rpm
python3-test-3.7.9-0.aix7.1.ppc.rpm
python3-tools-3.7.9-0.aix7.1.ppc.rpm
rpm-python3-4.15.1-32_1.aix7.1.ppc.rpm
yum-4.2.17-32_1.aix7.1.noarch.rpm
zchunk-1.1.4-32_1.aix7.1.ppc.rpm
zchunk-devel-1.1.4-32_1.aix7.1.ppc.rpm
zchunk-libs-1.1.4-32_1.aix7.1.ppc.rpm
You can install dnf either using
dnf_aixtoolbox.sh (if your system can connect to AIX toolbox repo) or download tar file mentioned above and run install_dnf.sh script from that.
------------------------------
SANKET RATHI
------------------------------
Original Message:
Sent: Mon September 13, 2021 12:25 PM
From: Stephen Ulmer
Subject: Thank You (and HELP!)
So the curl that is in the yum bundle that I downloaded sometime *after* 10/2020 does not have an OpenLDAP dependency - maybe that one hasn't been updated in a while (or maybe wasn't at the time)?
That means that all current YUM installations require OpenLDAP... That seems a little heavy.
It looks like in December of 2020 there was a thread about DNF depending (through curl) on at least Kerberos. Is it possible that dnf can include an embedded version of curl with only the dnf-required features enabled? Or is it possible that curl could be built such that it only tries to load libraries when it uses a feature, so the dependencies would be soft? (I think I remember dlopen being *very* different on AIX vs. Linux so that may be impossible - it's been too many years.)
I'm working on a project where the amount of installed code needs to be minimized (these systems will eventually be STIG compliant). What can I do to help accomplish that in the context of the Toolbox?
--
Stephen L. Ulmer
Enterprise Architect
Mainline Information Systems
(m) 352-870-8649
Original Message:
Sent: 9/13/2021 6:08:00 AM
From: Ayappan P
Subject: RE: Thank You (and HELP!)
Some users were asking for ldap support in curl. So we enabled it and that''s why curl has a dependency on OpenLDAP.
From the changelog , I can see we did this in Sep 2018.
------------------------------
Ayappan P
Original Message:
Sent: Fri September 10, 2021 01:29 PM
From: Stephen Ulmer
Subject: Thank You (and HELP!)
I would like to start by saying "Thank You" for including YUM repo data *in* the Partner World downloadable bundle for the Toolbox. This is an excellent step in the right direction for out-of-the-box usability. Thank you.
I was excited for another reason: sudo_noldap has made it into the bundle, and that was a package that I had to do special handling for. I can't include code that isn't strictly needed when installing software for this project (the project requires reduced attack surface), so installing OpenLDAP just to get sudo was a non-starter for me. So that is awesome and very helpful.
Now for the part where you guys are killing me.
Using the new Toolbox release, I did "yum upgrade" and was confronted with a transaction that I can't run... Because yum depends on curl, and curl now inexplicably depends on openldap, which of course (rightfully) depends on cyrus_sasl, krb5, and many others that weren't there before.
Please, why does curl suddenly depend on OpenLDAP?
Liberty,
--
Stephen L. Ulmer
Enterprise Architect
Mainline Information Systems
(m) 352-870-8649
This e-mail and files transmitted with it are confidential, and are intended solely for the use of the individual or entity to whom this e-mail is addressed. If you are not the intended recipient, or the employee or agent responsible to deliver it to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you are not one of the named recipient(s) or otherwise have reason to believe that you received this message in error, please immediately notify sender by e-mail, and destroy the original message.