Unable to install shibboleth.x86_64 on AWS EC2 instance

Ron Harris neo204011 at gmail.com
Sat Sep 8 23:33:01 EDT 2018 

Hi Nate,

Thank you very much for looking into this issue and updating the page.
I will try to rerun the commands on a new EC2 Instance. It was a bit
problem to tell my colleagues that I cannot install it again :).

After lot of looking around, I was able to find a quick solution.
Installing it from repo.
sudo wget
http://download.opensuse.org/repositories/security://shibboleth/RHEL_6/security:shibboleth.repo
-O /etc/yum.repos.d/shibboleth.repo
sudo yum -y install shibboleth.x86_64

In my AWS release it was written  like "Rhel_Fedora", so I tried with the
above repo.
Shibboleth was installed with these two steps only. But right now facing
couple of other issues.

Last query, If I have to uninstall Shibboleth, then below command should be
enough.
sudo yum remove shibboleth.x86_64

Thanks




On Sun, Sep 9, 2018 at 5:48 AM Nate Klingenstein <ndk at sudonym.me> wrote:

> I think I have a successful build on Amazon Linux 2018-03 too(it was
> indeed just too small a VM).  I had to explicitly point out the newly built
> libcurl:
>
> export PKG_CONFIG_PATH=/opt/shibboleth/lib64/pkgconfig/
>
> which was bizarre and I'm not confident it was necessary although
> retesting the edited Wiki on a clean machine demonstrated it seemed to be,
> and the /etc/httpd configuration style is novel, so to actually load the
> newly built module, you'll need to copy or symlink the apache24.conf file
> that comes with Shibboleth:
>
> ln -s /etc/shibboleth/apache24.config /etc/httpd/conf.modules.d/shib.conf
>
> Amazon Linux 2 doesn't have as many irregularities.  Either way, the SRPM
> page of the Wiki has been heavily updated, and if you rerun the commands,
> noting the comments, it should overwrite the older versions it was pulling
> and include the additional things necessary for Shibboleth SP 3 to work on
> Amazon Linux 2018-03.
>
> https://wiki.shibboleth.net/confluence/display/SP3/SRPMBuild
>
> Hope this is helpful,
> Nate.
>
> On Sat, Sep 8, 2018 at 9:34 PM, Nate Klingenstein <ndk at sudonym.me> wrote:
>
>> Ron,
>>
>> Okay, I got it to build and load the module fine on Amazon Linux 2 and
>> you don't need any special apxs directives.  I've verified that shibd runs,
>> /Shibboleth.sso/Status reports OK, and I can auto-generate metadata.  You
>> will need to install libmemcached-devel too.  It's otherwise like a
>> standard SRPM build.
>>
>> I'll try on 2018-03 again now.  I suspect I just had too small a VM and
>> it was running out of memory during the build process.  I couldn't even run
>> top in parallel.  If it works, I'll update the Wiki page.
>>
>> Thanks,
>> Nate.
>>
>>
>> On Sat, Sep 8, 2018 at 7:35 PM, Nate Klingenstein <ndk at sudonym.me> wrote:
>>
>>> Ron,
>>>
>>> tl;dr: packaging is purgatory
>>>
>>> First, I'm not sure which Amazon Linux you're using.  With 2018-3, using
>>> the new releases, I was able to get to the point of building OpenSAML, but
>>> it failed to compile the SubjectConfirmation part of the SAML 2 assertion
>>> implementation.  With Amazon Linux 2, I'm getting rpmbuild using a
>>> different path(home directory instead of /usr/src/rpm) among other things.
>>>
>>> The example on the webpage is not actively maintained and it's pretty
>>> outdated, so you can't use it with a literal copy/paste.  It's also trying
>>> to pull older releases of many of the dependencies, including xmltooling
>>> and opensaml.  The spec file for the Shibboleth package is just the point
>>> where you are discovering that you built and installed versions that are
>>> too old.
>>>
>>> %if 0%{?rhel} >= 6 || 0%{?centos_version} >= 600 || 0%{?amzn} >= 1
>>> PreReq:         xmltooling-schemas%{?_isa} >= 3.0.0,
