[ntp:questions] Recompiling ntp with FIPS openssl

Dave Hart davehart at gmail.com
Mon Dec 14 15:44:54 UTC 2009


On Thu, Dec 10, 2009 at 17:26 UTC, Gellatly, Anna wrote:
> I have compiled and installed the fips compliant openssl to
> /tmp/openssl.
[...]
> configure -with-openssl-libdir=/tmp/openssl/usr/local/ssl/fips/lib
> -with-openssl-incdir=/tmp/openssl/usr/local/ssl/fips/include/openssl
>
> make
> make intsll prefix=/tmp/ntp
>
> I have packaged what was placed in /tmp/ntp and installed it on a system
> with the fips compliant openssl installed
>
> When I launch ntpd with the following command line
>
> /usr/sbin/ntpd -c /etc/ntp.conf.vmware -u ntp:ntp -p /var/run/ntpd.pid
>
> The ntpd.pid file is created but the process does not launch (the pid in
> the .pid file does not exist when running ps -ef | grep ntp).

Presumably the resulting ntpd binary has a reference to a
libcrypto*.so.  I'm betting that reference is to
/tmp/openssl/.../libcrypto*.so, and that file is not present in that
location on the target system.

Cheers,
Dave Hart



More information about the questions mailing list