Firefox fail after zypper dup

I did zypper dup yesterday, during which I was more or less forced into a vendor change for Firefox from the main Opensuse repo to “home:XOF:HSF” (whatever that means) because no dependencies could be satisfied any other way.

And it doesn’t work - message : XPCOMGlueLoad error for file /usr/lib64/firefox/libxul.so: /usr/lib64/firefox/libxul.so: undefined symbol: png_get_next_frame_delay_num, version PNG16_0 Couldn't load XPCOM.

Tried to find which package supplies it to, no avail. And I don’t know how to change back to original vendor to get a version that works…

Open YaST software. Search for firefox. Mark the package and open the version tab. Select the openSUSE version and hit apply.

But more importantly you should show us your repos:

zypper lr -d

Well, I got Firefox back - the update protocol is trying to do the same thing with Thunderbird as well - I’ve resisted so far.

List of repos :

---+--------------------------------------+----------+---------+-----------+---------+----------+--------+-------------------------------------------------------------------------------------------------+--------
 1 | download.opensuse.org-non-oss        | Main R-> | Yes     | (r ) Yes  | Yes     |   99     | rpm-md | http://download.opensuse.org/tumbleweed/repo/non-oss/                                           | 
 2 | download.opensuse.org-oss            | Main R-> | Yes     | (r ) Yes  | Yes     |   99     | rpm-md | http://download.opensuse.org/tumbleweed/repo/oss/                                               | 
 3 | download.opensuse.org-tumbleweed     | Main U-> | Yes     | (r ) Yes  | Yes     |   99     | rpm-md | http://download.opensuse.org/update/tumbleweed/                                                 | 
 4 | home_ktgw0316_LightZone              | LightZ-> | Yes     | (r ) Yes  | No      |   99     | rpm-md | https://download.opensuse.org/repositories/home:/ktgw0316:/LightZone/openSUSE_Tumbleweed/       | 
 5 | https-download.opensuse.org-0f81f8d3 | openSU-> | Yes     | (r ) Yes  | Yes     |   99     | rpm-md | https://download.opensuse.org/tumbleweed/repo/oss/                                              | 
 9 | https-download.opensuse.org-8e89ffd4 | home:1-> | Yes     | (r ) Yes  | Yes     |   99     | rpm-md | https://download.opensuse.org/repositories/home:/13ilya/openSUSE_Tumbleweed/                    | 
 6 | https-download.opensuse.org-52ed863f | openSU-> | Yes     | (r ) Yes  | Yes     |   99     | rpm-md | https://download.opensuse.org/repositories/openSUSE:/Tumbleweed/standard/                       | 
 7 | https-download.opensuse.org-600a168e | home:X-> | Yes     | (r ) Yes  | Yes     |   99     | rpm-md | https://download.opensuse.org/repositories/home:/X0F:/branches:/multimedia/openSUSE_Tumbleweed/ | 
 8 | https-download.opensuse.org-883985bb | graphics | Yes     | (r ) Yes  | Yes     |   99     | rpm-md | https://download.opensuse.org/repositories/graphics/openSUSE_Tumbleweed/                        | 
10 | https-download.opensuse.org-ac2d008a | home:X-> | Yes     | (r ) Yes  | Yes     |   99     | rpm-md | https://download.opensuse.org/repositories/home:/X0F:/DEPS/openSUSE_Tumbleweed/                 | 
11 | https-download.opensuse.org-cc9f963a | home:X0F | Yes     | (r ) Yes  | Yes     |   99     | rpm-md | https://download.opensuse.org/repositories/home:/X0F/openSUSE_Tumbleweed/                       | 
12 | https-download.opensuse.org-dd21cd42 | home:X-> | Yes     | (r ) Yes  | Yes     |   99     | rpm-md | https://download.opensuse.org/repositories/home:/X0F:/HSF/openSUSE_Tumbleweed/                  | 
13 | multimedia-apps-x86_64               | multim-> | Yes     | (r ) Yes  | No      |   99     | rpm-md | https://ftp.lysator.liu.se/pub/opensuse/repositories/multimedia:/apps/openSUSE_Tumbleweed/      | 
14 | openSUSE-20230617-0                  | openSU-> | Yes     | (r ) Yes  | Yes     |   99     | rpm-md | http://download.opensuse.org/tumbleweed/repo/oss/                                               | 
15 | packman-essentials                   | packma-> | Yes     | (r ) Yes  | Yes     |   90     | rpm-md | http://ftp.gwdg.de/pub/linux/misc/packman/suse/openSUSE_Tumbleweed/Essentials                   | 
16 | repo-debug                           | openSU-> | No      | ----      | ----    |   99     | NONE   | http://download.opensuse.org/debug/tumbleweed/repo/oss/                                         | 
17 | repo-openh264                        | Open H-> | Yes     | (r ) Yes  | Yes     |   99     | rpm-md | http://codecs.opensuse.org/openh264/openSUSE_Tumbleweed                                         | 
18 | repo-source                          | openSU-> | No      | ----      | ----    |   99     | NONE   | http://download.opensuse.org/source/tumbleweed/repo/oss/                                        | 
19 | security-x86_64                      | securi-> | Yes     | (r ) Yes  | No      |   99     | rpm-md | https://ftp.lysator.liu.se/pub/opensuse/repositories/security/openSUSE_Tumbleweed/              | 
20 | vivaldi                              | vivaldi  | Yes     | (r ) Yes  | Yes     |   99     | rpm-md | https://repo.vivaldi.com/archive/rpm/x86_64

