Jun 172016
 

The Problem:

There is an issue on CloudLinux 6.8 and CentOS 6.8 servers with the nss package version numbered 3.21.0-8. In general, if you see either:

curl https://google.com > /dev/null
Illegal instruction (core dumped)

or

rhn_check
Illegal instruction (core dumped)

In both cases, the fix that is being advised amounts to downgrading the nss packages to version 3.21.0-0.3.
The instructions are different between CloudLinux and CentOS.
 

CloudLinux

The older package is still in CloudLinux’s repositories, so this is easy. Run the following command and check that you are going to 3.21.0-0.3

NSS_DISABLE_HW_GCM=1 yum downgrade nss nss-util nss-tools nss-sysinit

Then edit the

vim /etc/yum.conf

file adding nss* to the end of the exclude= line like so

exclude=courier* dovecot* exim* filesystem httpd* mod_ssl* mydns* mysql* nsd* php* proftpd* pure-ftpd* spamassassin* squirrelmail* nss*

Then, check your work with the following command

curl https://google.com > /dev/null

 

CentOS

CentOS is a bit more difficult, since everything just upgraded to CentOS 6.8 and the older package is not in the system repositories.

Create the file

touch /etc/yum.repos.d/nss-fix.repo

with the following contents:

[nss-fix]
name=repository used solely to fix nss
baseurl=http://vault.centos.org/6.7/updates/x86_64/
enabled=0
includepkgs=nss*
#gpgcheck=1
priority=3

Then, run the following command and check that you are going to 3.21.0-0.3

yum --enablerepo=nss-fix downgrade nss nss-sysinit nss-util nss-tools

Next, change

vim /etc/yum.conf

adding nss* to the end of the exclude= line like so

exclude=courier* dovecot* exim* filesystem httpd* mod_ssl* mydns* mysql* nsd* php* proftpd* pure-ftpd* spamassassin* squirrelmail* nss*

Check your work with the following command

curl https://google.com > /dev/null
Share This!