OpenSSL version unavailable for python2

Just removing Python2 isn’t a solution for this issue as many things still depend on it, such as Gimp plugins. Luckily I was able to remove standard Gimp package and reinstall it with plugins as Flat packages.

I’m unable to install Python2 from AUR even with correct OpenSSL version installed:

[leonardo@leo-82kv ~]$ pacman -Q openssl
openssl 1.1.1.q-1

This looks to be a Manjaro-specific issue because python2 depends on package named openssl-1.1 which only exists on Arch.

1 Like

The comments under aur python2 confirm this problem.

https://aur.archlinux.org/packages/python2

Considering python2 is still used in a lot packages, the manjaro team maybe need to fix this package name problem about openssl?

How many times does it need to be said that AUR isn’t supported officially? That it might break if you are not on arch?

No, it’s not. There is not a single package in any repo that depends on it.

What about if you learn yourself how to do that if you are using AUR?

1 Like

No, I don’t use AUR. My python2 package is left from the old system updates. That’s fine until I found the same problem in this thread in a recent pacman update. What should I do except removing python2 package…


3 Likes

In theory python2 installation should not fail when ssl 1.1 is present, as is the case on my system:

OpenSSL 1.1.1q 5 Jul 2022
OPENSSLDIR: “/etc/ssl”
ENGINESDIR: “/usr/lib/engines-1.1”

Anyhow, a workaround has been posted on the AUR

https://aur.archlinux.org/packages/python2#comment-888662

Basically, it tells build file to look for ‘openssl’ instead of ‘openssl-1.1’. Could probably be solved by symlinking instead?

Well, you are using AUR if you have python2 installed.

Look, it’s your job to figure that out. Nobody forced you to use arch-based distro. So if you want to use it, then learn how to maintain it. This is not windows, you have to know and do some stuff yourself.

All you need is already written in wikis and other documentation. So I don’t understand why would it need to be repeated to individuals on this forum each and every week ad nauseam.

2 weeks ago it was ceph-lib, week after python2, now there will be 20 people asking about openssl - every 8 hours there will be another topic.

Can anyone search and read anything by themselves anymore?

This is so stupid my head hurts (note that people don’t actually read AUR comments anyway). A “workaround” is DON’T REBUILD PYTHON2!

3 Likes

And this comes from Arch, not Manjaro.

I have successfully built the latest version of python2 in the AUR.

Congratulations. You took new PKGBUILD and reversed all the changes back to old one, and then built that again. :rofl:

incorrect, there was an extra patch
https://aur.archlinux.org/cgit/aur.git/commit/?h=python2&id=4daf9a168386c65a58a7cbf1b51ea955fad22414

Where do you see an extra patch? Please… look at PKGBUILD which patches are applied. And then download gentoo’s p15 and p16 patch revisions and compare those patches.

indeed, in p16 there is patch 0036 not present in p15

And where is it applied?

  patch -p1 -i ../0001-bpo-39017-Avoid-infinite-loop-in-the-tarfile-module-.patch #CVE-2019-20907
  patch -p1 -i ../0002-bpo-39503-CVE-2020-8492-Fix-AbstractBasicAuthHandler.patch #CVE-2020-8492
  patch -p1 -i ../0003-bpo-39603-Prevent-header-injection-in-http-methods-G.patch #CVE-2020-26116
  patch -p1 -i ../0004-bpo-42051-Reject-XML-entity-declarations-in-plist-fi.patch
  patch -p1 -i ../0005-bpo-41944-No-longer-call-eval-on-content-received-vi.patch #CVE-2020-27619
  patch -p1 -i ../0006-bpo-40791-Make-compare_digest-more-constant-time.-GH.patch
  patch -p1 -i ../0007-3.6-closes-bpo-42938-Replace-snprintf-with-Python-un.patch #CVE-2021-3177
  patch -p1 -i ../0008-3.6-bpo-42967-only-use-as-a-query-string-separator-G.patch #CVE-2021-23336
  patch -p1 -i ../0009-py2-ize-the-CJK-codec-test.patch
  patch -p1 -i ../0017-bpo-46811-Make-test-suite-support-Expat-2.4.5-GH-314.patch

…guess it has to be somewhere between lines…

I installed python2-bin from the AUR as a workaround and in my case it worked

1 Like

Openssl-1.1 is in testing, so it will be available soon.

3 Likes

Thank you for your useful information.

1 Like
:: Searching AUR for updates...
 -> Missing AUR Packages:  libopenaptx  manga-cli-git  manjaro-firmware  vertex-maia-themes
 -> Orphaned AUR Packages:  electron12  electron16  python2-asn1crypto  python2-cffi  python2-cryptography  python2-idna  python2-ipaddress  python2-ply  python2-pycparser
 -> Flagged Out Of Date AUR Packages:  electron12  python2-asn1crypto  python2-cffi  qt5-styleplugins  weasis-bin
:: 5 Packages to upgrade.
5  aur/azote       1.9.6-1  -> 1.9.7-1
4  aur/bauh        0.10.3-1 -> 0.10.4-1
3  aur/electron16  16.2.8-1 -> 16.2.8-2
2  aur/python2     2.7.18-7 -> 2.7.18-8
1  aur/zoom        5.12.2-1 -> 5.12.6-1
==> Packages to exclude: (eg: "1 2 3", "1-3", "^4" or repo name)
==> 
 -> Could not find all required packages:
	openssl-1.1 (Wanted by: python2)

I got this when updating with yay
I thought asking here would be better than starting a new.


Moderator edit: In the future, please use proper formatting: [HowTo] Post command output and file content as formatted text

Yes, you get a bonus point for that. :stuck_out_tongue:

Either ignore python2 or remove it with all the other junk you have installed.

Your usecase perhaps but python2 went out of service almost 2 years ago - there is no updated systems which uses python2 anymore (that is - unless customised - but then you know all about it)

Python2 is out of service - deprecated - as in sunsetted - no more maintenance unless custom build - but then you know all about it.

That depends on your branch - if you are on stable - you are using 1.0 - testing and unstable has 1.1

https://packages.manjaro.org/?query=openssl-1

This emphasise that using custom build packages - like python2 - requires a system closer to Arch.