What's new

Scribe error='libssl.so.1.1: wrong ELF class: ELFCLASS32'

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

_me_myself_and_i_

Occasional Visitor
Code:
=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=


 Please select an option: s


      checking syslog-ng daemon ... alive.


 checking system for necessary scribe hooks ...


          checking S01syslog-ng ... present.
         checking service-event ... present.
            checking post-mount ... present.
               checking unmount ... present.
    checking logrotate cron job ... present.
       checking directory links ... present.


 checking syslog-ng configuration ...


   syslog-ng.conf version check ...Error opening plugin module; module='http', error='libssl.so.1.1: wrong ELF class: ELFCLASS32'
 in sync. (3.38)
    syslog-ng.conf syntax check ... okay!


          scribe installed version: v2.4_4 (master)
             scribe GitHub version: v2.4_4 (master)
                    scribe is up to date!


 Press [Enter] to continue:

Code:
ldd /usr/sbin/openssl
    libssl.so.1.1 => /usr/lib/libssl.so.1.1 (0xf75a7000)
    libcrypto.so.1.1 => /usr/lib/libcrypto.so.1.1 (0xf736f000)
    libdl.so.2 => /lib/libdl.so.2 (0xf735c000)
    libpthread.so.0 => /lib/libpthread.so.0 (0xf7333000)
    libc.so.6 => /lib/libc.so.6 (0xf71f2000)
    /lib/ld-linux.so.3 (0xf7623000)

file /usr/lib/libssl.so.1.1
/usr/lib/libssl.so.1.1: ELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, stripped

Is this a known bug? I have a RT-AX86U
 
Code:
=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=


 Please select an option: s


      checking syslog-ng daemon ... alive.


 checking system for necessary scribe hooks ...


          checking S01syslog-ng ... present.
         checking service-event ... present.
            checking post-mount ... present.
               checking unmount ... present.
    checking logrotate cron job ... present.
       checking directory links ... present.


 checking syslog-ng configuration ...


   syslog-ng.conf version check ...Error opening plugin module; module='http', error='libssl.so.1.1: wrong ELF class: ELFCLASS32'
 in sync. (3.38)
    syslog-ng.conf syntax check ... okay!


          scribe installed version: v2.4_4 (master)
             scribe GitHub version: v2.4_4 (master)
                    scribe is up to date!


 Press [Enter] to continue:

Code:
ldd /usr/sbin/openssl
    libssl.so.1.1 => /usr/lib/libssl.so.1.1 (0xf75a7000)
    libcrypto.so.1.1 => /usr/lib/libcrypto.so.1.1 (0xf736f000)
    libdl.so.2 => /lib/libdl.so.2 (0xf735c000)
    libpthread.so.0 => /lib/libpthread.so.0 (0xf7333000)
    libc.so.6 => /lib/libc.so.6 (0xf71f2000)
    /lib/ld-linux.so.3 (0xf7623000)

file /usr/lib/libssl.so.1.1
/usr/lib/libssl.so.1.1: ELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, stripped

Is this a known bug? I have a RT-AX86U
I have the same error message following an Entware packages update this morning
 
Update: indeed it looks like an entware issue.

libssl.so.1.1 was replaced by libssl.so.3, and now syslog-ng is trying to load libssl.so.1.1 from /usr/lib rather than from entware/lib.
 
Last edited:
I restored entware from backup and all is well, again. I think Scribe (or syslog-ng package) will need to be updated to work with newer cyrpto libraries.
 
Generally, if you stop or kill any Entware-based services before running opkg upgrade then it has a decent chance of succeeding.
 
Oh, for a backup!

It looks like the entware update has also killed unbound - tried replacing S61unbound and rebooting (usually works) bot no joy
Also rebooting does not help scribe.

So, a some questions

(How) can I check what was updated in entware?

Is there a way to get the replaced versions?

or do I just reconfigure (remove unbound and scribe) until new versions are available?
 
I reinstalled scribe and now it complains on unabling to load a module:

syslog-ng.conf version check ...Error opening plugin module; module='http', error='libssl.so.1.1: wrong ELF class: ELFCLASS32'

Has anybody found a solution except restoring from backup? (I don't like rolling back to the previous version of libopenssl)
 
Oh, for a backup!

It looks like the entware update has also killed unbound - tried replacing S61unbound and rebooting (usually works) bot no joy
Also rebooting does not help scribe.

So, a some questions

(How) can I check what was updated in entware?

Is there a way to get the replaced versions?

or do I just reconfigure (remove unbound and scribe) until new versions are available?
After restoring my backup I can see what was upgraded this morning:

Code:
- terminfo               6.3-1a      -> 6.4-1
- column                 2.38-2    -> 2.38.1-1
- zoneinfo-europe        2022f-1   -> 2022g-1
- bash                   5.1.16-1  -> 5.2.15-1
- liblzma                5.2.7-1   -> 5.4.1-1
- unbound-checkconf      1.17.0-1  -> 1.17.1-1
- libcap                 2.66-2     -> 2.67-1
- krb5-libs              1.19.3-1  -> 1.20.1-1
- unbound-daemon         1.17.0-1  -> 1.17.1-1
- libnghttp2             1.44.0-1  -> 1.51.0-1
- wireshark              3.6.9-1   -> 3.6.11-1
- zoneinfo-asia          2022f-1   -> 2022g-1
- sbc                    1.5-1       -> 2.0-1
- libxml2                2.10.3-1a -> 2.10.3-2
- libcomerr              1.46.5-1  -> 1.47.0-1
- unbound-control        1.17.0-1  -> 1.17.1-1
- tcpdump                4.99.1-1  -> 4.99.3-1
- libpython3             3.10.7-1  -> 3.10.7-3
- libunbound             1.17.0-1  -> 1.17.1-1
- zoneinfo-northamerica  2022f-1   -> 2022g-1
- libuuid                2.38-2    -> 2.38.1-1
- libsmartcols           2.38-2    -> 2.38.1-1
- libtiff                4.4.0-1   -> 4.4.0-2
- bind-libs              9.18.7-1  -> 9.18.11-3
- libss                  1.46.5-1  -> 1.47.0-1
- libncurses             6.3-1a      -> 6.4-1
- libpcap                1.10.1-1  -> 1.10.3-1
- libopenssl-conf        1.1.1s-1  -> 3.0.8-2
- libncursesw            6.3-1a      -> 6.4-1
- bind-dig               9.18.7-1  -> 9.18.11-3
- unbound-anchor         1.17.0-1  -> 1.17.1-1
- libtirpc               1.3.2-1a  -> 1.3.3-1
- libopenssl             1.1.1s-1  -> 3.0.8-2

Archive of my entware backup if useful for anyone: entware.tgz
 
Last edited:
Oh, for a backup!

It looks like the entware update has also killed unbound - tried replacing S61unbound and rebooting (usually works) bot no joy
Also rebooting does not help scribe.

So, a some questions

(How) can I check what was updated in entware?

Is there a way to get the replaced versions?

or do I just reconfigure (remove unbound and scribe) until new versions are available?
In my case I have stopped unbound (was previously recommended in this forum) prior to update Entware but did not expect scribe to be also impacted if not stopped before proceeding...
 
Update on unbound - it seems to be okay once I changed the logs from scribe back to the default
 
After restoring my backup I can see what was upgraded this morning:

Code:
- terminfo               6.3-1a      -> 6.4-1
- column                 2.38-2    -> 2.38.1-1
- zoneinfo-europe        2022f-1   -> 2022g-1
- bash                   5.1.16-1  -> 5.2.15-1
- liblzma                5.2.7-1   -> 5.4.1-1
- unbound-checkconf      1.17.0-1  -> 1.17.1-1
- libcap                 2.66-2     -> 2.67-1
- krb5-libs              1.19.3-1  -> 1.20.1-1
- unbound-daemon         1.17.0-1  -> 1.17.1-1
- libnghttp2             1.44.0-1  -> 1.51.0-1
- wireshark              3.6.9-1   -> 3.6.11-1
- zoneinfo-asia          2022f-1   -> 2022g-1
- sbc                    1.5-1       -> 2.0-1
- libxml2                2.10.3-1a -> 2.10.3-2
- libcomerr              1.46.5-1  -> 1.47.0-1
- unbound-control        1.17.0-1  -> 1.17.1-1
- tcpdump                4.99.1-1  -> 4.99.3-1
- libpython3             3.10.7-1  -> 3.10.7-3
- libunbound             1.17.0-1  -> 1.17.1-1
- zoneinfo-northamerica  2022f-1   -> 2022g-1
- libuuid                2.38-2    -> 2.38.1-1
- libsmartcols           2.38-2    -> 2.38.1-1
- libtiff                4.4.0-1   -> 4.4.0-2
- bind-libs              9.18.7-1  -> 9.18.11-3
- libss                  1.46.5-1  -> 1.47.0-1
- libncurses             6.3-1a      -> 6.4-1
- libpcap                1.10.1-1  -> 1.10.3-1
- libopenssl-conf        1.1.1s-1  -> 3.0.8-2
- libncursesw            6.3-1a      -> 6.4-1
- bind-dig               9.18.7-1  -> 9.18.11-3
- unbound-anchor         1.17.0-1  -> 1.17.1-1
- libtirpc               1.3.2-1a  -> 1.3.3-1
- libopenssl             1.1.1s-1  -> 3.0.8-2

Archive of my entware backup if useful for anyone: entware.tgz
My list via AMTM - ep is much shorter from version 3.4

AC5300
ep manage Entware packages -> upd avail
- terminfo 6.3-1a -> 6.4-1
- zoneinfo-europe 2022f-1 -> 2022g-1
- libcap 2.66-2 -> 2.67-1
- libnghttp2 1.44.0-1 -> 1.51.0-1
- libgd 2.3.2-5 -> 2.3.3-1
- zoneinfo-asia 2022f-1 -> 2022g-1
- libwebp 1.2.4-1 -> 1.3.0-1
- libuuid 2.38-2 -> 2.38.1-1
- bind-libs 9.18.7-1 -> 9.18.11-3
- libncurses 6.3-1a -> 6.4-1
- libncursesw 6.3-1a -> 6.4-1
- bind-dig 9.18.7-1 -> 9.18.11-3
- libopenssl 1.1.1s-1 -> 3.0.8-2

AX88
ep manage Entware packages -> upd avail
- terminfo 6.3-1a -> 6.4-1
- column 2.38-2 -> 2.38.1-1
- zoneinfo-europe 2022f-1 -> 2022g-1
- libcap 2.66-2 -> 2.67-1
- libnghttp2 1.44.0-1 -> 1.51.0-1
- libgd 2.3.2-5 -> 2.3.3-1
- zoneinfo-asia 2022f-1 -> 2022g-1
- libwebp 1.2.4-1 -> 1.3.0-1
- libuuid 2.38-2 -> 2.38.1-1
- libsmartcols 2.38-2 -> 2.38.1-1
- bind-libs 9.18.7-1 -> 9.18.11-3
- libncurses 6.3-1a -> 6.4-1
- libpcap 1.10.1-1 -> 1.10.3-1
- libncursesw 6.3-1a -> 6.4-1
- htop 3.2.1-1 -> 3.2.2-1
- bind-dig 9.18.7-1 -> 9.18.11-3
- libopenssl 1.1.1s-1 -> 3.0.8-2
 
