Closed jborean93 closed 2 years ago
Have an M1, let me know if I can help debugging?
Thanks @franklouwers, I need to get back to this hopefully soon. The changes in here will build the library but more work is needed in the Install-WSMan
script to support this environment and fix some lingering issues.
@franklouwers I've done some very basic testing and the library loads on the latest pwsh preview running as arm64
. Feel free to try out the dev nupkg to validate it on your host.
I'm planning on pushing through one more change that adjusts how pwsh loads the library before cutting an actual release.
Hi @jborean93 , I just did a quick test but was unsuccessful:
# Tried to run the command normally.
Install-WSMan
Install-WSMan: Failed to select the necessary library, the host isn't macOS, Linux based on GLIBC or musl, or OpenSSL isn't installed
# Tried to step through the steps in the Function Get-OpenSSLInfo manually. It crashed pwsh:
$sslPaths =
@(
'libssl',
'libssl.dylib',
'libssl.1.1.dylib',
'libssl.10.dylib',
'libssl.1.0.0.dylib',
'libssl.3.dylib'
)
[PSWSMan.Native]::OpenSSL_version_num($sslPaths)
WARNING: /usr/local/bin/pwsh is loading libcrypto in an unsafe way
zsh: abort pwsh
Try doing Install-WSMan -Verbose
as that will give you more detailed info around how its trying to find OpenSSL.
Also went looking into the segmentation fault you received it somewhat makes sense if pwsh is trying to load things like libssl.dylib
. This will most likely be the one provided by Apple which has all sorts of limitations around it. When looking at the code anytime this function is called the $sslPaths
is just 1 path as retrieved by Get-MacOSOpenSSL
to avoid this from happening on the platform. Unfortunately in your case Get-MacOSOpenSSL
is most likely failing to find a usable library but the -Verbose
messages should help track it down a bit more.
Here's the verbose output. Initially I only had openssl@1 installed via homebrew so I also added openssl@3 but it still fails.
Install-WSMan -Verbose
VERBOSE: Attempting to get OpenSSL info with /opt/homebrew/bin/brew --prefix openssl
STDOUT: /opt/homebrew/opt/openssl@3
STDERR:
RC: 0
VERBOSE: Checking arch information for '/opt/homebrew/opt/openssl@3/lib/libcrypto.dylib' and '/opt/homebrew/opt/openssl@3/lib/libssl.dylib'
VERBOSE: Checking if 'x86_64' for '/opt/homebrew/opt/openssl@3/lib/libcrypto.dylib' is one of 'arm64'
VERBOSE: Attempting to get OpenSSL info with /opt/homebrew/bin/brew --prefix openssl@3
STDOUT: /opt/homebrew/opt/openssl@3
STDERR:
RC: 0
VERBOSE: Checking arch information for '/opt/homebrew/opt/openssl@3/lib/libcrypto.dylib' and '/opt/homebrew/opt/openssl@3/lib/libssl.dylib'
VERBOSE: Checking if 'x86_64' for '/opt/homebrew/opt/openssl@3/lib/libcrypto.dylib' is one of 'arm64'
VERBOSE: Attempting to get OpenSSL info with /opt/homebrew/bin/brew --prefix openssl@1.1
STDOUT: /opt/homebrew/opt/openssl@1.1
STDERR:
RC: 0
VERBOSE: Checking arch information for '/opt/homebrew/opt/openssl@1.1/lib/libcrypto.dylib' and '/opt/homebrew/opt/openssl@1.1/lib/libssl.dylib'
VERBOSE: Checking if 'x86_64' for '/opt/homebrew/opt/openssl@1.1/lib/libcrypto.dylib' is one of 'arm64'
VERBOSE: Failed to find brew at '/usr/local/bin/brew'
VERBOSE: Failed to find OpenSSL with homebrew, falling back to port
VERBOSE: Failed to find port at 'port'
VERBOSE: Failed to find port at '/opt/local/bin/port'
VERBOSE: Host Info:
In this case the below shows your error
VERBOSE: Checking if 'x86_64' for '/opt/homebrew/opt/openssl@3/lib/libcrypto.dylib' is one of 'arm64'
The OpenSSL lib installed by Homebrew is for arm64
but you are running the x86_64
pwsh
binary. You cannot cross architectures like this and is why PSWSMan
is skipping it. To solve this you need to do one of the following:
arm64
pwsh preview and not the x86_64
one, orx86_64
OpenSSL (or a universal one) so pwsh
of that architecture can pick it upAh, didn't realise pwsh-preview supported macOS arm64 yet. I've installed preview 7.20.
There's still an error message because there's nothing in omi/PSWSMan/lib/macOS-3
in the repository, but the symlinks are created afterwards.
And unfortunately trying to create a New-PSSession to a winrm endpoint afterwards I still get the error Enter-PSSession: This parameter set requires WSMan, and no supported WSMan client library was found. WSMan is either not installed or unavailable for this system.
