Last active
December 26, 2022 15:49
-
-
Save iTrooz/251d085c5fb2d852533c37edcd5f3d08 to your computer and use it in GitHub Desktop.
PoC partial upgrade ArchLinux Dockerfile
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # https://gist.github.com/iTrooz/251d085c5fb2d852533c37edcd5f3d08 | |
| # PoC a ArchLinux partial upgrade and its damage | |
| # Working as of 2022/12/26, might not work on the future due to ArchLinux repositories changes | |
| # Image from 2022/06/26 | |
| FROM archlinux:base-devel-20220626.0.64095 | |
| # Try to upgrade all packages, but then cancel | |
| # this also works by running `pacman -Sy` | |
| RUN echo "n" | pacman -Syu || true | |
| # Explanation : we just updated the package database without upgrading packages. You shouldn't | |
| # do this unless you know what you are doing | |
| # simulate we install a package that depend on openssl>=3 | |
| # (ArchLinux bumped openssl from 1.1 to 3 somewhere in 2022/07 ) | |
| RUN yes | pacman -S "openssl>=3" | |
| # Explanation : this force openssl to update to the latest version (would also work without '>=3' | |
| # but this is how a dependent package would force upgrade to openssl 3) | |
| # but pacman, being not updated, is still linked to openssl 1.1 | |
| # Try to run pacman | |
| CMD ["pacman", "--help"] | |
| # Explanation : pacman is still linked to openssl 1.1 but we just updated it to openssl 3. | |
| # Thereforce, the old libraries are not here anymore, and pacman fails with something like : | |
| # pacman: error while loading shared libraries: libcrypto.so.1.1: cannot open shared object file: No such file or directory | |
| # (libcrypto.so is provided by openssl) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment