pkg: Shared object "libssl.so.111" not found, required by "pkg"



  • Hello,

    Just removed ntopNG and next updated pfBlockerNG-Devel to version 2.2.5_23 (via the WebUI).

    Now I am unable to install / remove packages.
    I did check if "pkg" works via the terminal, but it complains about requiring libssl.so.111.

    [2.4.4-RELEASE][admin@secure.nova.inet]/: pkg update
    Shared object "libssl.so.111" not found, required by "pkg"
    

    Does anyone know how to fix this? Is there an "easy" way or do I have to backup, re-install, restore?

    pkg-static works fine though...

    Thanks.





  • @Gertjan Thanks. It does look like I have to backup, reinstall, restore as the topic doesn't provide another option.

    Might this issue have anything to do with pfBlockerNG-Devel? As it reads 2.5.5 in the version no? Although I was already running this without any problems (it was version 2.5.5_22 from the top of my head).

    I did also switch between branches just to peek on which devel version pfSense is - but selected 2.4.4 again - as redmine lists quite some bugs. Didn't update to 2.5 whatsoever.



  • @bouke said in pkg: Shared object "libssl.so.111" not found, required by "pkg":

    Didn't update to 2.5 whatsoever.

    You saw the other thread.
    You are the second person I see with "libssl.so.111" questions : executable that need that lib only exists in 2.5.0, the dev version.
    If 'pkg' - a tool that comes with the OS - FreeBSD, asks for it, then it got upgraded to whatever "2.5.0" is using.

    Save your config, re install to stable (2.4.4-p3). Radical, but save and sure.


  • Banned

    @bouke said in pkg: Shared object "libssl.so.111" not found, required by "pkg":

    I did also switch between branches just to peek on which devel version pfSense is - but selected 2.4.4 again - as redmine lists quite some bugs. Didn't update to 2.5 whatsoever.

    The PKG package get's autoupdated when you switch branches, so don't do this unless you want to actually update to 2.5. If you want to peek at the devel version install it in a VM.



  • @Grimson said in pkg: Shared object "libssl.so.111" not found, required by "pkg":

    The PKG package get's autoupdated when you switch branches,

    Ah ......
    That explains.

    So just switching, and wait for it present something like :

    bce5a132-a400-4e34-b07f-5e191f51b4d5-image.png

    this does changes something on my setup ?!

    Ok, I learned something here. ๐Ÿ‘

    (I switch back right away ...)



  • @Grimson Okay. Well, that's unwanted behavior in my opinion. Taking a peek should be harmless... but it isn't. Well... it is what it is... lesson learned. I will make a fresh backup and re-install my appliance - and never flip this switch again. Thanks and cheers.



  • @bouke said in pkg: Shared object "libssl.so.111" not found, required by "pkg":

    should be harmless

    Peeking should be ok.
    But don't forget to peek back at the actual installed version.

    If switching to the dev version installs actually something, switching to current does the same thing (bringing you back where you were).

    Btw :

    file /usr/local/sbin/pkg
    

    switched back and forth - the 'pkg' executable didn't change a bit - stayed the same.

    But then ....

    [2.4.4-RELEASE][root@priv.brit-hotel-fumel.net]/usr/local: ldd sbin/pkg
    sbin/pkg:
            libpkg.so.4 => /usr/local/lib/libpkg.so.4 (0x80044f000)
            libutil.so.9 => /lib/libutil.so.9 (0x800687000)
            libssl.so.111 => not found (0)
            libcrypto.so.111 => not found (0)
            libm.so.5 => /lib/libm.so.5 (0x80089b000)
            libelf.so.2 => /lib/libelf.so.2 (0x800ac8000)
            libjail.so.1 => /lib/libjail.so.1 (0x800cdd000)
            libarchive.so.7 => not found (0)
            libz.so.6 => /lib/libz.so.6 (0x800ee2000)
            libbz2.so.4 => /usr/lib/libbz2.so.4 (0x8010fa000)
            liblzma.so.5 => /usr/lib/liblzma.so.5 (0x80130e000)
            libc.so.7 => /lib/libc.so.7 (0x801537000)
            libssl.so.111 => not found (0)
            libcrypto.so.111 => not found (0)
            libarchive.so.7 => not found (0)
            libthr.so.3 => /lib/libthr.so.3 (0x8018db000)
    

    shows 3 libs no found, and among them is our "libssl.so.111".
    Thus, I'm bitten by the same bug now. May day ?

