Adjusted compile-options to not bundle OpenSSL on newer SuSE systems due to libpam/openssl incompatability#1868
Conversation
craigcomstock
commented
Aug 28, 2025
craigcomstock
commented
- some random suse related requirements for non-aws instances
- Adjusted compile-options to not bundle OpenSSL on newer SuSE systems due to libpam/openssl incompatability
|
jenkins build label suse_15: |
craigcomstock
force-pushed
the
ENT-12528/master
branch
from
4f09ab0 to
7abf18b
Compare
|
try again, it turned out the OS is sles instead of suse in our CI environment. |
craigcomstock
force-pushed
the
ENT-12528/master
branch
from
7abf18b to
73b26f7
Compare
|
OS_VERSION can include a dot which doesn't work with bash |
| if [ "$OS" = "rhel" ] && expr "$OS_VERSION" ">=" "8" >/dev/null | ||
| # We don't bundle OpenSSL on some redhat-derived systems due to incompatability with libpam and our openssl. | ||
| _OS_MAJOR_VERSION="$(echo "$OS_VERSION" | cut -d. -f1)" | ||
| if [[ ( ( "$OS" == "rhel" ) && ( $(( _OS_MAJOR_VERSION >= 8 )) == 1 ) ) || |
There was a problem hiding this comment.
Is the double square bracket syntax available on all platforms? I guess we'll find out soon enough 😉
There was a problem hiding this comment.
True, it is variable in terms of what shell we are using. I will re-write it in sh-specific :)
craigcomstock
force-pushed
the
ENT-12528/master
branch
from
73b26f7 to
80997a5
Compare
|
typo, had OS_MAJOR_VERSION which I had not assigned, rather I was setting _OS_MAJOR_VERSION. so retry: |
craigcomstock
force-pushed
the
ENT-12528/master
branch
2 times, most recently
from
a3b016e to
ae019a5
Compare
|
oops, typo, retry: |
This is due to dependency trouble with libpam and libcrypto when cf-agent tries to run chpasswd for example. In that case pam-unix.so wont load. Ticket: ENT-12528 Changelog: title
|
added openssl-dev to build host setup: |
craigcomstock
force-pushed
the
ENT-12528/master
branch
2 times, most recently
from
74e307a to
6331918
Compare
…due to libpam/openssl incompatability Ticket: ENT-12528 Changelog: title (cherry picked from commit ae019a5)
craigcomstock
force-pushed
the
ENT-12528/master
branch
from
6331918 to
d0acb71
Compare
|
|
|
@larsewi I think this is ready to go now. See a green build above. I hacked a suse-15 instance in jenkins and ran that so should be OK in a greenfield pr-pipeline situation from this PR. |
larsewi
left a comment
larsewi
left a comment
There was a problem hiding this comment.
Thanks for working on this @craigcomstock 🚀 You are a 🪨 ⭐ when it comes to debugging these types of things 🎸
| # We don't bundle OpenSSL on RHEL 8 (and newer in the future) | ||
| if [ "$OS" = "rhel" ] && expr "$OS_VERSION" ">=" "8" >/dev/null | ||
| # We don't bundle OpenSSL on some redhat-derived systems due to incompatability with libpam and our openssl. | ||
| _OS_MAJOR_VERSION="$(echo "$OS_VERSION" | cut -d. -f1)" |
There was a problem hiding this comment.
We should probably define these types of variables in the detect-environment script. I see this pattern many places throughout build-scripts. Out of scope for this PR pfc, but I created a ticket CFE-4586
There was a problem hiding this comment.
sure. makes sense.
2 participants
