Yak Shaving

I hate yak shaving [1].

I made a small fix to mod_blog [2], and when I went to update the copy on GitHub [3], it failed. All I got back was: “no kex alg.”

Ah, an error message from the Ken Thompson School of Error Messages [4].

Analyzing the tea leaves, it seems my version of openssl [5] was, shall we say, a bit older than 20 minutes? And something happened at GitHub to precipitate the change. What, I could not say (perhaps [6]?).

So, to get back to where I was a few days ago:

• 1. Download the latest version of openssl.
• 2. Run the configuration script, only to find out my version of Perl was too old.
• 3. Download latest version of Perl.
• 4. Configure Perl.
• 5. Attempt to make Perl.
• 6. Track down error message from compiling Perl.
• 7. Reconfigure Perl, this time to use C99 when compiling.
• 8. Attempt to make Perl. Success!
• 9. Hmm … make tests? Sure, why not?
• 10. Wait a bazillion hours while the tests run.
• 11. See that five tests out of 3000+ failed.
• 12. Figure that's close enough for government work, and install Perl anyway.
• 13. Reconfigure openssl.
• 14. Make openssl.
• 15. Install openssl.
• 16. Recompile a program I wrote that uses openssl.
• 17. Get confused as to why it's not linking to openssl yet it still works.
• 18. Find several previous attempts to install openssl and decide to remove them.
• 19. Then suddenly realize that I was too hasty and that bind [7] will no longer start.
• 20. Add recompile of bind to list of taks I need to do.
• 21. Figure out my program is being statically linked to a previous version of openssl.
• 22. Put that problem aside. Download latest version of openssh [8].
• 23. Configure openssh, only to find it doesn't support the latest version of openssl.
• 24. Unisntall latest version of openssl.
• 25. Download latest previous version of openssl.
• 26. Configure latest previous version of openssl.
• 27. Make openssl.
• 28. Install openssl.
• 29. My program is still being statically compiled to older version of openssl.
• 30. Force the issue—it fails to link.
• 31. Realize that the latest previous version of openssl installed in /usr/local/ssl instead of /usr/local.
• 32. Reconfigure latest previous version of openssl to install in /usr/local.
• 33. Make openssl.
• 34. Install openssl.
• 35. Try linking my program again.
• 36. Find out that by default, openssl only generates a static library.
• 37. Reconfigure openssl to generate dynamic libraries.
• 38. Make openssl.
• 39. Install openssl.
• 40. Get my program to dynamically link to /usr/local/lib/libcrypto.so, although I'm still forcing that.
• 41. Configure openssh. This time it works.
• 42. Make openssh.
• 43. Install openssl.
• 44. Run ssh -T git@github.com. It works!
• 45. Carefully compare previous configuration for sshd to new version of sshd.
• 46. Carefully tweak new configuration of sshd.
• 47. Copy server keys so new configuration can see them.
• 48. Test new sshd. It works.
• 49. Update start up script to run new sshd.
• 50. Realize I have to recompile git to use the updated openssl.
• 51. Clean out previous object files in my local copy of git.
• 52. Make git.
• 53. Install git.
• 54. Done!
• 55. No, wait … there was something … what was it?
• 56. Oh, right! bind!
• 57. Clean out previous object files in my local copy of bind.
• 58. Make bind.
• 59. Stop current version of bind.
• 60. Install new bind.
• 61. Start up new version of bind.
• 62. Start breathing again when it works.
• 63. Decided to remove the old openssl static library; now programs will dynamically link to the latest previous version of openssl.
• 64. Done!

Now I can update my repository on Github!

I realize that I bring this upon myself by avoiding the whole “upgrade every 20 minutes” schtick, but I believe in the “if it ain't broke, don't fix it” mentality and that the computer is here for my needs, I'm not here for the computer's needs.

Besides, the last time I indiscriminately upgraded, it did not go well [9] …

[1] http://catb.org/jargon/html/Y/yak-shaving.html

[2] https://github.com/spc476/mod_blog

[3] https://github.com/

[4] http://mtchndrn.blogspot.com/2007/12/when-i-first-started-using-unix-when-i.html

[5] https://www.openssl.org/

[6] https://www.wired.com/story/github-ddos-memcached/

[7] https://www.isc.org/downloads/bind/

[8] https://www.openssh.com/

[9] /boston/2015/10/05.1

Gemini Mention this post

Contact the author