View previous topic :: View next topic |
Author |
Message |
MarcGentoo n00b
Joined: 26 Nov 2020 Posts: 65
|
Posted: Fri Jun 23, 2023 5:45 pm Post subject: openssl slot conflict |
|
|
Hello,
unfortuanetly I do have a slot conflict I cannot solve myself. Note: I need php7 and cannot uninstall that :/
Can you please show me the right direction to solve this?
Thank you in advance.
Code: | emerge -auUDNq @world
!!! Multiple package instances within a single package slot have been pulled
!!! into the dependency graph, resulting in a slot conflict:
dev-libs/openssl:0
(dev-libs/openssl-3.0.9-r1:0/3::gentoo, ebuild scheduled for merge) USE="asm -fips -ktls -rfc3779 -sctp -static-libs -test -tls-compression -vanilla -verify-sig -weak-ssl-ciphers" ABI_X86="32 (64) (-x32)" CPU_FLAGS_X86="(sse2)" pulled in by
(no parents that aren't satisfied by other packages in this slot)
(dev-libs/openssl-1.1.1u:0/1.1::gentoo, installed) USE="asm -rfc3779 -sctp -sslv3 -static-libs -test -tls-compression -tls-heartbeat -vanilla -verify-sig -weak-ssl-ciphers" ABI_X86="32 (64) (-x32)" CPU_FLAGS_X86="(sse2)" pulled in by
dev-libs/openssl:0/1.1= required by (dev-libs/xmlsec-1.3.0-r1:0/1.3::gentoo, installed) USE="nss openssl -doc -gcrypt -gnutls -http -static-libs -test" ABI_X86="(64)"
^^^^^^^
<dev-libs/openssl-3.0 required by (dev-lang/php-7.4.33-r2:7.4/7.4::gentoo, installed) USE="acl apache2 argon2 bcmath berkdb bzip2 calendar cdb cgi cli ctype curl embed fileinfo filter flatfile fpm ftp gd gdbm iconv imap intl ipv6 jit json lmdb mysql mysqli nls opcache pdo phar posix readline session simplexml sockets sodium spell sqlite ssl threads tidy tokenizer truetype unicode webp xml xmlreader xmlrpc xmlwriter zip zlib -cjk (-coverage) -debug -enchant -exif -ffi (-firebird) -gmp -inifile -iodbc -kerberos -ldap -ldap-sasl -libedit -mhash -mssql -oci8-instant-client -odbc -pcntl -phpdbg -postgres -qdbm (-selinux) -session-mm -sharedmem -snmp -soap -systemd -sysvipc -test -tokyocabinet -xpm -xslt" ABI_X86="(64)"
^ ^^^
(and 55 more with the same problems)
NOTE: Use the '--verbose-conflicts' option to display parents omitted above
emerge: there are no ebuilds to satisfy "dev-libs/boost:0/1.81.0=[icu,nls]".
(dependency required by "@selected" [set])
(dependency required by "@world" [argument]) |
|
|
Back to top |
|
|
ali3nx l33t
Joined: 21 Sep 2003 Posts: 722 Location: Winnipeg, Canada
|
Posted: Fri Jun 23, 2023 6:03 pm Post subject: |
|
|
I had a similar slot conflict caused by openssl 3 being stabilized and the root cause of the conflict was ruby 3.0.x having remained installed.
try adding
Code: | RUBY_TARGETS="ruby31" |
to make.conf then run a world update check with
Code: | emerge -uDNpv world |
to test if the result changes.