    No panic .....

    Console or SSH, option 13 advises :

    Running "pkg-static install -f pkg" recommended
    

    So I ran

    pkg-static install -f pkg
    

    Which told me :

    Updating pfSense-core repository catalogue...
    pfSense-core repository is up to date.
    Updating pfSense repository catalogue...
    pfSense repository is up to date.
    All repositories are up to date.
    The following 1 package(s) will be affected (of 0 checked):
    
    Installed packages to be DOWNGRADED:
            pkg: 1.10.5_8 -> 1.10.5_6 [pfSense]
    
    Number of packages to be downgraded: 1
    
    3 MiB to be downloaded.
    
    Proceed with this action? [y/N]: Y
    [1/1] Fetching pkg-1.10.5_6.txz: 100%    3 MiB 771.1kB/s    00:04
    Checking integrity... done (0 conflicting)
    [1/1] Downgrading pkg from 1.10.5_8 to 1.10.5_6...
    [1/1] Extracting pkg-1.10.5_6: 100%
    You may need to manually remove /usr/local/etc/pkg.conf if it is no longer needed.
    

    It was downgrading pkg ! Bingo !!
    Check :

    [2.4.4-RELEASE][root@priv.brit-hotel-fumel.net]/root: ldd /usr/local/sbin/pkg
    /usr/local/sbin/pkg:
            libpkg.so.4 => /usr/local/lib/libpkg.so.4 (0x800a00000)
            libutil.so.9 => /lib/libutil.so.9 (0x800e34000)
            libssl.so.8 => /usr/lib/libssl.so.8 (0x801048000)
            libcrypto.so.8 => /lib/libcrypto.so.8 (0x801400000)
            libm.so.5 => /lib/libm.so.5 (0x801872000)
            libelf.so.2 => /lib/libelf.so.2 (0x801a9f000)
            libjail.so.1 => /lib/libjail.so.1 (0x801cb4000)
            libarchive.so.6 => /usr/lib/libarchive.so.6 (0x801eb9000)
            libz.so.6 => /lib/libz.so.6 (0x802178000)
            libbz2.so.4 => /usr/lib/libbz2.so.4 (0x802390000)
            liblzma.so.5 => /usr/lib/liblzma.so.5 (0x8025a4000)
            libc.so.7 => /lib/libc.so.7 (0x8027cd000)
            libbsdxml.so.4 => /lib/libbsdxml.so.4 (0x802b71000)
            libthr.so.3 => /lib/libthr.so.3 (0x802d9c000)
    

    All good now.

    edit : Again a great day, indeed ^^


  • Banned

    @Gertjan said in pkg: Shared object "libssl.so.111" not found, required by "pkg":

    If switching to the dev version installs actually something, switching to current does the same thing (bringing you back where you were).

    As you found out that is not the fact, as packages can get updated automatically but will not be downgraded without user intervention.

    Normally this is harmless, as a newer pkg version can handle older repositories and package files without an issue. But due to the upgrade of OpenSSL it will bite you this time.

    On the other hand switching repositories to "take a peek", especially on your production machine, is bad practice anyway. If you want to have a look at an upcoming version test it in a VM.



  • @Gertjan Thanks. Although I didn't read your reply in time - and upgraded to 2.5.0 :๐Ÿ˜ It's my home router/firewall; so I only have a potentially angry wife and some angry kids :๐Ÿ˜†

    Edit (and totally off-topic): I am very pleased to see that my host overrides work again - now I am running 2.5.0 :๐Ÿ˜ธ


Log in to reply