your issue sounds familiar to me - had exactly the same problems a couple of months ago.
The actual issue - was a different one - there were some links from /usr/opt/rpm/lib pointing to /opt/freeware/lib .. I removed those links and re-install rpm.rte - the problem was solved. No idea why there were difference to my other aix-lpars - but as I mentioned in my reply to Sangamesh, maybe those were relics from previous dnf install attempts a couple of months ago.
Original Message:
Sent: Sun May 05, 2024 06:31 AM
From: Antonin Rozehnal
Subject: Stable DNF Installation fails after last AIX 7.2 rpm security fix ..
I manage several servers with AIX 7200-05-04-2220.
About a year ago I implemented the use of dnf on them. Now I was updating some RPMs and got into a similar error:
Traceback (most recent call last):
File "/opt/freeware/bin/dnf", line 57, in <module>
from dnf.cli import main
File "/opt/freeware/lib/python3.9/site-packages/dnf/__init__.py", line 32, in <module>
import dnf.base
File "/opt/freeware/lib/python3.9/site-packages/dnf/base.py", line 29, in <module>
import libdnf.transaction
File "/opt/freeware/lib/python3.9/site-packages/libdnf/__init__.py", line 3, in <module>
from . import common_types
File "/opt/freeware/lib/python3.9/site-packages/libdnf/common_types.py", line 13, in <module>
from . import _common_types
ImportError: Symbol resolution failed for /opt/freeware/lib/libsolv.a(libsolv.so.1) because:
Symbol _GLOBAL__AIXI_libbz2_so (number 62) is not exported from dependent
module /opt/freeware/lib/libbz2.a(libbz2.so.1).
Symbol _GLOBAL__AIXD_libbz2_so (number 63) is not exported from dependent
module /opt/freeware/lib/libbz2.a(libbz2.so.1).
I checked bzip2-1.0.8-2.ppc on servers where I had unmodified RPMs and I found on some servers I have:
# rpm -qa | grep bzip2
bzip2-1.0.8-2.ppc
# ls -l /opt/freeware/lib/libbz2.a
-rwxr-xr-x 1 root system 201115 26 úno 2018 /opt/freeware/lib/libbz2.a
# ar tv /opt/freeware/lib/libbz2.a
rwxr-xr-x 204/1 94133 2 led 10:02 2018 libbz2.so.1
and on other servers I have
# rpm -qa | grep bzip2
bzip2-1.0.8-2.ppc
# ls -l /opt/freeware/lib/libbz2.a
-rw-r--r-- 1 root system 187977 29 lis 2019 /opt/freeware/lib/libbz2.a
# ar tv /opt/freeware/lib/libbz2.a
rwxr-xr-x 205/1 86294 29 lis 05:57 2019 libbz2.so.1
I don't know how this could happen :-(.
I thought I had installed from the same source.
I tried reinstalling -> rpm --force -U bzip2-1.0.8-2.aix6.1.ppc.rpm
ls -l bzip2-1.0.8-2.aix6.1.ppc.rpm
-rw-r--r-- 1 root system 243981 21 Sep 2023 bzip2-1.0.8-2.aix6.1.ppc.rpm
and the dnf can then be run.
------------------------------
Antonin Rozehnal
Original Message:
Sent: Thu May 02, 2024 10:03 AM
From: SANGAMESH MALLAYYA
Subject: Stable DNF Installation fails after last AIX 7.2 rpm security fix ..
Hi Stefan,
Sorry for the delay.
If we have rpm packages installed then the libraries in /opt/freeware/lib/ are actually from rpm packages.
I didn't see the similar error you have after i update to to 4.15.1.1013.
May be these errors were already their before update to 4.15.1.1013 ?
Because i don't see this rpm.rte modifies the links if rpm packages and it's link are correct.
------------------------------
SANGAMESH
Original Message:
Sent: Mon April 29, 2024 08:57 AM
From: Stefan Lehmann
Subject: Stable DNF Installation fails after last AIX 7.2 rpm security fix ..
Hi Dieter,
I followed the link in IBMs link Security Bulletin: AIX is vulnerable to arbitrary code execution due to RPM (CVE-2023-7104) (ibm.com) - MRS (ibm.com) - chose rpm and then you have to decided which package you need - depending on your OS 7.2 or 7.3
Regards
Stefan
------------------------------
Stefan Lehmann
Original Message:
Sent: Mon April 29, 2024 08:04 AM
From: Dieter Mosbach
Subject: Stable DNF Installation fails after last AIX 7.2 rpm security fix ..
Where did you get rpm.rte 4.15.1.1013 ?
Download from
https://www.ibm.com/resources/mrs/assets?source=aixbp&S_PKG=rpm
is broken :
clicking on download links leads only to empty webpage.
[ download of openssl and openssh works, so it's no client issue...]
https://public.dhe.ibm.com/aix/freeSoftware/aixtoolbox/INSTALLP/ppc/
isn't updated any more...
------------------------------
Dieter Mosbach
Original Message:
Sent: Thu April 25, 2024 05:52 AM
From: Stefan Lehmann
Subject: Stable DNF Installation fails after last AIX 7.2 rpm security fix ..
Hi friends of DNF - today IBM published:
Software: Security Bulletin: AIX is vulnerable to arbitrary code execution due to RPM (CVE-2023-7104)
I updated my first Testmachines running on 7200-05-07-2346 - as suggested to:
rpm.rte 4.15.1.1013
Unfortunately it left dnf spoilt behind. The library /opt/freeware/lib/libbz2.a - had a link to /usr/opt/rpm/lib/libbz2.a - but using this library caused:
ImportError: 0509-130 Symbol resolution failed for /opt/freeware/lib/libsolv.a(libsolv.so.1) because:
0509-136 Symbol _GLOBAL__AIXI_libbz2_so (number 62) is not exported from
dependent module /usr/opt/rpm/lib/libbz2.a(libbz2.so.1).
After unlinking and restoring the original libbz2.a - I was back in business .. but on my second test LPAR it appeared even worse ..
/opt/freeware/lib had links to sqlite*so to /usr/opt/rpm/lib .. - dnf failed, again .. - I stopped updating rpm so far.
After unlinking the libsql* libraries and restoring the old ones from backup dnf worked .. rpm is functional too,
but I fear this cant be the solution - because it will just leave a totally messy library environment behind.
Is it just my environment which behaves that strange?
(Btw the same update of rpm (different fileset) on aix 7.3 machines caused no single problem) everything running solid and stable.
Any suggestions or ideas how to avoid this update issue?
Regards Stefan
------------------------------
Stefan Lehmann
------------------------------