Hi all, So the issue with the install script on 10.11 is that Apple no longer includes OpenSSL in the 10.11 SDK. The way package managers like macports and homebrew deal with this is by installing their own version of OpenSSL. The binary Python.org installers bundle OpenSSL as well. It may be possible to link against a version of OpenSSL included in the SDK for 10.10 (which can be obtained on 10.11), but I suspect that's not a very forward-looking idea and I have no idea under what circumstances the 10.10 SDKs are installed. One way to fix this would be to ship and build our own versions of OpenSSL along with the install script. I'm very wary about doing this, since I'd prefer not to even think about managing crypto libraries, but it's looking increasingly like we might need to do this here. One way to minimize risk would be to only install OpenSSL on OSX 10.11 and newer. Anyone have any thoughts here? Going to try to work on this tomorrow as well and it would be great to hear any ideas from the peanut gallery on this one. -Nathan
So I've thought about this more and I think the path of least insanity is to tell people to install a package manager and then openssl in the install script. I'm not exactly happy about this solution. Another option would be to have the install script install homebrew into a user-writable prefix, install openssl there, and then ignore the fact that we've installed homebrew on people's computers :( Yet another option would be to move the install script to distributing a miniconda-based environment rather than building everything from source. Any thoughts about these options? On Sun, Oct 25, 2015 at 12:59 AM, Nathan Goldbaum <nathan12343@gmail.com> wrote:
Hi all,
So the issue with the install script on 10.11 is that Apple no longer includes OpenSSL in the 10.11 SDK.
The way package managers like macports and homebrew deal with this is by installing their own version of OpenSSL. The binary Python.org installers bundle OpenSSL as well. It may be possible to link against a version of OpenSSL included in the SDK for 10.10 (which can be obtained on 10.11), but I suspect that's not a very forward-looking idea and I have no idea under what circumstances the 10.10 SDKs are installed.
One way to fix this would be to ship and build our own versions of OpenSSL along with the install script. I'm very wary about doing this, since I'd prefer not to even think about managing crypto libraries, but it's looking increasingly like we might need to do this here. One way to minimize risk would be to only install OpenSSL on OSX 10.11 and newer.
Anyone have any thoughts here? Going to try to work on this tomorrow as well and it would be great to hear any ideas from the peanut gallery on this one.
-Nathan
Hi Nathan, OSX has increasingly been a difficult support target. I think we should deprecate the install script for OSX, and as part of that, just note that in order for it to work they need to have OpenSSL. We can keep install script for Linux and older OSX installs. We had a conda script at one point, get_yt.sh. is that still viable? On Sun, Oct 25, 2015, 9:44 AM Nathan Goldbaum <nathan12343@gmail.com> wrote:
So I've thought about this more and I think the path of least insanity is to tell people to install a package manager and then openssl in the install script.
I'm not exactly happy about this solution. Another option would be to have the install script install homebrew into a user-writable prefix, install openssl there, and then ignore the fact that we've installed homebrew on people's computers :(
Yet another option would be to move the install script to distributing a miniconda-based environment rather than building everything from source.
Any thoughts about these options?
On Sun, Oct 25, 2015 at 12:59 AM, Nathan Goldbaum <nathan12343@gmail.com> wrote:
Hi all,
So the issue with the install script on 10.11 is that Apple no longer includes OpenSSL in the 10.11 SDK.
The way package managers like macports and homebrew deal with this is by installing their own version of OpenSSL. The binary Python.org installers bundle OpenSSL as well. It may be possible to link against a version of OpenSSL included in the SDK for 10.10 (which can be obtained on 10.11), but I suspect that's not a very forward-looking idea and I have no idea under what circumstances the 10.10 SDKs are installed.
One way to fix this would be to ship and build our own versions of OpenSSL along with the install script. I'm very wary about doing this, since I'd prefer not to even think about managing crypto libraries, but it's looking increasingly like we might need to do this here. One way to minimize risk would be to only install OpenSSL on OSX 10.11 and newer.
Anyone have any thoughts here? Going to try to work on this tomorrow as well and it would be great to hear any ideas from the peanut gallery on this one.
-Nathan
_______________________________________________ yt-dev mailing list yt-dev@lists.spacepope.org http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org
For OSX, we should encourage pip wheels and Anaconda.
On Oct 25, 2015, at 1:30 PM, Matthew Turk <matthewturk@gmail.com> wrote:
Hi Nathan,
OSX has increasingly been a difficult support target. I think we should deprecate the install script for OSX, and as part of that, just note that in order for it to work they need to have OpenSSL. We can keep install script for Linux and older OSX installs.
We had a conda script at one point, get_yt.sh. is that still viable?
On Sun, Oct 25, 2015, 9:44 AM Nathan Goldbaum <nathan12343@gmail.com <mailto:nathan12343@gmail.com>> wrote: So I've thought about this more and I think the path of least insanity is to tell people to install a package manager and then openssl in the install script.
I'm not exactly happy about this solution. Another option would be to have the install script install homebrew into a user-writable prefix, install openssl there, and then ignore the fact that we've installed homebrew on people's computers :(
Yet another option would be to move the install script to distributing a miniconda-based environment rather than building everything from source.
Any thoughts about these options?
On Sun, Oct 25, 2015 at 12:59 AM, Nathan Goldbaum <nathan12343@gmail.com <mailto:nathan12343@gmail.com>> wrote: Hi all,
So the issue with the install script on 10.11 is that Apple no longer includes OpenSSL in the 10.11 SDK.
The way package managers like macports and homebrew deal with this is by installing their own version of OpenSSL. The binary Python.org installers bundle OpenSSL as well. It may be possible to link against a version of OpenSSL included in the SDK for 10.10 (which can be obtained on 10.11), but I suspect that's not a very forward-looking idea and I have no idea under what circumstances the 10.10 SDKs are installed.
