[Xymon] Upgrade to 4.3.21, https tests seem to no longer work.

J.C. Cleaver cleaver at terabithia.org
Wed Aug 26 01:07:34 CEST 2015

On Tue, August 25, 2015 3:12 pm, Shawn Heisey wrote:
> On 8/25/2015 3:37 PM, Ralph Mitchell wrote:
>> You might want to try
>>      rpm--verify openssl-devel
>> in case something happened that made the files go away, or become
>> inaccessible.
> That command returned no output.  On a Linux machine, that usually means
> everything's good.
> I also did "yum reinstall openssl openssl-devel" which downloaded the
> packages and reinstalled them.  Xymon still wouldn't link right.
> I do have OpenSSL 1.0.2a installed in /usr/local/ssl. There is a symlink
> at /usr/local/bin/ossl pointing to /usr/local/ssl/bin/openssl.  I would
> not expect this to cause any problems, but do you think it might be
> causing a problem?  I only installed this so I could run a newer version
> when I create certificate signing requests.  Nothing on this server is
> linked against that OpenSSL installation.
> On the off chance that the additional openssl install was causing
> problems, I did these commands:
> cd /usr/local
> tar zcf ssl.tar.gz ssl
> rm -rf ssl
> When I tried the build again, suddenly it all worked.  Looking at the
> build log a second time, now I notice that it is finding libraries in
> /usr/local/ssl, which I didn't notice the first time.
> Is there any way to make this work right?  If it detected the install in
> /usr/local/ssl, shouldn't it have used it?  Is Xymon not compatible with
> the latest OpenSSL versions?
> I probably compiled the additional OpenSSL so it is statically linked.
> I lifted the commandline to compile OpenSSL from my haproxy servers.  I
> needed the latest openssl for haproxy, and haproxy will not work right
> if you build it with a locally compiled openssl but also have the
> openssl package (NOT the dev package!) from the distro installed.
> Thanks,
> Shawn

Generally speaking, having multiple copies of the library -- some static,
some dynamic -- is rather likely to cause runtime problems.

Instead of makerpm.sh, can you run the ./configure --server script
manually (followed by make, etc)? That should be able to tell us more
precisely what's happening.

The specific path order that's cycled through for locating the libraries
will be in build/ssl.sh in the tarball distribution.

For the record, there are also pre-built RPMs for RHEL/Fedora at
http://terabithia.org/rpms/xymon/, although there are deltas between that
and the originating tarball. I'm curious if either a) those binary RPMs
work for you, or b) the SRPM can rebuilt cleanly.



More information about the Xymon mailing list