1

I have been upgrading OpenSSH and OpenSSL and I have accidentally deleted the file /usr/lib/libcrypt.a and now most features in AIX just doesn't work. Is back-up/restore the only way to recover from this?

Candy Ho
  • 11
  • 2
  • Can you check if libcrypt.a is in another directory? Maybe /usr/lib64? or /usr/local/lib? Then you might need to re-create the soft link. Also check the output of `ldd /usr/bin/openssl` which should tell you about what is missing or not found. – Tux_DEV_NULL Jul 29 '19 at 10:12
  • I did an upgrade of the the `glibc` library, expecting the newer version to be in _/opt/freeware/lib_ but it's not in there either. – Candy Ho Jul 30 '19 at 02:47
  • 1
    That file is part of the `bos.rte.security` package, so if you can manually download the appropriate level, you could potentially `installp` it with `OVERWRITE same or newer versions` set to `yes`. Haven't had to do that, so just a suggestion at this point. – Jeff Schaller Jul 31 '19 at 17:13
  • 1
    Some files in /usr/lib are just symlinks to /usr/ccs/lib, so if you are lucky, it was only a symlink what you deleted. Otherwise you have to restore it from the backup. (Note: this `libcrypt` file is not related to `libcrypto` from openssl.) – Lorinczy Zsigmond Aug 11 '19 at 18:56

3 Answers3

0

Choose from:

Consider third party binary packages (rpm or installp format) for software not shipped with AIX. More reproducible than if you build from source, and easier to manage. Some can be installed in parallel to the OS packages.

John Mahowald
  • 32,050
  • 2
  • 19
  • 34
  • Thanks for the suggestion but the missing libcrypt.a is a much lower level module than the libcrypto.a module, which I have also accidentally removed in an earlier event... – Candy Ho Jul 30 '19 at 02:50
  • Edit your question to include this new lost file. Although, doesn't change the recovery. If copying in working libraries (via nfs, ftp...) doesn't work, mksysb backups can restore entirely broken operating systems, via NIM if necessary. – John Mahowald Jul 30 '19 at 15:36
0

The final solution was to do a system restore from backup as all users were practically locked out of the system...

Anyhow, I must reiterate libcrypt.a is NOT libcrypto.a. An accident with the former file means a full system restore. The other is merely an annoyance.

Candy Ho
  • 11
  • 2
0

If you have session still open but commands do not work, i.e. have errors like

bash-4.4# ls
Could not load program ls:
Could not load module /usr/lib/libc.a(shr_64.o).
        Dependent module libcrypt.a(shr_64.o) could not be loaded.
Could not load module libcrypt.a(shr_64.o).
System error: No such file or directory
Could not load module ls.
        Dependent module /usr/lib/libc.a(shr_64.o) could not be loaded.
Could not load module .

Then you may try to restore it with echo bash built in, for example:

echo -n -e '\x3c\x62\x69\x67\x61\x66\x3e\x0a\x31\x30\x33\x33\x30\x20\x20\x20\x20\x20\x20\x20' > /usr/lib/libcrypt.a
echo -n -e '\x20\x20\x20\x20\x20\x20\x20\x20\x31\x30\x35\x32\x30\x20\x20\x20\x20\x20\x20\x20' >> /usr/lib/libcrypt.a
...

To generate such echo file you may use following c program (on other system where you can get a copy from libcrypt.a):

#include <stdio.h>

int main(int argc, char** argv)
{

    int c; // a single byte buffer

    FILE* fp = fopen("./libcrypt.a", "rb"); // open the file in 'read' mode

    int i;

    while (!feof(fp)) { // while not end of file

        printf("echo -n -e '");
        for (i = 0; i < 20; i++) {
            c = fgetc(fp); // get a character/byte from the file
            if (!feof(fp)) {
                printf("\\x%02x", c); // and show it in hex format
            }
        }
        printf("' >> /usr/lib/libcrypt.a\n"); // and show it in hex format
    }
    fclose(fp); // close the file
}
Madars Vi
  • 101
  • 2