Bug 190329

Summary: Upgrade from FC3 breaks ssl and gpg
Product: [Fedora] Fedora Reporter: Jørgen Thomsen <joergen>
Component: opensslAssignee: Tomas Mraz <tmraz>
Status: CLOSED UPSTREAM QA Contact: Brian Brock <bbrock>
Severity: high Docs Contact:
Priority: medium    
Version: 5CC: wtogami
Target Milestone: ---   
Target Release: ---   
Hardware: i686   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2006-05-09 06:54:39 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Jørgen Thomsen 2006-05-01 09:52:08 UTC 
Description of problem:
After spending many hours of detecting the cause of gpg and ssl connections not 
working after the upgrade, I found these problems:

1) perl module Net::SSLeay (CPAN 1.30) cannot install with 'undefined symbol 
inflateEnd'. Reason: the zlib library '-lz' is not included in the library 
paths to search (this has been reported to the developers). Might be caused by 
using openssl 0.9.8a

2) non-root users cannot use ssl and gpg due to no read permission 
to /dev/urandom for anybody by root. Whether this is a problem with kernel
2.6.16-1.2096_FC5 or the one I had to fallback to (2.6.9) due to the missing 
serial ports, I do not know.
  

Version-Release number of selected component (if applicable):


How reproducible:
Constantly

Steps to Reproduce:
1.
2.
3.
  
Actual results:


Expected results:


Additional info:
Comment 1 Jørgen Thomsen 2006-05-01 22:03:26 UTC 
re 2) 
After compiling a kernel with my missing serial ports added (unrelated to 
this), I noticed that after booting, the /dev/random and /dev/urandom did have 
read permission for everybody, so it might be a problem related to the older 
kernel I used unless the permissions somehow survive a boot.
Comment 2 Dave Jones 2006-05-07 00:22:15 UTC 
you have three separate problems here. please file a separate bug for each next
time.

The kernel problem (the serial port issue) can be solved without revuilding the
kernel.  Boot with 8250.nr_uarts=4 (or however many you have).

The permissions issue was indeed due to the older kernel. (Remember FC3 had no
udev, so lots of the kernel side bits were also missing, so when udev started
up, it had no clue what was going on).

The perl/ssl issue I've no idea, reassigning.
Comment 3 Tomas Mraz 2006-05-09 06:54:39 UTC 
The libcrypto and libssl link to libz correctly so I don't see where the problem
you reported above comes from.