0

操作系统:Red Hat Enterprise Linux Server 7.9 (Maipo)
Apache 版本:Apache/2.4.46 (Unix)
Shibboleth 版本:3.2.0

尝试停止 Apache ( apachectl stop ) 时出错:

httpd: Syntax error on line 528 of <Apache>/conf/httpd.conf: Syntax error on line 13 of <Apache>/conf/myshib.conf: Cannot load /usr/lib64/shibboleth/mod_shib_24.so into server: /usr/lib64/libldap_r-2.4.so.2: undefined symbol: ber_sockbuf_io_udp

<Apache>/conf/httpd.conf 的第 528行:

Include conf/myshib.conf

<Apache>/conf/myshib.conf 的第 13行:

LoadModule mod_shib /usr/lib64/shibboleth/mod_shib_24.so

尝试过 - https://superuser.com/questions/1283252/slappasswd-symbol-lookup-error-undefined-symbol-ber-sockbuf-io-udp

  • 但是运行“ export LD_LIBRARY_PATH=/lib64:$LD_LIBRARY_PATH ”并没有解决问题。

ldd /usr/lib64/libldap_r-2.4.so.2 ”命令的输出:

    linux-vdso.so.1 =>  (0x00007ffd1c76e000)
    liblber-2.4.so.2 => /usr/lib64/liblber-2.4.so.2 (0x00007f5b3e87d000)
    libresolv.so.2 => /usr/lib64/libresolv.so.2 (0x00007f5b3e663000)
    libsasl2.so.3 => /usr/lib64/libsasl2.so.3 (0x00007f5b3e446000)
    libssl.so.10 => /usr/lib64/libssl.so.10 (0x00007f5b3e1d4000)
    libcrypto.so.10 => /usr/lib64/libcrypto.so.10 (0x00007f5b3dd71000)
    libssl3.so => /usr/lib64/libssl3.so (0x00007f5b3db14000)
    libsmime3.so => /usr/lib64/libsmime3.so (0x00007f5b3d8ec000)
    libnss3.so => /usr/lib64/libnss3.so (0x00007f5b3d5b8000)
    libnssutil3.so => /usr/lib64/libnssutil3.so (0x00007f5b3d388000)
    libplds4.so => /usr/lib64/libplds4.so (0x00007f5b3d184000)
    libplc4.so => /usr/lib64/libplc4.so (0x00007f5b3cf7f000)
    libnspr4.so => /usr/lib64/libnspr4.so (0x00007f5b3cd41000)
    libpthread.so.0 => /usr/lib64/libpthread.so.0 (0x00007f5b3cb25000)
    libdl.so.2 => /usr/lib64/libdl.so.2 (0x00007f5b3c921000)
    libc.so.6 => /usr/lib64/libc.so.6 (0x00007f5b3c553000)
    libcrypt.so.1 => /usr/lib64/libcrypt.so.1 (0x00007f5b3c31c000)
    libgssapi_krb5.so.2 => /usr/lib64/libgssapi_krb5.so.2 (0x00007f5b3c0cf000)
    libkrb5.so.3 => /usr/lib64/libkrb5.so.3 (0x00007f5b3bde6000)
    libk5crypto.so.3 => /usr/lib64/libk5crypto.so.3 (0x00007f5b3bbb3000)
    libcom_err.so.2 => /usr/lib64/libcom_err.so.2 (0x00007f5b3b9af000)
    libkrb5support.so.0 => /usr/lib64/libkrb5support.so.0 (0x00007f5b3b79f000)
    libz.so.1 => /usr/lib64/libz.so.1 (0x00007f5b3b589000)
    librt.so.1 => /usr/lib64/librt.so.1 (0x00007f5b3b381000)
    /lib64/ld-linux-x86-64.so.2 (0x00007f5b3eceb000)
    libfreebl3.so => /usr/lib64/libfreebl3.so (0x00007f5b3b17e000)
    libkeyutils.so.1 => /usr/lib64/libkeyutils.so.1 (0x00007f5b3af7a000)
    libselinux.so.1 => /usr/lib64/libselinux.so.1 (0x00007f5b3ad53000)
    libpcre.so.1 => /usr/lib64/libpcre.so.1 (0x00007f5b3aaf1000)

然后尝试 - https://unix.stackexchange.com/questions/193320/yum-corrupted-on-rhel-6

" for lib in /lib64/ .so.的输出;do if nm -D $lib|grep ber_sockbuf_io_udp; then echo $lib; fi; done " 命令:

000000000020e020 D ber_sockbuf_io_udp
/lib64/liblber-2.4.so.2
000000000020e020 D ber_sockbuf_io_udp
/lib64/liblber-2.4.so.2.10.7
                 U ber_sockbuf_io_udp
/lib64/libldap-2.4.so.2
                 U ber_sockbuf_io_udp
/lib64/libldap-2.4.so.2.10.7
                 U ber_sockbuf_io_udp
/lib64/libldap_r-2.4.so.2
                 U ber_sockbuf_io_udp
/lib64/libldap_r-2.4.so.2.10.7

rpm -qf /lib64/liblber-2.4.so.2 ”命令的输出:

openldap-2.4.44-22.el7.x86_64

试图安装“openldap”,但它已经存在

yum install openldap-2.4.44-22.el7.x86_64
Loaded plugins: langpacks, product-id, search-disabled-repos
Package openldap-2.4.44-22.el7.x86_64 already installed and latest version
Nothing to do

重新启动整个服务器并使用“ yum reinstall openldap.x86_64 ”命令重新安装“openldap”,但没有运气。

Apache 在访问https://hostname.domain.com 时启动并返回响应,但使用 URL https://hostname.domain.com/Shibboleth.sso/Metadata 通过 Apache 下载 Shib Metadata XML 文件失败

如果我错过了添加任何明显的内容,我深表歉意。

更新:
在使用旧版Shibboleth 3.1.0时有效

4

1 回答 1

0

类似的线程在这里:https ://unix.stackexchange.com/questions/193320/yum-corrupted-on-rhel-6

在我的情况下(RHEL7.8 + Apache 2.4 + Shibboleth 3.2)我能够通过将/usr/lib64/libldap_r-2.4.so.2库替换为 Apache 目录中的库来解决问题:<APACHE_ROOT>/HTTPServer/openldap/lib/libldap_r-2.4.so.2

运行: locate libldap_r-2.4.so.2 查找库的位置。就我而言,我得到了:

/app/ptc/Windchill_12.0/HTTPServer/openldap/lib/libldap_r-2.4.so.2
/app/ptc/Windchill_12.0/HTTPServer/openldap/lib/libldap_r-2.4.so.2.10.12
/usr/lib/libldap_r-2.4.so.2
/usr/lib/libldap_r-2.4.so.2.10.7
/usr/lib64/libldap_r-2.4.so.2
/usr/lib64/libldap_r-2.4.so.2.10.7

我注意到错误中使用的库在/usr/lib64目录中。我替换了它,现在./apachectl -t报告“语法正常”

我对 Linux 的了解还不够,无法解释这里发生了什么或正确的修复方法是什么。这是我的观察并解决了这个问题,但我相信我的步骤是一个 hack。

有人有更优雅的升级证明解决方案吗?

参考:https ://groups.google.com/g/repmgr/c/TS7QfYEoNoY

cd /usr/lib64/
ll | grep libldap
lrwxrwxrwx.  1 root root       21 Feb 11 16:42 libldap-2.4.so.2 -> libldap-2.4.so.2.10.7
-rwxr-xr-x.  1 root root   352512 Jun  6  2020 libldap-2.4.so.2.10.7
lrwxrwxrwx.  1 root root       23 Feb 11 16:42 libldap_r-2.4.so.2 -> libldap_r-2.4.so.2.10.7
-rwxr-xr-x.  1 root root   381328 Jun  6  2020 libldap_r-2.4.so.2.10.7

它似乎/usr/lib64/libldap_r2.4.so.2只是一个符号链接到libldap_r-2.4.so.2.10.7.

我想知道 2.10.7 中是否缺少或不推荐使用的符号......有没有办法告诉 2 个版本中的差异?

更新 我注意到您可以使用LoadFileApache conf 中的命令。在条目解决问题之前添加LoadFile <APACHE_ROOT>/HTTPServer/openldap/lib/libldap_r-2.4.so.2我的 00-shib.conf 文件。LoadModule mod_shib /usr/lib64/shibboleth/mod_shib_24.so

这对我来说似乎仍然是一种解决方法/破解,并且库/不同版本可能存在潜在问题。

于 2021-02-12T18:08:57.460 回答