Often permitting multiple ruby interpreter versions to be installed is unnecessary and the added occasional package conflicts that can cause can be somewhat annoying. I've been restricting ruby to a single target version for many years. _________________ Compiling Gentoo since version 1.4
Thousands of Gentoo Installs Completed
Emerged on every continent but Antarctica
Compile long and Prosper! |
|
Back to top |
|
|
MarcGentoo n00b
Joined: 26 Nov 2020 Posts: 65
|
Posted: Fri Jun 23, 2023 6:22 pm Post subject: |
|
|
Hi, thanks for the hint, but it did not change a thing in my case. |
|
Back to top |
|
|
ali3nx l33t
Joined: 21 Sep 2003 Posts: 722 Location: Winnipeg, Canada
|
Posted: Fri Jun 23, 2023 6:26 pm Post subject: |
|
|
MarcGentoo wrote: | Hi, thanks for the hint, but it did not change a thing in my case. |
do you have a differing result from
also could you provide a pastebin url for
and
Code: | /etc/portage/make.conf |
also check the result of
Code: | emerge -p --depclean |
Thanks _________________ Compiling Gentoo since version 1.4
Thousands of Gentoo Installs Completed
Emerged on every continent but Antarctica
Compile long and Prosper! |
|
Back to top |
|
|
fedeliallalinea Administrator
Joined: 08 Mar 2003 Posts: 31019 Location: here
|
Posted: Fri Jun 23, 2023 6:34 pm Post subject: |
|
|
If you want keep php7 the warning about openssl-3 will remain since it cannot compile with this version.
Code: | emerge: there are no ebuilds to satisfy "dev-libs/boost:0/1.81.0=[icu,nls]".
(dependency required by "@selected" [set])
(dependency required by "@world" [argument]) |
You have boost in world file? Try to run emerge --deselect dev-libs/boost and the the update. _________________ Questions are guaranteed in life; Answers aren't. |
|
Back to top |
|
|
Hu Administrator
Joined: 06 Mar 2007 Posts: 21918
|
Posted: Fri Jun 23, 2023 6:57 pm Post subject: |
|
|
To elaborate on fedeliallalinea's post, you already solved it. You just are not willing to use the solution. The solution is to remove php-7.4. Since you say you cannot do that, then you cannot eliminate this conflict at this time. |
|
Back to top |
|
|
stefan11111 l33t
Joined: 29 Jan 2023 Posts: 922 Location: Romania
|
Posted: Fri Jun 23, 2023 7:01 pm Post subject: |
|
|
@MarcGentoo
Can't you just mask openssl 3.0 until you can fully migrate it you want to get rid of the conflict?
This is of course, in you don't need openssl 3.0 _________________ My overlay: https://github.com/stefan11111/stefan_overlay
INSTALL_MASK="/etc/systemd /lib/systemd /usr/lib/systemd /usr/lib/modules-load.d *udev* /usr/lib/tmpfiles.d *tmpfiles* /var/lib/dbus /usr/bin/gdbus /lib/udev" |
|
Back to top |
|
|
John R. Graham Administrator
Joined: 08 Mar 2005 Posts: 10591 Location: Somewhere over Atlanta, Georgia
|
Posted: Fri Jun 23, 2023 7:03 pm Post subject: |
|
|
Well the other solution is to mask openssl-3. That solution won't be trouble free forever, but it (seems to be) trouble free today. Almost nobody needs openssl-3 today.
- John _________________ I can confirm that I have received between 0 and 499 National Security Letters.
Last edited by John R. Graham on Fri Jun 23, 2023 7:05 pm; edited 1 time in total |
|
Back to top |
|
|
stefan11111 l33t
Joined: 29 Jan 2023 Posts: 922 Location: Romania
|
Posted: Fri Jun 23, 2023 7:05 pm Post subject: |
|
|
John R. Graham wrote: | Well the other solution is to mask openssl-3. That solution won't be trouble free forever, but it (seems to be) trouble free today.
- John |
There is another solution, but I don't know if he wants it:
Code: | $ openssl version
LibreSSL 3.8.0 |
_________________ My overlay: https://github.com/stefan11111/stefan_overlay
INSTALL_MASK="/etc/systemd /lib/systemd /usr/lib/systemd /usr/lib/modules-load.d *udev* /usr/lib/tmpfiles.d *tmpfiles* /var/lib/dbus /usr/bin/gdbus /lib/udev" |
|
Back to top |
|
|
GoofyX Tux's lil' helper
Joined: 23 Feb 2005 Posts: 84 Location: Greece
|
Posted: Fri Jun 23, 2023 7:07 pm Post subject: |
|
|
Similar problems here. Unmerged all PHP slots and MariaDB-10.5, emerged openssl 3 and I couldn't emerge PHP 7.4, 8.0 or MariaDB 10.5, since they require < openssl-3. Nice. Very nice.
A stable package has arrived (openssl 3) that creates blocks, since other stable packages already exist in the tree and cannot build with this package. Is this a stable system?
For me, the solution at the moment is to mask openssl 3, until a viable solution is found. I know PHP 7.4 is already EOL, but I need it (and I'm pretty sure there are others that need it too) for existing projects. _________________ ... Morpheus: What is "real"? How do you define "real"? If you 're talking about what you can feel, what you can smell, what you can taste and see, then "real" is simply electrical signals interpreted by your brain... |
|
Back to top |
|
|
John R. Graham Administrator
Joined: 08 Mar 2005 Posts: 10591 Location: Somewhere over Atlanta, Georgia
|
Posted: Fri Jun 23, 2023 7:25 pm Post subject: |
|
|
GoofyX wrote: | Similar problems here. Unmerged all PHP slots and MariaDB-10.5, emerged openssl 3 and I couldn't emerge PHP 7.4, 8.0 or MariaDB 10.5, since they require < openssl-3. Nice. Very nice. | openssl-3 breaks ABI compatibility with openssl-1 in the name of simplification, modernization, and code base maintainability, among other things. There's some work to do to port code to use the new ABI. I'm working through that with some of my own code.
Furthermore, the OpenSSL team has declared that they are on a journey, meaning that there will be more (hopefully mostly modest) breakage in the future. Alas, this leaves legacy code somewhat out in the cold.
- John _________________ I can confirm that I have received between 0 and 499 National Security Letters. |
|
Back to top |
|
|
sam_ Developer
Joined: 14 Aug 2020 Posts: 1720
|
Posted: Fri Jun 23, 2023 8:12 pm Post subject: |
|
|
GoofyX wrote: | Similar problems here. Unmerged all PHP slots and MariaDB-10.5, emerged openssl 3 and I couldn't emerge PHP 7.4, 8.0 or MariaDB 10.5, since they require < openssl-3. Nice. Very nice.
A stable package has arrived (openssl 3) that creates blocks, since other stable packages already exist in the tree and cannot build with this package. Is this a stable system?
For me, the solution at the moment is to mask openssl 3, until a viable solution is found. I know PHP 7.4 is already EOL, but I need it (and I'm pretty sure there are others that need it too) for existing projects. |
OpenSSL 1.1.1* is EOL in September and we've tried our best to make sure the tree is as ready as possible, but we also can't change reality either. |
|
Back to top |
|
|
Hu Administrator
Joined: 06 Mar 2007 Posts: 21918
|
Posted: Fri Jun 23, 2023 8:54 pm Post subject: |
|
|
As I understand it, the stable system promise is that you are not being required to accept a testing-keyword package to satisfy a stable package. Similarly, you are not being presented with two stable packages that satisfy their dependency relations, but then fail to build together. You are instead presented with two stable packages that Portage knows cannot be built together. While unfortunate, this is what happens when a providing package makes breaking changes and not all the consuming packages adapt for those changes in a timely manner. Remember that the Gentoo maintainers may not be contributors on the underlying package upstream, so while they can set blocks to keep you out of trouble, it is not necessarily their responsibility to update the consuming package to work with the breaking changes. Where they can, they often do, for the sake of avoiding threads like this. |
|
Back to top |
|
|
GoofyX Tux's lil' helper
Joined: 23 Feb 2005 Posts: 84 Location: Greece
|
Posted: Sat Jun 24, 2023 6:59 am Post subject: |
|
|
Thank you all for the answers. I'm sure you've already considered this, but isn't it possible the newer openssl 3 version to be installed in a slot? _________________ ... Morpheus: What is "real"? How do you define "real"? If you 're talking about what you can feel, what you can smell, what you can taste and see, then "real" is simply electrical signals interpreted by your brain... |
|
Back to top |
|
|
fedeliallalinea Administrator
Joined: 08 Mar 2003 Posts: 31019 Location: here
|
Posted: Sat Jun 24, 2023 10:06 am Post subject: |
|
|
GoofyX wrote: | Thank you all for the answers. I'm sure you've already considered this, but isn't it possible the newer openssl 3 version to be installed in a slot? |
I don't know why the slots are not there (I think it is onerous to maintain them) but remains the fact that it will be removed from the tree in September.
