CONTENTS


Lastmodified 2024-07-29 (月) 09:29:44


py39-cryptography

2023/09/07現在、py39-cryptographyは、3.4.8_1,1 ではなく、

py39-cryptography-3.4.8_1,1        <   needs updating (index has 41.0.3,1)

でないと、py39-certbot で、エラーとなる。ので、入れ換えるべく

pkg upgrade  py39-cryptography-3.4.8_1,1

するも、

Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
Checking integrity... done (0 conflicting)
Your packages are up to date.

と言われてアップグレードできない。

さらに悪いことは重なるもので、ports の security/py-cryptgraphy は、コンパイルエラーがでてパッケージが生成できない。

===>   Cargo config:
[source.cargo]
directory = '/usr/ports/devel/cargo-c/work/cargo-c-0.9.15+cargo-0.67/cargo-crates'
[source.crates-io]
replace-with = 'cargo'
===>   Updating Cargo.lock
*** Signal 11

といったエラー。検索しても今のところ解決策は闇

最新バージョンは、

# pkg version -n py39-cryptography -v
py39-cryptography-3.4.8_1,1        <   needs updating (index has 41.0.3,1)

だが、pkg upgrade -f してもバージョンはそのまま・・・

依存関係のpkgを全部入れ換えないと駄目なんだろうか?

# pkg delete py39-cryptography-3.4.8_1,1
Checking integrity... done (0 conflicting)
Deinstallation has been requested for the following 11 packages (of 0 packages in the universe):

Installed packages to be REMOVED:
        py39-acme: 2.6.0,1
        py39-aioquic: 0.9.21
        py39-certbot: 2.6.0,1
        py39-cryptography: 3.4.8_1,1
        py39-dnspython: 2.4.2,1
        py39-josepy: 1.13.0
        py39-openssl: 23.2.0,1
        py39-recommonmark: 0.5.0_2
        py39-requests: 2.31.0
        py39-sphinx: 5.3.0_1,1
        py39-urllib3: 1.26.16,1

Number of packages to be removed: 11

The operation will free 28 MiB.

Proceed with deinstalling packages? [y/N]:

別マシーンのパッケージを移植する

目的のパッケージは、

/usr/local/lib/python3.9/site-packages/cryptography

/usr/local/lib/python3.9/site-packages/cryptography-41.0.3.dist-info

/usr/local/share/licenses/py39-cryptography-41.0.3,1

のディレクトリに保存されている模様なので、これらをtarでまとめて、移植してみたところ、

certbot renew --dry-run

で、動作確認がとれ、無事、サイト証明書の発行ができました。やれやれ


一基 certbot が、Sig 11 で落ちる機体がある。これを何とかしたい。正常動作している機体からファイルの移植で正常動作させル事を試みる。

locate certbot

/usr/local/bin/certbot
/usr/local/bin/certbot-3.9
/usr/local/lib/python3.9/site-packages/certbot
/usr/local/share/licenses/py39-certbot-2.11.0,1
# certbot renew --dry-run
Traceback (most recent call last):
 File "/usr/local/bin/certbot", line 5, in <module>
   from certbot.main import main
 File "/usr/local/lib/python3.9/site-packages/certbot/main.py", line 6, in <module>
   from certbot._internal import main as internal_main
 File "/usr/local/lib/python3.9/site-packages/certbot/_internal/main.py", line 24, in <module>
   from acme import client as acme_client
ImportError: cannot import name 'client' from 'acme' (unknown location)

acme_client

/usr/local/lib/python3.9/site-packages/acme
/usr/local/lib/python3.9/site-packages/acme-2.11.0.dist-info/
/usr/local/share/licenses/py39-acme-2.11.0,1

certbot 正常動作のマシンから 上記ファイル群をインストールしたところ、

# certbot renew --dry-run
An unexpected error occurred:
KeyError: 'manual'
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /tmp/certbot-log-pfi5j5o8/log or re-run Certbot with -v for more details.

のようなエラー。エラーログファイルは、

2024-07-22 16:47:11,711:DEBUG:certbot._internal.main:certbot version: 2.11.0
2024-07-22 16:47:11,711:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/local/bin/certbot
2024-07-22 16:47:11,711:DEBUG:certbot._internal.main:Arguments: ['--pre-hook', '/usr/local/etc/rc.d/apache24 stop', '--post-hook', '/usr/local/etc/rc.d/apache24 start']
2024-07-22 16:47:11,712:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry()
2024-07-22 16:47:11,719:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
  File "/usr/local/bin/certbot", line 8, in <module>
    sys.exit(main())
  File "/usr/local/lib/python3.9/site-packages/certbot/main.py", line 19, in main
    return internal_main.main(cli_args)
  File "/usr/local/lib/python3.9/site-packages/certbot/_internal/main.py", line 1877, in main
    config = cli.prepare_and_parse_args(plugins, cli_args)
  File "/usr/local/lib/python3.9/site-packages/certbot/_internal/cli/__init__.py", line 370, in prepare_and_parse_args
    helpful.add(
  File "/usr/local/lib/python3.9/site-packages/certbot/_internal/cli/helpful.py", line 418, in add
    self.actions.append(self._add(topics, *args, **kwargs))
  File "/usr/local/lib/python3.9/site-packages/certbot/_internal/cli/helpful.py", line 441, in _add
    if not isinstance(topic, bool) and self.visible_topics[topic]:
KeyError: 'manual'
2024-07-22 16:47:11,719:ERROR:certbot._internal.log:An unexpected error occurred:
2024-07-22 16:47:11,720:ERROR:certbot._internal.log:KeyError: 'manual'

正常終了したportupgrade -r --batch py39-certbot-2.9.0,1

[Reading data from pkg(8) ... - 526 packages found - done]
--->  Installing the new version via the port
===>  Deinstalling for py39-certbot
===>   py39-certbot not installed, skipping
===>  Installing for py39-certbot-2.11.0,1
===>  Checking if py39-certbot is already installed
===>   Registering installation for py39-certbot-2.11.0,1
Installing py39-certbot-2.11.0,1...
This port installs the "standalone" client only, which does not use and
is not the certbot-auto bootstrap/wrapper script.

The simplest form of usage to obtain certificates is:

 # sudo certbot certonly --standalone -d <domain>, [domain2, ... domainN]>

NOTE:

The client requires the ability to bind on TCP port 80 or 443 (depending
on the --preferred-challenges option used). If a server is running on that
port, it will need to be temporarily stopped so that the standalone server
can listen on that port to complete the challenge authentication process.

For more information on the 'standalone' mode, see:

  https://certbot.eff.org/docs/using.html#standalone

The certbot plugins to support apache and nginx certificate installation
will be made available in the following ports:

 * Apache plugin: security/py-certbot-apache
 * Nginx plugin: security/py-certbot-nginx

In order to automatically renew the certificates, add this line to
/etc/periodic.conf:

    weekly_certbot_enable="YES"

More config details in the certbot periodic script:

    /usr/local/etc/periodic/weekly/500.certbot-3.9

===>  Cleaning for py39-sphinx-5.3.0_3,1
===>  Cleaning for py39-sphinx_rtd_theme-1.0.0
===>  Cleaning for py39-repoze.sphinx.autointerface-0.8
===>  Cleaning for py39-certbot-2.11.0,1
--->  Cleaning out obsolete shared libraries

Total access 462:本日 1:昨日 0

Counter: 462, today: 1, yesterday: 0

トップ   新規 一覧 検索 最終更新   ヘルプ   最終更新のRSS