flatpak: symbol lookup error: /lib64/libk5crypto.so.3: undefined symbol: EVP_KDF_ctrl, version OPENSSL_1_1_1b

Solution Verified - Updated -

Environment

  • Red Hat Enterprise Linux

Issue

  • ssh login reports flatpak: symbol lookup error: /lib64/libk5crypto.so.3: undefined symbol: EVP_KDF_ctrl, version OPENSSL_1_1_1b
  • switch user fails with su: cannot open session: Module is unknown

Resolution

  • Comment # to LD_LIBRARY_PATH line in /etc/environment or remove the LD_LIBRARY_PATH parameter in /etc/environment.
[root@server ~]# cat /etc/environment
LANG=en_US.utf-8
LC_ALL=en_US.utf-8
HVR_HOME=/usr/hvr/hvr_home
HVR_CONFIG=/usr/hvr/hvr_config
HVR_TMP=/usr/hvr/hvr_tmp
# LD_LIBRARY_PATH=/usr/hvr/hvr_home/lib  <<<=========== #

Root Cause

  • In most situations, LD_LIBRARY_PATH should not be set. It only needs to be set to assist in loading in libraries not known to ldconfig. Typically, this happens when third-party applications bundle libraries in with their product. For more information, refer How do I properly set the LD_LIBRARY_PATH environment variable?

Diagnostic Steps

  • Perform a ssh authentication.
[root@server ~]# ssh testuser@localhost
Password:
flatpak: symbol lookup error: /lib64/libk5crypto.so.3: undefined symbol: EVP_KDF_ctrl, version OPENSSL_1_1_1b
[testuser@server ~]$
  • When trying to perform switch user with sudo privilege, access fails with below message.
[testuser@server ~]$ sudo su -
su: cannot open session: Module is unknown
[testuser@server ~]$
  • From /var/log/secure below message is observed.
Mar 16 21:00:33 server su[4120794]: PAM unable to dlopen(/usr/lib64/security/pam_unix.so): /lib64/libk5crypto.so.3: undefined symbol: EVP_KDF_ctrl, version OPENSSL_1_1_1b
Mar 16 21:00:33 mserver su[4120794]: PAM adding faulty module: /usr/lib64/security/pam_unix.so
Mar 16 21:00:33 server su[4120797]: PAM unable to dlopen(/usr/lib64/security/pam_unix.so): /lib64/libk5crypto.so.3: undefined symbol: EVP_KDF_ctrl, version OPENSSL_1_1_1b
Mar 16 21:00:33 server su[4120797]: PAM adding faulty module: /usr/lib64/security/pam_unix.so

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.

Comments