Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Critical
Fix Version/s: httpd 2.4.23 ER3
Affects Version/s: httpd 2.4.23 DR3
Component/s: httpd, openssl, rpm
Labels:
None

CDW devel_ack:
CDW docs_ack:
CDW pm_ack:
CDW qa_ack:
CDW release:
Fix Build:
ER3
Target Release:

httpd 2.4.23 GA

SFDC Cases Links:
SFDC Cases Counter:
SFDC Cases Open:

When package jbcs-httpd24-mod_ssl is installed on RHEL6 and RHEL7, it executes postinstall script that fails, resulting into following message in the yum output:

  Installing : 1:jbcs-httpd24-mod_ssl-2.4.23-90.jbcs.el7.x86_64           20/32 
warning: %post(jbcs-httpd24-mod_ssl-1:2.4.23-90.jbcs.el7.x86_64) scriptlet failed, exit status 1
Non-fatal POSTIN scriptlet failure in rpm package 1:jbcs-httpd24-mod_ssl-2.4.23-90.jbcs.el7.x86_64

Note: installation although succeeds just fine (but key and certificate files are not generated properly of course: /etc/pki/tls/private/localhost.key, /etc/pki/tls/certs/localhost.crt).

When I tried to get some details of this warning, I can see that following command fails:

# /opt/rh/jbcs-httpd24/root/usr/bin/openssl req -new -key /etc/pki/tls/private/localhost.key -x509 -sha256 -days 365 -set_serial 25342 -extensions v3_req -out /etc/pki/tls/certs/localhost.crt
/opt/rh/jbcs-httpd24/root/usr/bin/openssl: /lib64/libcrypto.so.10: version `OPENSSL_1.0.2' not found (required by /opt/rh/jbcs-httpd24/root/usr/bin/openssl)

I can also see:

# ldd /opt/rh/jbcs-httpd24/root/usr/bin/openssl
/opt/rh/jbcs-httpd24/root/usr/bin/openssl: /lib64/libcrypto.so.10: version `OPENSSL_1.0.2' not found (required by /opt/rh/jbcs-httpd24/root/usr/bin/openssl)
	linux-vdso.so.1 =>  (0x00007ffee89e4000)
	libssl.so.10 => /lib64/libssl.so.10 (0x00007f52a9746000)
	libgssapi_krb5.so.2 => /lib64/libgssapi_krb5.so.2 (0x00007f52a94f8000)
	libkrb5.so.3 => /lib64/libkrb5.so.3 (0x00007f52a9210000)
	libcom_err.so.2 => /lib64/libcom_err.so.2 (0x00007f52a900c000)
	libk5crypto.so.3 => /lib64/libk5crypto.so.3 (0x00007f52a8dda000)
	libcrypto.so.10 => /lib64/libcrypto.so.10 (0x00007f52a89f1000)
	libdl.so.2 => /lib64/libdl.so.2 (0x00007f52a87ed000)
	libz.so.1 => /lib64/libz.so.1 (0x00007f52a85d7000)
	libc.so.6 => /lib64/libc.so.6 (0x00007f52a8214000)
	libkrb5support.so.0 => /lib64/libkrb5support.so.0 (0x00007f52a8005000)
	libkeyutils.so.1 => /lib64/libkeyutils.so.1 (0x00007f52a7e01000)
	libresolv.so.2 => /lib64/libresolv.so.2 (0x00007f52a7be6000)
	libpthread.so.0 => /lib64/libpthread.so.0 (0x00007f52a79ca000)
	/lib64/ld-linux-x86-64.so.2 (0x00007f52a99bf000)
	libselinux.so.1 => /lib64/libselinux.so.1 (0x00007f52a77a4000)
	libpcre.so.1 => /lib64/libpcre.so.1 (0x00007f52a7543000)
	liblzma.so.5 => /lib64/liblzma.so.5 (0x00007f52a731e000)

I can also see that (which is just fine):

# ll /opt/rh/jbcs-httpd24/root/usr/lib64/libcrypto.so.10 
lrwxrwxrwx. 1 root root 19 Sep 27 04:05 /opt/rh/jbcs-httpd24/root/usr/lib64/libcrypto.so.10 -> libcrypto.so.1.0.2h

I expect that jbcs-httpd24-openssl package and its binaries would by default prefer libraries from /opt/rh/jbcs-httpd24/root/usr/lib* directory. If it is something that is handled later via editing LD_LIBRARY_PATH in our scripts, then also post-install script of jbcs-httpd24-mod_ssl package must edit LD_LIBRARY_PATH first to get jbcs openssl work.

blocks

JBCS-199 Missing localhost.crt file after installing RPM

Closed

relates to

JBCS-159 RHEL PPC: postinstall openssl can't create key

Closed

Assignee:: George Zaronikas

Reporter:: Jan Stourac

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Created:: 2016/09/29 10:05 AM

Updated:: 2020/09/14 5:33 AM

Resolved:: 2016/11/07 8:42 AM

Details

Description

Attachments

Issue Links

Activity

People

Dates

Hide