Keeping a security package in the tree that is no longer updated upstream doesn't seem logical to me. _________________ Questions are guaranteed in life; Answers aren't. |
|
Back to top |
|
|
GoofyX Tux's lil' helper
Joined: 23 Feb 2005 Posts: 84 Location: Greece
|
Posted: Sat Jun 24, 2023 2:40 pm Post subject: |
|
|
fedeliallalinea wrote: | GoofyX wrote: | Thank you all for the answers. I'm sure you've already considered this, but isn't it possible the newer openssl 3 version to be installed in a slot? |
I don't know why the slots are not there (I think it is onerous to maintain them) but remains the fact that it will be removed from the tree in September.
Keeping a security package in the tree that is no longer updated upstream doesn't seem logical to me. |
Are you referring to the PHP 7.4 package or the openssl 1.1 one that will be removed in September? _________________ ... Morpheus: What is "real"? How do you define "real"? If you 're talking about what you can feel, what you can smell, what you can taste and see, then "real" is simply electrical signals interpreted by your brain... |
|
Back to top |
|
|
fedeliallalinea Administrator
Joined: 08 Mar 2003 Posts: 31019 Location: here
|
Posted: Sat Jun 24, 2023 3:35 pm Post subject: |
|
|
GoofyX wrote: | Are you referring to the PHP 7.4 package or the openssl 1.1 one that will be removed in September? |
I refer to openssl, I want to point out that this is my assumption. _________________ Questions are guaranteed in life; Answers aren't. |
|
Back to top |
|
|
Hu Administrator
Joined: 06 Mar 2007 Posts: 21918
|
Posted: Sat Jun 24, 2023 3:58 pm Post subject: |
|
|
Slots are only viable if the two slotted versions can be installed at the same time without causing file collisions. Many upstream packages have specific filenames and paths they want to use, and if they cannot be made to use alternate pathnames, then they cannot be slotted. Slotting a library has the additional complication that everything which needs to use that library needs to find the library under the slot-specific pathname. If upstream does not support slotting, consuming packages likely lack support for finding the library at a slot-specific pathname, which means even more work to usefully enable slotting. |
|
Back to top |
|
|
MarcGentoo n00b
Joined: 26 Nov 2020 Posts: 65
|
Posted: Mon Jun 26, 2023 4:08 am Post subject: |
|
|
Hello,
thanks for pointing out the details and the discussion. This brings across that the community really cares about the usecases with gentoo.
In my case it is the usage of owncloud which prohibits me updating to php8.
Masking openssl3 was the solution.
Thanks a lot. |
|
Back to top |
|
|
fedeliallalinea Administrator
Joined: 08 Mar 2003 Posts: 31019 Location: here
|
Posted: Mon Jun 26, 2023 4:29 am Post subject: |
|
|
The www-apps/owncloud support php8
owncloud-10.12.1.ebuild: | ...
