[sudo-workers] How to specify prefix for openssl
Renato Botelho
garga at FreeBSD.org
Tue Oct 31 14:50:54 MDT 2023
I'm maintainer of sudo on FreeBSD ports tree and recently user reported
a problem [1].
Just to give you some context, FreeBSD has OpenSSL available on its base
system, and in this case, on FreeBSD 13.2, it's OpenSSL 1.1.1. This is
installed under /usr prefix.
It's also possible to install another instance of OpenSSL using ports
tree, and in this case, version is 3.x. This is installed under prefix
/usr/local and is completely separated from base system.
After investigating this scenario reported by user I noticed that sudo
build scripts are linking binaries against openssl 1.1.1:
% ldd
/wrkdirs/usr/ports/security/sudo/work/sudo-1.9.15rc1/lib/util/.libs/libsudo_util.so
/wrkdirs/usr/ports/security/sudo/work/sudo-1.9.15rc1/lib/util/.libs/libsudo_util.so:
libcrypto.so.111 => /lib/libcrypto.so.111 (0x2a89c4a15000)
libc.so.7 => /lib/libc.so.7 (0x2a89c293f000)
libthr.so.3 => /lib/libthr.so.3 (0x2a89c5cee000)
FreeBSD ports build system sets some environment variables like:
OPENSSLBASE=/usr/local
OPENSSLDIR=/usr/local/openssl
OPENSSLINC=/usr/local/include
OPENSSLLIB=/usr/local/lib
OPENSSLRPATH=/usr/local/lib
But those are not being used by build scripts and it doesn't seem
--enable-openssl is designed to accept any parameters.
Is there a way to specify PREFIX for OpenSSL that wants to be used
during sudo build?
Thanks!
[1] https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=274753
--
Renato Botelho
More information about the sudo-workers
mailing list