Last edited:
My list via AMTM - ep is much shorter from version 3.4

AC5300
ep manage Entware packages -> upd avail
- terminfo 6.3-1a -> 6.4-1
- zoneinfo-europe 2022f-1 -> 2022g-1
- libcap 2.66-2 -> 2.67-1
- libnghttp2 1.44.0-1 -> 1.51.0-1
- libgd 2.3.2-5 -> 2.3.3-1
- zoneinfo-asia 2022f-1 -> 2022g-1
- libwebp 1.2.4-1 -> 1.3.0-1
- libuuid 2.38-2 -> 2.38.1-1
- bind-libs 9.18.7-1 -> 9.18.11-3
- libncurses 6.3-1a -> 6.4-1
- libncursesw 6.3-1a -> 6.4-1
- bind-dig 9.18.7-1 -> 9.18.11-3
- libopenssl 1.1.1s-1 -> 3.0.8-2

AX88
ep manage Entware packages -> upd avail
- terminfo 6.3-1a -> 6.4-1
- column 2.38-2 -> 2.38.1-1
- zoneinfo-europe 2022f-1 -> 2022g-1
- libcap 2.66-2 -> 2.67-1
- libnghttp2 1.44.0-1 -> 1.51.0-1
- libgd 2.3.2-5 -> 2.3.3-1
- zoneinfo-asia 2022f-1 -> 2022g-1
- libwebp 1.2.4-1 -> 1.3.0-1
- libuuid 2.38-2 -> 2.38.1-1
- libsmartcols 2.38-2 -> 2.38.1-1
- bind-libs 9.18.7-1 -> 9.18.11-3
- libncurses 6.3-1a -> 6.4-1
- libpcap 1.10.1-1 -> 1.10.3-1
- libncursesw 6.3-1a -> 6.4-1
- htop 3.2.1-1 -> 3.2.2-1
- bind-dig 9.18.7-1 -> 9.18.11-3
- libopenssl 1.1.1s-1 -> 3.0.8-2
Well, it all depends on what you’ve installed.
 
Generally, if you stop or kill any Entware-based services before running opkg upgrade then it has a decent chance of succeeding.
Yes, I agree with @dave14305 and it's a best practice to have in general, particularly if you have several Entware services running continuously on the router and not just utilities that are executed manually and on demand.

The following is a simple function and associated alias that I always use when upgrading Entware packages (I don't use AMTM for that).
Bash:
_UpgradeEntware_()
{
    EntwOPT_opkg="/opt/bin/opkg"
    EntwOPT_init="/opt/etc/init.d/rc.unslung"
    if [ ! -x "$EntwOPT_opkg" ] || [ ! -x "$EntwOPT_init" ]
    then echo "Entware *NOT* found. Nothing to do." ; return 1 ; fi

    echo "Stopping Entware services... Please wait."
    $EntwOPT_init stop ; sleep 3 ; echo
    echo
    $EntwOPT_opkg update ; $EntwOPT_opkg upgrade
    echo
    echo "Starting Entware services... Please wait."
    $EntwOPT_init start ; sleep 3 ; echo
    echo "Done."
}
alias ewupgrade='_UpgradeEntware_'
It's all included in my "/jffs/configs/profile.add" file so I can easily run it by simply typing from an SSH terminal window:
Bash:
ewupgrade

Just my 2 cents.
 
Last edited:
Which add-ons are impacted? (Scribe, Unbound—any others?)

And if we’re not using those, are we good to update or?…
 
While I can't comment on other add-ons, I was using diversion-lite, [no-pixelserve], skynet, scribe, uiscribe, unbound, CakeQOS, scMerlin, ntpMerlin [chrony], WireGuard Manager.
Following the update it seemed that both Scribe and Unbound were no longer working, however that was probably due to Unbound being set to use Scribe. Once I removed that link and restarted Unbound it has been fine. All the other services seem fine with the updated entware, in particular the new version of libopenssl.

[I think that] the real issue here is that Scribe needs to be updated so that it can used the updated SSL libraries.
 
Last edited:
Similar threads
Thread starter Title Forum Replies Date
N Wireguard Wrong client Status Asuswrt-Merlin AddOns 2

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Staff online

Top