bad bug fix for nss-softokn will break yum and anything else that uses certmonger to
RedHat released (and CentOS, Oracle Linux, and others passed on as built) a security update to nss-softokn in December that had a bug so it was updated/repaired
and again distributed by the channel on January 21. This January 21 bug fix update was missing a necessary dependency check to nss-softokn-freebl. Without
it certmonger is broken so any application process that needs to read/interpret certificates (via certmonger) could not and would error out.
This broke Free-IPA and yum itself.
to fix:
# cd /root
# yumdownloader nss-softokn-freebl ----> (assumes you have a yum.repo.d pointer set, otherwise wget from an appropriate source for your distro)
# rpm2cpio nss-softokn-freebl-3.14.3-19.el6_6.x86_64.rpm | cpio -idmv
# cp ./lib64/libfreeblpriv3.* /lib64
# yum update nss-softokn-freebl ----> (to register the update in the local RPM database, which also verifies that the database is not broken)
|