Adventures with vagrant-libvirt in Fedora 35 land

Hi all. Recently, I wanted to easily create in a reproducible way some VMs for my security research. My main workstation runs Fedora and I decided NOT to use any 3rd party software such as VMWare or Virtualbox. Here my little adventure starts …

I installed Vagrant, using the official way, no hiccups there. After that:


It turns out libvirt is a plugin for vagrant, which has to be installed separately. OK, let’s roll with this. The GH page for the plugin recommends that owing to frequent version conflicts we should use a container but we know better, right? 😉

sudo dnf install -y libxslt-devel libxml2-devel libvirt-devel ruby-devel gcc && vagrant plugin install vagrant-libvirt

No problem so far so it is time for vagrant up.

Boom! /opt/vagrant/embedded/lib/ruby/2.7.0/rubygems/core_ext/kernel_require.rb:83:in `require': /lib64/ undefined symbol: EVP_KDF_ctrl, version OPENSSL_1_1_1b - /home/lxt/.vagrant.d/gems/2.7.4/gems/ruby-libvirt-0.8.0/lib/ (LoadError)

This is kind of documented so here is the solution:

dnf download --source krb5-libs
rpm2cpio krb5-1.19.2-2.fc35.src.rpm |cpio -imdV
tar xvzf krb5-1.19.2.tar.gz
cd krb5-1.19.2/src
./configure && make
sudo cp -a lib/crypto/libk5crypto.* /opt/vagrant/embedded/lib64

With that out of the way, we try again:

A new error appears: /opt/vagrant/embedded/lib/ruby/2.7.0/rubygems/core_ext/kernel_require.rb:83:in `require': /lib64/ undefined symbol: EVP_KDF_ctrl, version OPENSSL_1_1_1b - /home/lxt/.vagrant.d/gems/2.7.4/gems/ruby-libvirt-0.8.0/lib/

Again, this is kind of documented so the solution is as follows:

dnf download --source libssh
rpm2cpio libssh-0.9.6-1.fc35.src.rpm| cpio -imdV
tar xvJf libssh-0.9.6.tar.xz
cd libssh-0.9.6
mkdir build
cd build
cmake ../ -DOPENSSL_ROOT_DIR=/opt/vagrant/embedded/
sudo cp lib/libssh.* /opt/vagrant/embedded/lib64

With the above out of the way, at least we get a bootable box we can SSH into.

I am really disappointed by the state of support of libvirt as a vagrant provider. It is 2022 and for a lot of people, time is limited. We deserve better than having to jump through all these hoops for something that should have been built-in. My $0.02

1 comment

Leave a comment

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: