Keepalived not working since Core Update 177 (OpenSSL 1.1 removed)

Removing OpenSSL 1.1.1 in Core Update 177 caused keepalived (2.2.7) not starting/working anymore. It requires the shared libraries and

As a workaround I copied both old/deprecated libraries into the “/usr/lib/” directory and successfully restarted keepalived.
I’m not sure, but upgrading keepalived to v2.2.8 and linking against and might solve the problem.

In my proxmox ha-installation I run 2 ipfire instances in active-active mode and use keepalived (vrrp) to manage the ip address failover.

As a workaround, you can uninstall the package and re-install it.

Thanks Michael for your immediate support.

De- and reinstalling keepalived does not solve the issue:
Actions taken:

  1. /etc/init.d/keepalived stop
  2. rm /usr/lib/
  3. rm /usr/lib/
  4. pakfire: deinstall keepalived-2.2.7-13

  1. pakfire: install keepalived-2.2.7-13
  2. check if scripts and config are still in /etc/keepalive/
  3. /etc/init.d/keepalived start
    => Message on the console:
    Starting keepalive daemon…
    /usr/sbin/keepalived: error while loading shared libraries: cannot open shared object file: No such file or directory [ FAIL ]

Copied again both old/deprecated libraries into the “/usr/lib/” directory and successfully restarted keepalived.

Great :slight_smile:
Removing the files /opt/pakfire/cache/keepalived-2.2.7-12.ipfire and /opt/pakfire/cache/keepalived-2.2.7-13.ipfire before reinstalling keepalived did the job.

Problem solved!
Thank you both so much.


I will submit a patch for an update of keepalived which will increment the PAK_VER number so in CU178 it will have the correct ssl lib linked.


I just pushed a commit into the core177 branch that bumps a couple of packages:;a=commitdiff;h=80ff3f08c49fbf0580392a9afda43d99e50d43ba

The build will finish in a couple of hours and I will manually release those affected packages.

Please let me know if there are more that we might have missed.

To avoid running into those kind of issues in the future I decided to run one of my ipfire-instances in “stable” the other in “testing”.


@pvflick - Thank you for doing this! Core updates would go much smoother & better if more people would take the time to do the exact same thing as you!
:star: :star: :star: