Skip to content

consider enable the no-shared option in the openssl configure_args. #1255

@sawanoboly

Description

@sawanoboly

Describe the Enhancement:

Currently, the shared option is set to a fixed value in openssl's configure_args.
In certain environments, there are conflicts when several packages have different Openssl libraries installed in different environments.

$ chef-shell
Session type: standalone
Loading............./opt/chef/embedded/lib/ruby/2.7.0/x86_64-linux/openssl.so: [BUG] Segmentation fault at 0x000000000001d306
ruby 2.7.1p83 (2020-03-31 revision a0c7c23c9c) [x86_64-linux]

Describe the Need:

If we set it to no-shared, OpenSSL is statically embedded in ruby, so you won't be affected by this.

$ ldd /opt/chef/embedded/bin/ruby 
	linux-vdso.so.1 (0x00007fffa1d46000)
	libruby.so.2.7 => /opt/chef/embedded/lib/libruby.so.2.7 (0x00007fad398d5000)
	libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007fad394e4000)
	libz.so.1 => /opt/chef/embedded/lib/libz.so.1 (0x00007fad392cd000)
	libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007fad390ae000)
	librt.so.1 => /lib/x86_64-linux-gnu/librt.so.1 (0x00007fad38ea6000)
	libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007fad38ca2000)
	libcrypt.so.1 => /lib/x86_64-linux-gnu/libcrypt.so.1 (0x00007fad38a6a000)
	libm.so.6 => /lib/x86_64-linux-gnu/libm.so.6 (0x00007fad386cc000)
	/lib64/ld-linux-x86-64.so.2 (0x00007fad3a06f000)
$ sudo /opt/chef/embedded/bin/chef-shell 
loading configuration: none (standalone session)
true
Session type: standalone
Loading............done.

Welcome to the chef-shell 16.5.77
For usage see https://docs.chef.io/chef_shell/

run `help' for help, `exit' or ^D to quit.

chef (16.5.77)> OpenSSL::VERSION
 => "2.1.2" 

Current Alternative

Now I'm rewriting by sed before the build.

Can We Help You Implement This?:

This is possible if you can tell me your implementation policy.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions