| View previous topic :: View next topic |
| Author |
Message |
n1ese
Tux's lil' helper
Joined: 29 Sep 2019
Posts: 80
|
 Posted: Wed Mar 15, 2023 11:07 pm Post subject: Gentoo updating question (OpenSSL) |
 |
|
Over the past few weeks, when I sync and update this system (something I do at least a few times a week), I will occassionally see it skipping several packages from updating due to an OpenSSL dependency conflict. I've been ignoring it but running with with outdated OpenSSL isn't sitting well with me. How would I best address this situation?
| Code: | ganymede ~ # emerge --ask --verbose --update --deep --newuse @world
These are the packages that would be merged, in order:
Calculating dependencies... done!
Dependency resolution took 30.34 s.
[ebuild U ] virtual/editor-0-r5::gentoo [0-r4::gentoo] 0 KiB
[ebuild U ] dev-libs/gobject-introspection-common-1.76.0::gentoo [1.75.6::gentoo] 1,030 KiB
[ebuild U ] dev-lang/python-3.10.10_p3:3.10::gentoo [3.10.10_p2:3.10::gentoo] USE="ensurepip gdbm ncurses readline sqlite ssl xml -bluetooth -build -examples (-hardened) -libedit -lto -pgo -test -tk -valgrind -verify-sig" 15 KiB
[ebuild U ] dev-lang/python-3.11.2_p2:3.11::gentoo [3.11.2_p1:3.11::gentoo] USE="ensurepip gdbm ncurses readline sqlite ssl -bluetooth -build -examples (-hardened) -libedit -lto -pgo -test -tk -valgrind -verify-sig" 9 KiB
[ebuild U ] dev-python/wheel-0.40.0::gentoo [0.38.4::gentoo] USE="-test" PYTHON_TARGETS="python3_10 -pypy3 -python3_9 -python3_11" 94 KiB
[ebuild U ] dev-libs/gobject-introspection-1.76.0::gentoo [1.75.6::gentoo] USE="-doctool -gtk-doc -test" PYTHON_SINGLE_TARGET="python3_10 -python3_9 -python3_11" 0 KiB
[blocks b ] <dev-libs/gobject-introspection-1.76.0 ("<dev-libs/gobject-introspection-1.76.0" is soft blocking dev-libs/gobject-introspection-common-1.76.0)
[ebuild U ] gui-libs/gtk-4.10.1:4::gentoo [4.10.0:4::gentoo] USE="X introspection (-aqua) -broadway -cloudproviders -colord -cups -examples (-ffmpeg) -gstreamer (-sysprof) -test (-vulkan) -wayland" 20,002 KiB
[ebuild U ] dev-util/cmake-3.26.0::gentoo [3.25.3::gentoo] USE="ncurses -doc -emacs -qt5 -test -verify-sig" 10,914 KiB
[ebuild U ] net-libs/nghttp2-1.52.0:0/1.14::gentoo [1.51.0-r1:0/1.14::gentoo] USE="-debug -hpack-tools -jemalloc -static-libs -systemd -test -utils -xml (-cxx%)" 1,457 KiB
[ebuild U ] net-misc/curl-7.88.1-r2::gentoo [7.88.1-r1::gentoo] USE="adns ftp http2 imap openssl pop3 progress-meter smtp ssl tftp -alt-svc -brotli -gnutls -gopher -hsts -idn -kerberos -ldap -mbedtls (-nghttp3) -nss -rtmp (-rustls) -samba -ssh -sslv3 -static-libs -telnet -test -verify-sig -websockets -zstd" CURL_SSL="openssl -gnutls -mbedtls -nss (-rustls)" 0 KiB
[ebuild U ] dev-vcs/git-2.40.0::gentoo [2.39.2::gentoo] USE="blksha1 curl gpg iconv nls pcre perl safe-directory webdav -cgi -cvs -doc -gnome-keyring -highlight (-mediawiki) -perforce (-selinux) -subversion -test -tk -xinetd (-mediawiki-experimental%)" PYTHON_SINGLE_TARGET="python3_10 -python3_9 -python3_11" 7,565 KiB
Total: 11 packages (11 upgrades), Size of downloads: 41,083 KiB
Conflict: 1 block (all satisfied)
WARNING: One or more updates/rebuilds have been skipped due to a dependency conflict:
dev-libs/openssl:0
(dev-libs/openssl-3.0.8-r1:0/3::gentoo, ebuild scheduled for merge) USE="asm -fips -ktls -rfc3779 -sctp -static-libs -test -tls-compression -vanilla -verify-sig -weak-ssl-ciphers" conflicts with
dev-libs/openssl:0/1.1= required by (dev-perl/Net-SSLeay-1.920.0:0/0::gentoo, installed) USE="-examples -minimal -test"
^^^^^^^
dev-libs/openssl:0/1.1= required by (app-arch/libarchive-3.6.2-r1:0/13::gentoo, installed) USE="acl bzip2 e2fsprogs iconv lzma xattr -blake2 -expat -lz4 -lzo -nettle -static-libs -verify-sig -zstd"
^^^^^^^
>=dev-libs/openssl-1.1.1:0/1.1= required by (dev-lang/python-3.12.0_alpha6:3.12/3.12::gentoo, installed) USE="ensurepip gdbm ncurses readline sqlite ssl -bluetooth -build -examples (-hardened) -libedit -lto -pgo -test -tk -valgrind -verify-sig"
^^^^^^^
dev-libs/openssl:0/1.1= required by (dev-lang/rust-1.67.1:stable/1.67::gentoo, installed) USE="-clippy -debug -dist -doc (-llvm-libunwind) (-miri) -nightly (-parallel-compiler) -profiler -rust-analyzer -rust-src -rustfmt -system-bootstrap -system-llvm -test -verify-sig -wasm" LLVM_TARGETS="(AArch64) -AMDGPU -ARM -AVR -BPF -Hexagon -Lanai -MSP430 -Mips -NVPTX -PowerPC -RISCV -Sparc -SystemZ -WebAssembly -X86 -XCore"
^^^^^^^
>=dev-libs/openssl-1.1.1l-r1:0/1.1= required by (net-misc/openssh-9.2_p1-r2:0/0::gentoo, installed) USE="X pam pie ssl -X509 -audit (-debug) -hpn -kerberos -ldns -libedit -livecd -sctp -security-key (-selinux) -static -test -verify-sig -xmss"
^^^^^^^
dev-libs/openssl:0/1.1= required by (dev-lang/ruby-3.1.3:3.1/3.1::gentoo, installed) USE="gdbm rdoc ssl -berkdb -debug -doc -examples -ipv6 -jemalloc -jit -socks5 -static-libs -systemtap -tk -xemacs"
^^^^^^^
dev-libs/openssl:0/1.1= required by (sys-apps/coreutils-9.1-r2:0/0::gentoo, installed) USE="acl nls openssl (split-usr) xattr -caps -gmp -hostname -kill -multicall (-selinux) -static -test -vanilla -verify-sig"
^^^^^^^
dev-libs/openssl:0/1.1= required by (net-wireless/crda-4.14:0/0::gentoo, installed) USE="-gcrypt"
^^^^^^^
dev-libs/openssl:0/1.1= required by (net-misc/rsync-3.2.7-r2:0/0::gentoo, installed) USE="acl iconv ssl xattr -examples -lz4 -rrsync -stunnel -system-zlib -verify-sig -xxhash -zstd" PYTHON_SINGLE_TARGET="python3_10 -python3_11 -python3_9"
^^^^^^^
dev-libs/openssl:0/1.1= required by (media-sound/pulseaudio-daemon-16.1-r6:0/0::gentoo, installed) USE="X alsa alsa-plugin asyncns dbus elogind gdbm glib ssl udev -aptx -bluetooth -equalizer -fftw -gstreamer -jack -ldac -lirc -ofono-headset (-orc) (-oss) (-selinux) -sox (-system-wide) -systemd -tcpd -test -valgrind (-webrtc-aec) -zeroconf"
^^^^^^^
dev-libs/openssl:0/1.1= required by (net-ftp/ftp-0.17.34.0.2.5.1:0/0::gentoo, installed) USE="readline ssl -ipv6"
^^^^^^^
dev-libs/openssl:0/1.1= required by (sys-apps/rng-tools-6.16:0/0::gentoo, installed) USE="-jitterentropy -nistbeacon -pkcs11 -qrypt -rtlsdr (-selinux)"
^^^^^^^
dev-libs/openssl:0/1.1= required by (net-misc/wget-1.21.3-r1:0/0::gentoo, installed) USE="nls pcre (ssl) zlib -cookie-check -debug -gnutls -idn -ipv6 -metalink -ntlm -static -test -uuid (-verify-sig)"
^^^^^^^
=dev-libs/openssl-1.1*:0= required by (dev-lang/ruby-3.0.5:3.0/3.0::gentoo, installed) USE="gdbm rdoc ssl -berkdb -debug -doc -examples -ipv6 -jemalloc -jit -rubytests -socks5 -static-libs -systemtap -tk -xemacs"
^ ^^^^
=dev-libs/openssl-1.1*:0/1.1= required by (dev-lang/ruby-3.0.5:3.0/3.0::gentoo, installed) USE="gdbm rdoc ssl -berkdb -debug -doc -examples -ipv6 -jemalloc -jit -rubytests -socks5 -static-libs -systemtap -tk -xemacs"
^ ^^^^^^^^^^^
dev-libs/openssl:0/1.1= required by (app-crypt/rhash-1.4.3:0/0::gentoo, installed) USE="nls ssl -debug -static-libs"
^^^^^^^
dev-libs/openssl:0/1.1= required by (dev-python/m2crypto-0.38.0:0/0::gentoo, installed) USE="-test" PYTHON_TARGETS="python3_10 -python3_11 -python3_9"
^^^^^^^
=dev-libs/openssl-1.1*:0= required by (dev-lang/ruby-2.7.7:2.7/2.7::gentoo, installed) USE="gdbm rdoc ssl -berkdb -debug -doc -examples -ipv6 -jemalloc -jit -rubytests -socks5 -static-libs -systemtap -tk -xemacs"
^ ^^^^
=dev-libs/openssl-1.1*:0/1.1= required by (dev-lang/ruby-2.7.7:2.7/2.7::gentoo, installed) USE="gdbm rdoc ssl -berkdb -debug -doc -examples -ipv6 -jemalloc -jit -rubytests -socks5 -static-libs -systemtap -tk -xemacs"
^ ^^^^^^^^^^^
dev-libs/openssl:0/1.1= required by (x11-base/xorg-server-21.1.7:0/21.1.7::gentoo, installed) USE="elogind udev xorg -debug -minimal (-selinux) -suid -systemd -test -unwind -xcsecurity -xephyr -xnest -xvfb"
^^^^^^^
dev-libs/openssl:0/1.1= required by (app-portage/portage-utils-0.95:0/0::gentoo, installed) USE="openmp qmanifest qtegrity -static"
^^^^^^^
>=dev-libs/openssl-1.0.2k:0/1.1= required by (net-wireless/wpa_supplicant-2.10-r1:0/0::gentoo, installed) USE="crda dbus fils hs2-0 mbo mesh readline -ap -broadcom-sta -eap-sim -eapol-test -fasteap -macsec -p2p -privsep (-ps3) -qt5 (-selinux) -smartcard -tdls -tkip -uncommon-eap-types -wep (-wimax) -wps"
^^^^^^^
|
|
|
| Back to top |
|
 |
Hu
Moderator
Joined: 06 Mar 2007
Posts: 21633
|
| Posted: Wed Mar 15, 2023 11:36 pm Post subject: |
|
|
| Various installed packages depend on the current openssl subslot. Rebuilding them may let them switch to the new subslot, but since no new version of those packages is available, a --update @world run does not try to rebuild them. You may be able to force the issue with emerge --oneshot --ask --verbose dev-libs/openssl list-all-installed-packages-requiring-openssl-subslot. Note that openssl-1.1.x is not abandoned, so not upgrading to 3.x at this time is not necessarily wrong. |
|
| Back to top |
|
|
GDH-gentoo
Veteran
Joined: 20 Jul 2019
Posts: 1530
Location: South America
|
| Posted: Wed Mar 15, 2023 11:47 pm Post subject: Re: Gentoo updating question (OpenSSL) |
|
|
| n1ese wrote: |
| Code: | (dev-libs/openssl-3.0.8-r1:0/3::gentoo, ebuild scheduled for merge) USE="asm -fips -ktls -rfc3779 -sctp -static-libs -test -tls-compression -vanilla -verify-sig -weak-ssl-ciphers" conflicts with
...
=dev-libs/openssl-1.1*:0/1.1= required by (dev-lang/ruby-3.0.5:3.0/3.0::gentoo, installed) USE="gdbm rdoc ssl -berkdb -debug -doc -examples -ipv6 -jemalloc -jit -rubytests -socks5 -static-libs -systemtap -tk -xemacs"
^ ^^^^^^^^^^^
...
=dev-libs/openssl-1.1*:0/1.1= required by (dev-lang/ruby-2.7.7:2.7/2.7::gentoo, installed) USE="gdbm rdoc ssl -berkdb -debug -doc -examples -ipv6 -jemalloc -jit -rubytests -socks5 -static-libs -systemtap -tk -xemacs"
^ ^^^^^^^^^^^ |
|
Ruby doesn't support OpenSSL 3.0 (yet), that's why Portage can't upgrade it.
_________________
| NeddySeagoon wrote: | I'm not a witch, I'm a retired electronics engineer  |
| Ionen wrote: | | As a packager I just don't want things to get messier with weird build systems and multiple toolchains requirements though |
|
|
| Back to top |
|
|
Ionen
Developer
Joined: 06 Dec 2018
Posts: 2719
|
| Posted: Thu Mar 16, 2023 12:04 am Post subject: |
|
|
Old ruby anyway, >=3.1 can use openssl-3 but it's still work in progress to bring it in stable and make it the default target (current default is ruby27 and ruby30).
Note that openssl-1.1.1* is still supported for now and getting security fixes, hopefully ruby (and other) issues will be resolved before it becomes a real problem rather than just portage being noisy. |
|
| Back to top |
|
|
n1ese
Tux's lil' helper
Joined: 29 Sep 2019
Posts: 80
|
| Posted: Thu Mar 16, 2023 12:37 am Post subject: |
|
|
Thanks guys, I actually managed to fix it by making ruby31 my target profile instead of ruby27. Let's see what breaks next.   |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Gentoo on ARM
