On Mon December 7 2009, Hall, Leam wrote: > Hi all, > > On 12/04/2009 08:13 PM, Hall, Leam wrote: > > > We have to remove vendor supplied openssl.0.9.7.a and install from > > source 0.9.8L. Removing vendor openssl package also removes > > /lib/libcrypto.so.4, and that breaks lots of things like ssh. I didn't > > find libcrypto.so* in the newly built openssl stuff, am I missing more > > than usual? > > I guess you are right for RedHet EL4. We had the same > problem here. Here is my not-too-dirty solution: > > I built an RPM package of openssl0.9.8l that also contains > the old libraries libssl0.9.7a and libcrypto0.9.7a (with > the according symlink libssl.so.4 and libcrypto.so.4). That > way all RPM dependencies are ok, all old applications still > run and we have openssl 0.9.8l available. I do not know > if there could be a problem with other "devel" packages > (because only the new includes of openssl 0.9.8l exist). > > Then I erased the old openssl and openssl-devel (--nodeps) > and installed the new packages (I did not try the "update" > option of "rpm"). > > I could provide the spec file for the source RPM if someone > asks me... >
It is always "good advice" to run anything custom added to a package managed system through the package manager my making a custom package. . . Another thing to deal with is to prevent normal updates from replacing your custom package with "something better" ;) In *.deb systems it is called 'pinning' - there is a config file for the purpose. I suppose something similar exists in *.rpm systems. Another possibility is to add a customized, pre-remove script to your custom package. that pre-remove script's only chore would be to abort the removal of the custom package by the automation with a "I am about to self-destruct" message. Mike > Cheers, > > Olaf > > Olaf, I'd appreciate the spec file. You're right about RHEL 4. However, we're > going to face some other issues down the road. Wish it was merely a technical > matter... > > Thanks! > > Leam > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
