After using the ecs Dockerfile to build the image and package it into the server, the following exception information appears

[skrleo]

After using the ecs Dockerfile to build the image and package it into the server, the following exception information appears

2023-09-05 15:54:34 =ERROR REPORT==== 5-Sep-2023::07:54:34.162563 ===
2023-09-05 15:54:34 Unable to load crypto library. Failed with error:
2023-09-05 15:54:34 "load_failed, Failed to load NIF library: 'Error loading shared library libcrypto.so.1.1: No such file or directory (needed by /home/ejabberd/lib/crypto-5.0.6.3/priv/lib/crypto.so)'"

It is normal for me to build a docker image, with openssl-dev, openssl extension:

RUN apk upgrade --update-cache --no-progress  && apk add  expat  freetds  gd  jpeg  libgd  libpng libstdc++ libwebp ncurses-libs openssl-dev openssl sqlite sqlite-libs  tini   unixodbc  yaml zlib  && ln -fs /usr/lib/libtdsodbc.so.0 /usr/lib  39.7s

[badlop]

Problem confirmed.

I've just built ecs from docker-ejabberd git:

docker build -t personal/ejaecs105 .

 ---> 8dfff01275ac
Step 23/35 : RUN apk upgrade --update-cache --no-progress     && apk add     expat     freetds     gd     jpeg     libgd     libpng     libstdc++     libwebp     ncurses-libs     openssl     sqlite     sqlite-libs     tini     unixodbc     yaml     zlib     && ln -fs /usr/lib/libtdsodbc.so.0 /usr/lib/libtdsodbc.so     && rm -rf /var/cache/apk/*
---> Running in 469305b66f67
fetch https://dl-cdn.alpinelinux.org/alpine/v3.17/main/x86_64/APKINDEX.tar.gz
fetch https://dl-cdn.alpinelinux.org/alpine/v3.17/community/x86_64/APKINDEX.tar.gz
(1/5) Upgrading musl (1.2.3-r4 -> 1.2.3-r5)
(2/5) Upgrading ca-certificates-bundle (20220614-r4 -> 20230506-r0)
(3/5) Upgrading libcrypto3 (3.0.7-r2 -> 3.0.10-r0)
(4/5) Upgrading libssl3 (3.0.7-r2 -> 3.0.10-r0)

...
(39/43) Installing openssl (3.0.10-r0)
...

Then start it, and ejabberd crashes as you mentioned:

docker run -it -p 5222:5222 personal/ejaecs105:latest live

$ docker run -it -p 5222:5222 personal/ejaecs105:latest live
Erlang/OTP 24 [erts-12.3.2.6] [source] [64-bit] [smp:4:4] [ds:4:4:10] [async-threads:1] [jit:no-native-stack]

=ERROR REPORT==== 5-Sep-2023::11:00:12.138816 ===
Unable to load crypto library. Failed with error:
 "load_failed, Failed to load NIF library:
   'Error loading shared library libcrypto.so.1.1:
     No such file or directory
       (needed by /home/ejabberd/lib/crypto-5.0.6.3/priv/lib/crypto.so)'"
OpenSSL might not be installed on this system.

While inspecting the container:

~ $ cd /home/ejabberd/lib/crypto-5.0.6.3/

~/lib/crypto-5.0.6.3/priv/lib $ ls
crypto.so           crypto_callback.so  otp_test_engine.so

~/lib/crypto-5.0.6.3/priv/lib $ ldd crypto.so 
        /lib/ld-musl-x86_64.so.1 (0x7f92807d6000)
Error loading shared library libcrypto.so.1.1: No such file or directory (needed by crypto.so)
        libc.musl-x86_64.so.1 => /lib/ld-musl-x86_64.so.1 (0x7f92807d6000)
Error relocating crypto.so: BN_GENCB_new: symbol not found
Error relocating crypto.so: enif_inspect_iolist_as_binary: symbol not found
Error relocating crypto.so: EVP_MD_type: symbol not found
Error relocating crypto.so: ENGINE_get_id: symbol not found
Error relocating crypto.so: PKCS5_PBKDF2_HMAC: symbol not found
...

[prefiks]

Is there any other version of libcrypto? This should come from openssl

[badlop]

There is libcrypto.so.3:

$ ls -la /usr/lib/ | grep crypto
lrwxrwxrwx    1 root     root            24 Sep  5 10:24 libcrypto.so.3 -> ../../lib/libcrypto.so.3

BTW, a container image built using ejabberd/.github/container/Dockerfile works correctly with that openssl 3:

$ ldd /opt/ejabberd-master/lib/crypto-5.1.4/priv/lib/crypto.so
        /lib/ld-musl-x86_64.so.1 (0x7f33fb612000)
        libcrypto.so.3 => /usr/lib/libcrypto.so.3 (0x7f33fb238000)
        libc.musl-x86_64.so.1 => /lib/ld-musl-x86_64.so.1 (0x7f33fb612000)

Maybe the problem is that the mix container image, used by this ecs image, was built with openssl 1... let me see.

[badlop]

Aha, it seems the mix container image published four months ago, based in Alpine 3.17, included OpenSSL 1, and since past month, Alpine 3.17 includes OpenSSL 3. When the next ejabberd version is released, both mix and ecs images will be updated.

Until the next ejabberd release is published, you can try this:

1. First build a recent mix image:

   cd docker-ejabberd/mix/
   docker build -t personal/mix105 .

2. Use that recent mix image in the ecs Dockerfile:

   cd docker-ejabberd/ecs/
   sed -i 's|ejabberd/mix|personal/mix105|g' Dockerfile

3. Now build the ecs image:

   docker build -t personal/ejabberd105 .

4. ejabberd now will start correctly:

   
   docker run -it -p 5222:5222 personal/ejabberd105 live
   Erlang/OTP 25 [erts-13.1.2] [source] [64-bit] [smp:4:4] [ds:4:4:10] [async-threads:1] [jit]

2023-09-05 14:17:46.325054+00:00 [info] Loading configuration from /home/ejabberd/conf/ejabberd.yml 2023-09-05 14:17:46.360877+00:00 [warning] Option 'log_rotate_date' is deprecated and has no effect anymore. Please remove it from the configuration. 2023-09-05 14:17:46.361015+00:00 [warning] Option 'log_rate_limit' is deprecated and has no effect anymore. Please remove it from the configuration. 2023-09-05 14:17:46.836616+00:00 [info] Configuration loaded successfully 2023-09-05 14:17:47.039276+00:00 [info] Got no NOTIFY_SOCKET, notifications disabled 2023-09-05 14:17:47.055606+00:00 [info] Building language translation cache 2023-09-05 14:17:47.213716+00:00 [info] Creating Mnesia ram table 'ejabberd_commands' 2023-09-05 14:17:47.314708+00:00 [info] Creating Mnesia ram table 'route' 2023-09-05 14:17:47.354691+00:00 [info] Creating Mnesia ram table 'route_multicast'

[badlop]

I've tried with the ecs 23.10 image, and this problem seems solved.

I'll close the issue; if sombody still sees that same problem, please reopen the issue and explain how to replicate it.