RDEPEND=">=dev-lang/php-7.0[curl?,filter,gd,hash(+),intl,json(+),mysql?,pdo,posix,postgres?,session,simplexml,sqlite?,xmlreader,xmlwriter,zip]
virtual/httpd-php"
... |
_________________ Questions are guaranteed in life; Answers aren't. |
|
Back to top |
|
|
MarcGentoo n00b
Joined: 26 Nov 2020 Posts: 65
|
|
Back to top |
|
|
fedeliallalinea Administrator
Joined: 08 Mar 2003 Posts: 31019 Location: here
|
Posted: Mon Jun 26, 2023 11:14 am Post subject: |
|
|
MarcGentoo wrote: | indeed the ebuild does, but the software doesn't. |
You're right I based my assumption on the ebuild and not by checking if the software actually had support. _________________ Questions are guaranteed in life; Answers aren't. |
|
Back to top |
|
|
victorc n00b
Joined: 03 Jul 2023 Posts: 2
|
Posted: Mon Jul 03, 2023 10:30 am Post subject: |
|
|
I have a similar issue Quote: | WARNING: One or more updates/rebuilds have been skipped due to a dependency conflict: | when performing world update Code: | emerge -avuDN @world | and it seems related to the MariaDB:
Code: |
<dev-libs/openssl-3:= required by (dev-db/mariadb-10.5.21:10.5/18::gentoo, ebuild scheduled for merge) USE="backup pam perl server systemd -bindist -columnstore -cracklib -debug -extraengine -galera -innodb-lz4 -innodb-lzo -innodb-snappy -jdbc -jemalloc -kerberos -latin1 (-mroonga) -numa -odbc -oqgraph -profiling -rocksdb -s3 (-selinux) -sphinx -sst-mariabackup -sst-rsync -static -systemtap -tcmalloc -test -xml -yassl" ABI_X86="(64)"
^ ^
|
What are my options for fixing this? |
|
Back to top |
|
|
Josef.95 Advocate
Joined: 03 Sep 2007 Posts: 4626 Location: Germany
|
Posted: Mon Jul 03, 2023 11:02 am Post subject: |
|
|
Hi victorc,
the dep in mariadb-10.5.21.ebuild is Code: | !yassl? (
<dev-libs/openssl-3:=
) |
I think enable the yassl useflag for the dev-db/mariadb package should probably help for you.
Code: | echo "dev-db/mariadb:10.5 yassl" >> /etc/portage/package.use/misc |
|
|
Back to top |
|
|
GoofyX Tux's lil' helper
Joined: 23 Feb 2005 Posts: 84 Location: Greece
|
Posted: Mon Jul 03, 2023 12:54 pm Post subject: |
|
|
victorc wrote: | I have a similar issue Quote: | WARNING: One or more updates/rebuilds have been skipped due to a dependency conflict: | when performing world update Code: | emerge -avuDN @world | and it seems related to the MariaDB:
Code: |
<dev-libs/openssl-3:= required by (dev-db/mariadb-10.5.21:10.5/18::gentoo, ebuild scheduled for merge) USE="backup pam perl server systemd -bindist -columnstore -cracklib -debug -extraengine -galera -innodb-lz4 -innodb-lzo -innodb-snappy -jdbc -jemalloc -kerberos -latin1 (-mroonga) -numa -odbc -oqgraph -profiling -rocksdb -s3 (-selinux) -sphinx -sst-mariabackup -sst-rsync -static -systemtap -tcmalloc -test -xml -yassl" ABI_X86="(64)"
^ ^
|
What are my options for fixing this? |
MariaDB 10.6 is supposed to be compatible with openssl 3.0, so you can try upgrading. But you must first check if other packages depend on openssl < 3.0 before doing that. Eg. PHP 7.4 and 8.0 belong to this case. _________________ ... Morpheus: What is "real"? How do you define "real"? If you 're talking about what you can feel, what you can smell, what you can taste and see, then "real" is simply electrical signals interpreted by your brain... |
|
Back to top |
|
|
|