Installing Python 2.7.9 on Ubuntu 14.04 LTS
While working on my latest project I ran into a small problem when installing Pillow. I am running the project on Ubuntu 14.04 LTS and the default version of python on the instance is 2.7.6. When I was deploying the project via my deploy script I got a set of security problems coming from urllib3. The below stacktrace is the error Pillow was throwing while installing my requirements file.
Pillow uses a set of security features and relies on requests when installing. In python versions < 2.7.9 you need to install a set of extra packages (pyOpenSSL, ndg-httpsclient, pyasn1) or you can downgrade the version of requests you are using. I don't think it's a good idea to downgrade a library or be "stuck" on a specific verion so I upgraded the version of python running on the server. Since there isnt a stable version of Python 2.7.9 on the official Ubuntu repository I decided to install it by hand.
IMPORANT: You should be extremely cautious when upgrading system level packages especially if it was installed with the default O/S version. The upgrade could break other default packages installed on the server. Always make a backup of your O/S before doing any server level installs.
Python 2.7.9 Installation
I was doing the install on a brand new Ubuntu Server 14.04 LTS instance and didn't feel there was a big risk replacing the default version of Python (which was Python 2.7.6). Below is my installation instructions.
System level updates
Before you do anything you will need to ensure you have build-essentials installed as well as the system level libs that python needs to compile.
Python download, compile and install
Once you have updated the system level libs you can now download python 2.7.9, build and compile. You will want to either create a new directory to put the tar file in or use an existing one. I stored the tar in a directory called software in my home directory.
I'm a big fan of being on the latest versions of everything I'm using, this ensures that I have the most stable and secure packages. This can cause problems when installing on the system level so if you are running mission critical systems you may not want to install any unsported versions. In my usecase, I was running a new server and the project is still in its early stages so I'm comfortable with the risk of something breaking.