One way to fix this would be to ship and build our own versions of OpenSSL along with the install script. I'm very wary about doing this, since I'd prefer not to even think about managing crypto libraries, but it's looking increasingly like we might need to do this here. One way to minimize risk would be to only install OpenSSL on OSX 10.11 and newer.
Anyone have any thoughts here? Going to try to work on this tomorrow as well and it would be great to hear any ideas from the peanut gallery on this one.
-Nathan
_______________________________________________ yt-dev mailing list yt-dev@lists.spacepope.org <mailto:yt-dev@lists.spacepope.org> http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org <http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org> _______________________________________________ yt-dev mailing list yt-dev@lists.spacepope.org http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org
On Sun, Oct 25, 2015 at 12:30 PM, Matthew Turk <matthewturk@gmail.com> wrote:
Hi Nathan,
OSX has increasingly been a difficult support target. I think we should deprecate the install script for OSX, and as part of that, just note that in order for it to work they need to have OpenSSL. We can keep install script for Linux and older OSX installs.
We had a conda script at one point, get_yt.sh. is that still viable?
Yes, it's still there but hasn't been updated in a while. Would people be ok with me updating it and adding it as a secondary option on the webpage, formalizing the "download miniconda" install instructions and hopefully being a bit more user friendly on that front?
On Sun, Oct 25, 2015, 9:44 AM Nathan Goldbaum <nathan12343@gmail.com> wrote:
So I've thought about this more and I think the path of least insanity is to tell people to install a package manager and then openssl in the install script.
I'm not exactly happy about this solution. Another option would be to have the install script install homebrew into a user-writable prefix, install openssl there, and then ignore the fact that we've installed homebrew on people's computers :(
Yet another option would be to move the install script to distributing a miniconda-based environment rather than building everything from source.
Any thoughts about these options?
On Sun, Oct 25, 2015 at 12:59 AM, Nathan Goldbaum <nathan12343@gmail.com> wrote:
Hi all,
So the issue with the install script on 10.11 is that Apple no longer includes OpenSSL in the 10.11 SDK.
The way package managers like macports and homebrew deal with this is by installing their own version of OpenSSL. The binary Python.org installers bundle OpenSSL as well. It may be possible to link against a version of OpenSSL included in the SDK for 10.10 (which can be obtained on 10.11), but I suspect that's not a very forward-looking idea and I have no idea under what circumstances the 10.10 SDKs are installed.
One way to fix this would be to ship and build our own versions of OpenSSL along with the install script. I'm very wary about doing this, since I'd prefer not to even think about managing crypto libraries, but it's looking increasingly like we might need to do this here. One way to minimize risk would be to only install OpenSSL on OSX 10.11 and newer.
Anyone have any thoughts here? Going to try to work on this tomorrow as well and it would be great to hear any ideas from the peanut gallery on this one.
-Nathan
_______________________________________________ yt-dev mailing list yt-dev@lists.spacepope.org http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org
_______________________________________________ yt-dev mailing list yt-dev@lists.spacepope.org http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org
+1 On Sun, Oct 25, 2015, 10:39 AM Nathan Goldbaum <nathan12343@gmail.com> wrote:
On Sun, Oct 25, 2015 at 12:30 PM, Matthew Turk <matthewturk@gmail.com> wrote:
Hi Nathan,
OSX has increasingly been a difficult support target. I think we should deprecate the install script for OSX, and as part of that, just note that in order for it to work they need to have OpenSSL. We can keep install script for Linux and older OSX installs.
We had a conda script at one point, get_yt.sh. is that still viable?
Yes, it's still there but hasn't been updated in a while. Would people be ok with me updating it and adding it as a secondary option on the webpage, formalizing the "download miniconda" install instructions and hopefully being a bit more user friendly on that front?
On Sun, Oct 25, 2015, 9:44 AM Nathan Goldbaum <nathan12343@gmail.com> wrote:
So I've thought about this more and I think the path of least insanity is to tell people to install a package manager and then openssl in the install script.
I'm not exactly happy about this solution. Another option would be to have the install script install homebrew into a user-writable prefix, install openssl there, and then ignore the fact that we've installed homebrew on people's computers :(
Yet another option would be to move the install script to distributing a miniconda-based environment rather than building everything from source.
Any thoughts about these options?
On Sun, Oct 25, 2015 at 12:59 AM, Nathan Goldbaum <nathan12343@gmail.com
wrote:
Hi all,
So the issue with the install script on 10.11 is that Apple no longer includes OpenSSL in the 10.11 SDK.
The way package managers like macports and homebrew deal with this is by installing their own version of OpenSSL. The binary Python.org installers bundle OpenSSL as well. It may be possible to link against a version of OpenSSL included in the SDK for 10.10 (which can be obtained on 10.11), but I suspect that's not a very forward-looking idea and I have no idea under what circumstances the 10.10 SDKs are installed.
One way to fix this would be to ship and build our own versions of OpenSSL along with the install script. I'm very wary about doing this, since I'd prefer not to even think about managing crypto libraries, but it's looking increasingly like we might need to do this here. One way to minimize risk would be to only install OpenSSL on OSX 10.11 and newer.
Anyone have any thoughts here? Going to try to work on this tomorrow as well and it would be great to hear any ideas from the peanut gallery on this one.
-Nathan
_______________________________________________ yt-dev mailing list yt-dev@lists.spacepope.org http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org
_______________________________________________ yt-dev mailing list yt-dev@lists.spacepope.org http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org
_______________________________________________
yt-dev mailing list yt-dev@lists.spacepope.org http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org
participants (3)
-
John ZuHone
-
Matthew Turk
-
Nathan Goldbaum