openssl broken in 4.0.8-2/latest for arm64 - no workaround possible

[ballerburg9005]

I downloaded the image from Dockerhub and ran it like instructed.

yunohost tools postinstall

will break due to command:

openssl ca -config /etc/yunohost/certs//test.com-history/20210114.172526-selfsigned/openssl.cnf -days 3650 -in /usr/share/yunohost/yunohost-config/ssl/yunoCA/certs/yunohost_csr.pem -out /etc/yunohost/certs//test.com-history/20210114.172526-selfsigned/crt.pem -batch

Error:

unable to rename /usr/share/yunohost/yunohost-config/ssl/yunoCA/serial to /usr/share/yunohost/yunohost-config/ssl/yunoCA/serial.old
reason: Invalid argument

This error is generated directly by openssl1.1.1d by the rename() function in its C code. It literally fails to rename the file for no reason. All file permissions are of course proper, including extra lsattr attributes. I didn't do anything extra either that could provoke this. No Selinux.

I guess this could maybe be some sort of obscure bug with arm64 running armhf in combination with this specific version or distribution. Maybe it can be fixed by switching to different versions?

[ballerburg9005]

I tried to run the image from my x86_64 PC with arm/v7 emulation and it ends up segfaulting programs inside docker during and after postinstall. I can run other armhf images just fine.

This is really strange, maybe there is something wrong with the compile flags?

[ballerburg9005]

Btw. you can do multi-arch builds with Docker, like I have described here:

http://ballerburg.us.to/index.php/howto-multi-architecture-builds-in-docker/

[ballerburg9005]

I did build the package myself from the Dockerfile for arm64 and it produces the same error. I also tried debian:latest with the same result. The x86_64 image on the other hand does not produce the error.