VERBOSE: Attempting to get OpenSSL info with /opt/homebrew/bin/brew --prefix openssl
STDOUT: /opt/homebrew/opt/openssl@3
STDERR:
RC: 0
VERBOSE: Checking arch information for '/opt/homebrew/opt/openssl@3/lib/libcrypto.dylib' and '/opt/homebrew/opt/openssl@3/lib/libssl.dylib'
VERBOSE: Checking if 'arm64' for '/opt/homebrew/opt/openssl@3/lib/libcrypto.dylib' is one of 'arm64'
VERBOSE: Checking if 'arm64' for '/opt/homebrew/opt/openssl@3/lib/libssl.dylib' is one of 'arm64'
VERBOSE: Brew openssl libcrypto|ssl exists and is valid at '/opt/homebrew/opt/openssl@3/lib/libcrypto.dylib' and '/opt/homebrew/opt/openssl@3/lib/libssl.dylib'
VERBOSE: Getting OpenSSL version for '/opt/homebrew/opt/openssl@3/lib/libssl.dylib'
VERBOSE: OpenSSL Version: Major 3 Minor 0 Patch 0
VERBOSE: Host Info:
{
"Distribution": "macOS",
"StandardLib": "macOS",
"OpenSSL": "3",
"LibCrypto": {
"Target": "/opt/homebrew/opt/openssl@3/lib/libcrypto.dylib",
"Source": "libcrypto.3.dylib"
},
"LibSSL": {
"Target": "/opt/homebrew/opt/openssl@3/lib/libssl.dylib",
"Source": "libssl.3.dylib"
}
}
VERBOSE: Installing WSMan libs for 'macOS-3'
Get-ChildItem: Cannot find path '/Usr/local/microsoft/omi/PSWSMan/lib/macOS-3' because it does not exist.
VERBOSE: Creating symbolic link '/usr/local/microsoft/powershell/7-preview/libcrypto.3.dylib' -> '/opt/homebrew/opt/openssl@3/lib/libcrypto.dylib'
VERBOSE: Creating symbolic link '/usr/local/microsoft/powershell/7-preview/libssl.3.dylib' -> '/opt/homebrew/opt/openssl@3/lib/libssl.dylib'
@jborean93 some additional troubleshooting info:
PS /Users/admin> $PWSHDIR = '/usr/local/microsoft/powershell/7-preview/'
PS /Users/admin> otool -L "${PWSHDIR}/libpsrpclient.dylib"
/usr/local/microsoft/powershell/7-preview//libpsrpclient.dylib:
@rpath/libpsrpclient.dylib (compatibility version 0.0.0, current version 0.0.0)
@executable_path/libmi.dylib (compatibility version 0.0.0, current version 0.0.0)
/usr/lib/libiconv.2.dylib (compatibility version 7.0.0, current version 7.0.0)
/usr/lib/libSystem.B.dylib (compatibility version 1.0.0, current version 1238.60.2)
PS /Users/admin> otool -L "${PWSHDIR}/libmi.dylib"
/usr/local/microsoft/powershell/7-preview//libmi.dylib:
@rpath/libmi.dylib (compatibility version 0.0.0, current version 0.0.0)
/usr/lib/libSystem.B.dylib (compatibility version 1.0.0, current version 1238.60.2)
/usr/lib/libpam.2.dylib (compatibility version 3.0.0, current version 3.0.0)
/usr/local/opt/openssl/lib/libssl.1.0.0.dylib (compatibility version 1.0.0, current version 1.0.0)
/usr/local/opt/openssl/lib/libcrypto.1.0.0.dylib (compatibility version 1.0.0, current version 1.0.0)
/usr/lib/libz.1.dylib (compatibility version 1.0.0, current version 1.2.8)
There's still an error message because there's nothing in omi/PSWSMan/lib/macOS-3 in the repository, but the symlinks are created afterwards.
There's nothing in the immediate checkout of this repo as the binaries are generated by CI for the official release. You can get this dir by looking at the latest CI run for the repo and manually place it there. I'm unsure if you can see these or download them but the ones you are looking for are at https://dev.azure.com/jborean93/jborean93/_build/results?buildId=1273&view=artifacts&pathAsName=false&type=publishedArtifacts.
Just in case you cannot get it through Azure Pipelines here is the macOS-3.zip build.
Looks like you solved the OpenSSL problem, you should just need the folder for macOS-3
with the 2 libraries inside it and Install-WSMan
should work.
A quick check after download the artifacts for macOS-1.1/3 and Install-WSMan
works without error!
When first performing New-PSSession
I had to allow the libraries to load in gatekeeper, and can now connect to an https winRM endpoint using basic authentication.
I cannot yet connect to a Kerberos winRM endpoint after running kinit, I get the error MI_RESULT_FAILED
but I will look into this more once I have time.
Thanks!
I've just successfully tested kerberos authentication too, I think my previous issue was specific to the connection I tried.
So all looking good from my side. I'll keep the powershell preview available if any more testing is needed.
Thanks for testing and confirming you were able to get it working.
Turns out is it possible to do this in CI, it just needed the SDK version to be explicitly set. This change will make sure we build a universal2 library for macOS that supports both x86_64 and arm64. This should allow PSWSMan to support PowerShell running on native arm on macOS.
Requires https://github.com/PowerShell/PowerShell/pull/15768 and an actual M1 mac to test support for.
Fixes https://github.com/jborean93/omi/issues/20
TODO