comtrya
comtrya copied to clipboard
comtrya
Bug: libssl.so.1.1 missing error on a brand new Pop!_OS 22.04 LTS isntall
Description
On a brand new installation of Pop!_OS 22.04 LTS machine (laptop), comtrya fails to run.
Steps to reproduce
Brand new Pop!_OS 22.04 LTS machine (laptop) installed.
Installed comptrya by running:
curl -fsSL https://get.comtrya.dev | sudo sh
and I get the following error:
comtrya: error while loading shared libraries: libssl.so.1.1: cannot open shared object file: No such file or directory
Expected behaviour
comtrya to not break.
Environment
- OS : Pop!_OS 22.04 LTS
- Version: 0.7.4
Additional information
I got comtrya to work after running the following code:
# Find the most recent 1.1 libssl package in the ubuntu archives
BASE_URL='http://archive.ubuntu.com/ubuntu/pool/main/o/openssl'
FILE="$(
curl -s "${BASE_URL}/?C=M;O=D" $(\
# Make sure all tags are on separate lines - makes grep work later easier \
) | tr '>' '>\n' $(\
# extract all the unique links on the page \
) | grep 'href' | sed 's/^.*href="\([^"]*\)".*$/\1/p' | awk '!a[$0]++' $(\
# pick the most relevant items on the list (libssl 1.1 for amd64 arch) \
) | grep "libssl" | grep "1.1_" | grep "amd64.deb" $(\
# choose only the last one \
) | tail -1 )"
# Grab the file and if download was successful, install it with sudo
wget "${URL_BASE}/${FILE}" && sudo dpkg -i "./${FILE}"
Searching around, I'm unclear if the omission of this version is by design or unintentional.
Possible solutions:
- The installer shell script (https://get.comtrya.dev) tests for the dependency.
- It can alert (maybe with a link to this issue)
- Attempt to resolve (run code similar to above)
- Document it on the quick start page of the website.
- Statically link an alternative library that will not look for the linked library. (doesn't seem likely for openssl, but stating for completion)
You have to install the library for openssl. I recently had to do this. If I recall correctly:
sudo apt install openssl-devel
Then comtrya should build. My guess is that pop_os does not ship the development library and headers in their 'base' system.
I'll check this, although I think a development library shouldn't be a dependency, so this might still be a bug.
I haven't used the installer script, just built from source which is why I grab the devel, may just need to install the openssl/lineal package. But it's a library comtrya dynamically links against and the error comes up because the library isn't on the system.
The OS does have libssl3.so installed, in the same location that libssl.so.1.1 ends up in:
/usr/lib/x86_54-linux-gnu/libssl.so.3
So it's not about the library not being installed, it's about specific version.
Here is what I found in the systems I have access to:
Search for binaries in the package repository
In case you wish to reproduce/compare results, I used the following to search:
# Install `apt-file` and update its database:
sudo apt install --yes apt-file && sudo apt update && sudo apt-get update
The way I'm searching:
# run 2 queries, sort, removing duplicate entries
printf "%s\n" "$(apt-file search --regexp 'libssl[\d\._]+\.so$')" "$(apt-file search --regexp '/usr/lib/x86_64-linux-gnu/libssl\d')" | sort --unique
Pop!_OS 22.04 LTS results
libnss3: /usr/lib/x86_64-linux-gnu/libssl3.so thunderbird: /usr/lib/thunderbird/libssl3.so
Debian 11 (bullseye)
firefox-esr: /usr/lib/firefox-esr/libssl3.so libnss3: /usr/lib/x86_64-linux-gnu/libssl3.so thunderbird: /usr/lib/thunderbird/libssl3.so
I still have a machine with Ubuntu 20.04 LTS, and here I could find the following packages:
firefox: /usr/lib/firefox/libssl3.so libnss3: /usr/lib/x86_64-linux-gnu/libssl3.so thunderbird-dbg: /usr/lib/debug/usr/lib/thunderbird/libssl3.so thunderbird: /usr/lib/thunderbird/libssl3.so
So it seems, debian/ubuntu/pop!_os are done with libssl1.1 and have moved to libssl3 for a few years now.
This keeps coming back to bite us, I need to look and see how other projects handle this.
To help put things into context. libssl3, which is part of OpenSSL3 has been released in Sep 2021. I still haven't found any debian/ubuntu discussion stating libssl3 is king, but I'm guessing on the debian rooted distro-tree, this is reality now.
OpenSSL are still releasing 1.1.1 builds. And the only EOL that I see announced is for 1.0.2. I do think that using a build with libssl3 is probably the correct approach though.
We are discussing it some on the discord. It was mentioned just vendoring and statically linking, which is something we can do. However, does that now put more responsibility or work on our plate. Right now, we place it on the user/distro/OS essentially. Do we want to assume the responsibility of ensuring comtrya is being built against patched and updates version of SSL. Do we have the time/manpower to do so.
No final decision yet.
The other part of the equation is, OpenSSL is also a transitive dependency, so what our dependencies are depending on may throw a wrench in that.
@Lockszmith-GH OpenSSL is now vendored if you want to give it a shot and see if everything works smoothly. If so, let us know and we can close or you can close the issue. If, it isn't working smoothly, let us know!
I am assuming vendoring in SSL has fixed this, so I will close it out. Feel free to reopen if that is not the case.
It's still an issue.
I just spun up a fedora wsl instance, and i get this error.
installing openssl1.1 fixed it.
sudo dnf install openssl1.1
