On 2021/05/04 01:59, Simon Lees wrote:
On 5/3/21 6:20 AM, L A Walsh wrote:
I fixed my repo D/l prob with https mirrors:
The openssl packages I had for perl were a bit dated, as well as the openssl packages themselves. So upgrading openssl, and then the perl packages fetched from cpan.
not sure how to satisfy a user+group it wanted that's already installed (is there an rpm-option for that?).
Maybe see https://en.opensuse.org/openSUSE:Packaging_guidelines#Users_and_Groups
---- That's not very helpful in specific cases, but more about adding in user+groups for packages. Thing is, I know I've tons of users/groups added over the years, but user/group nobody? Um...that's basic. So there is some new paradigm in new rpms' that's forcing re-addition or re-creation of existing groups -- That's not real helpful, especially since the package installation doesn't ask or check if they are already created. They (in the URL you mention above) mention if they checked if already created, they might stomp on another package's usage, so they don't check and install over it instead! ??!?! I don't see how that is better in any case. At least if they check if it is already present, they will solve the redundant install case.
But now, get:
npm, node
symbol lookup error: /usr/bin/node15: undefined symbol: FIPS_selftest, version OPENSSL_1_1_0g
Um, why do I need a FIPS_selftest? More importantly, why does npm or node need such?
openssl needs it, node-default links against openssl so also needs it
---- Alright, fine...not that important, but that it requires something other than the one I have installed is a pain.... I mentioned above I installed openssl, new above, in fact: rpm --queryformat="%17{BUILDTIME:date}-%{DISTRIBUTION} %{NVR}\n" -qa |grep -i openssl Thu Apr 8 12:28:31 2021-openSUSE Tumbleweed openssl-1.1.1k-1.1 Tue Aug 7 00:57:47 2018-openSUSE Tumbleweed libopenssl1_0_0-1.0.2o-1.1 Mon Apr 19 12:08:31 2021-openSUSE Tumbleweed openssl-1_1-1.1.1k-2.1 Mon Apr 19 12:08:31 2021-openSUSE Tumbleweed libopenssl-1_1-devel-1.1.1k-2.1 Mon Apr 19 12:08:31 2021-openSUSE Tumbleweed libopenssl1_1-1.1.1k-2.1 ---- So I installed openssl from TW, with the one I installed, not having the FIPS label. The problem is I need FIPS from 1_1_0g, and silly me, I looked at the...45 openssl packages and tried to go for more recent ones from the alphabet -- thinking they might be less quickly obsoleted. So... /home/cache/suse/tumbleweed/repo/oss/x86_64/libopenssl10-1.0.2u-4.2.x86_64.rpm /home/cache/suse/tumbleweed/repo/oss/x86_64/libopenssl1_0_0-1.0.2u-4.2.x86_64.rpm /home/cache/suse/tumbleweed/repo/oss/x86_64/libopenssl1_0_0-hmac-1.0.2u-4.2.x86_64.rpm /home/cache/suse/tumbleweed/repo/oss/x86_64/libopenssl1_0_0-steam-1.0.2u-4.2.x86_64.rpm /home/cache/suse/tumbleweed/repo/oss/x86_64/libopenssl1_1-1.1.1j-2.1.x86_64.rpm /home/cache/suse/tumbleweed/repo/oss/x86_64/libopenssl1_1-1.1.1k-2.1.x86_64.rpm /home/cache/suse/tumbleweed/repo/oss/x86_64/libopenssl1_1-hmac-1.1.1j-2.1.x86_64.rpm /home/cache/suse/tumbleweed/repo/oss/x86_64/libopenssl1_1-hmac-1.1.1k-2.1.x86_64.rpm Anyway, I guessed wrong for FIPS, I see a 1.1.1j,k + 1.0.2u[hmac,steam] for libopenssl...BUT...no 1.1.0g -- which I don't see.... All of them may have FIPS, but even if I knew to pick 'g-fips' doesn't seem to be in the TW rpms I have for TW.
We ship both Perl and node/npm as part of tumbleweed if you are using our packages for both they will work with whichever version of openssl we have in tumbleweed.
---- Not so! There are multiple versions in the TW repo. I suspect that 'g' is included in one of the others, but that's not of great help. My perl is less picky since I usually try to build it myself from the perl website. It's the packaging (for node/npm) that' is complaining! I do have TW openssl packages installed, just not the right ones to support g-fips. Hmmm... So am paused on that front, but have plenty of other "fronts" to work on (way too many for me to remember them all...sigh)...