>>> opensaml-schemas%{?_isa} >= 3.0.0
>>> %else
>>>
>>> I'll spend some time playing around on Amazon Linux 2 today to see if I
>>> can get it to build, but it's going to take me awhile.  I'll respond again
>>> to this message later.  I may not be able to resolve it myself, but we'll
>>> see.
>>>
>>> Thanks,
>>> Nate.
>>>
>>>
>>> On Sat, Sep 8, 2018 at 6:46 AM, Ron Harris <neo204011 at gmail.com> wrote:
>>>
>>>> Thanks Nate for reply.
>>>>
>>>> I somewhat understood what was incorrect.
>>>> I followed the sets mentioned in example "Amazon Linux with Apache 2.4"
>>>>
>>>> when I run this command
>>>> "sudo rpmbuild --rebuild --without builtinapache -D 'shib_options
>>>> -with-apxs24=/usr/bin/apxs -with-apr1=/usr/bin/apr-1-config
>>>> -enable-apache-24' shibboleth*"
>>>>
>>>> I am getting below error:
>>>> RPM build errors:
>>>>     line 14: prereq is deprecated: PreReq:
>>>> xmltooling-schemas(x86-64) >= 3.0.0, opensaml-schemas(x86-64) >= 3.0.0
>>>>     Bad exit status from /var/tmp/rpm-tmp.IRbIyP (%build)
>>>>
>>>> Thanks
>>>>
>>>>
>>>> On Sat, Sep 8, 2018 at 12:28 AM Nate Klingenstein <ndk at sudonym.me>
>>>> wrote:
>>>>
>>>>> Ron,
>>>>>
>>>>> Your install command is trying to pull from the default pre-configured
>>>>> yum repos rather than installing the locally rebuilt RPM's.  Try
>>>>> localinstall with your RPM's instead as in the example shown on the page or
>>>>> using a Linux distribution that already has prebuilt RPM's in a repository
>>>>> you can add to /etc/yum.repos.d/.
>>>>>
>>>>> https://wiki.shibboleth.net/confluence/display/SP3/SRPMBuild
>>>>>
>>>>> Take care,
>>>>> Nate.
>>>>>
>>>>>
>>>>> On Fri, Sep 7, 2018 at 6:33 PM, Ron Harris <neo204011 at gmail.com>
>>>>> wrote:
>>>>>
>>>>>> Hi,
>>>>>>
>>>>>> I have previously configured Shibboleth on EC2 instance, but today
>>>>>> trying to install on new server, I am facing some issue.
>>>>>>
>>>>>> I am referring to the following link:
>>>>>> https://wiki.shibboleth.net/confluence/display/SP3/SRPMBuild
>>>>>>
>>>>>> When I run the command:
>>>>>> sudo yum install log4shib xerces-c xml-security-c curl-openssl
>>>>>> xmltooling opensaml shibboleth
>>>>>>
>>>>>> I am getting below message:
>>>>>>
>>>>>> Loaded plugins: priorities, update-motd, upgrade-helper
>>>>>> amzn-main
>>>>>>                                         amzn-updates
>>>>>>                                                                         No
>>>>>> package log4shib available.
>>>>>> No package xerces-c available.
>>>>>> No package xml-security-c available.
>>>>>> No package xmltooling available.
>>>>>> No package opensaml available.
>>>>>> No package shibboleth available.
>>>>>> Nothing to do
>>>>>>
>>>>>> Can you please help me understand what I maybe missing.
>>>>>>
>>>>>> Thanks
>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> For Consortium Member technical support, see
>>>>>> https://wiki.shibboleth.net/confluence/x/coFAAg
>>>>>> To unsubscribe from this list send an email to
>>>>>> users-unsubscribe at shibboleth.net
>>>>>>
>>>>>
>>>>> --
>>>>> For Consortium Member technical support, see
>>>>> https://wiki.shibboleth.net/confluence/x/coFAAg
>>>>> To unsubscribe from this list send an email to
>>>>> users-unsubscribe at shibboleth.net
>>>>
>>>>
>>>> --
>>>> For Consortium Member technical support, see
>>>> https://wiki.shibboleth.net/confluence/x/coFAAg
>>>> To unsubscribe from this list send an email to
>>>> users-unsubscribe at shibboleth.net
>>>>
>>>
>>>
>>
> --
> For Consortium Member technical support, see
> https://wiki.shibboleth.net/confluence/x/coFAAg
> To unsubscribe from this list send an email to
> users-unsubscribe at shibboleth.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20180909/d81c2a52/attachment.html>

More information about the users mailing list