With the exception of LightZone and Vivaldi they’re pretty straight forward…

It is a bloody mess.

  • remove repo #5 as it is the same as #2
  • remove repo #6 , 7, 8, 9, 10, 11, 12 as these are the reason for your problems. This are home repos added via 1-click install
  • remove repo #14 as it is the same as #2

OK

Bearing in mind I don’t understand much, what are “home repos”?

And, as the one-click install was the only way to procure the apps, how will I know if there’s a new version?

Home repo are private repos maintained by people for their own purposes. they are NOT official

Get the package you want but do not allow active use of the repo ie disable or do not add the repo. Only the person that maintains the reo knows whats there and thing in the repo may cause problems in you OS

Let’s this explain the other way round:

For openSUSE Tumbleweed there are only three official openSUSE repositories:

  • repo-oss
  • repo-non-oss
  • update

The software in this repositories is tested via openQA and can be assumed to result in a working openSUSE Tumbleweed system.

Then there is the Packman repository which enhances some openUSE packages with software that can not be supplied by openSUSE for legal reasons. The software in this repository in general will quite reliably work with openSUSE Tumbleweed as well.

The software in any other repository may work with openSUSE Tumbleweed but it is not tested with openQA and it may fail at any given time.

The risk with such repositories is that they may provide newer versions of system packages which will not properly interact with the rest of your system. So if you keep those repositories enabled the update process can pull in packages which may cause your system to fail.

I used a lot of mays in the explanation above to point out that you can have a running system even when you use those repositories but you probably should be skilled enough to deal with any problems arising from the usage of those repositories.

As example the firefox version which got pulled in from the https://download.opensuse.org/repositories/home:/X0F:/HSF is dangerously altered by the packager of the home repo. He disabled extension signing. That means it is possible to install maliciuos extensions in his firefox version as he disabled basic security features required by mozilla.

Additionally if you glance over the spec file of this firefox package you will see that he has no manners and no clue.

This single example should be enough reasons to uninstall everything from this home repo and remove it. There are for sure more of such “gems” hidden in this repository…

Thank you for the explanation -

Obviously I wasn’t skilled enough - otherwise this thread wouldn’t exist !

But I should be better equipped now.

@hui is there any way to get zypper to tell what has been installed from a particular vendor?

XOF:/HSF has a lot of stuff in common with the official repo… if he’s playing games like that why is he even allowed in the OpenSuse eco-system?

zypper search --help
will help you.

Command
zypper search -sir "REPONAME|URL|NUMBER" will show you the installed packages from a Repo:

-s, --details Show each available version in each repository on a separate line.
-i, --installed-only Show only installed packages.
-r, --repo <ALIAS|#|URI> Work only with the specified repository.

Thank you - but I’d already deleted the repo, so zypper was none the wiser.

Suppose I could re-install it, search, and then get rid of it again…

I’m very naive - would never cross my mind to deliberately set up a buggy repo… and waste the energy maintaining it…

As a first step I recommend that you go back to a “(almost) pure” openSUSE Tumbleweed system.

Disable all repositories except

repo-oss
repo-non-oss
update
Packman

and then run

zypper dup --allow-vendor-change

After this you can use

zypper se -si * |grep "(System Packages)"

to find all packages installed in your system without a repository (defined in your system) to deliver them.

Thank you

I’m getting quite a tutorial on zypper here !

And I’ve learnt what the icons mean in the repositories tab of Yast - which I didn’t pay much mind to before.

Is there any way of knowing the reputation of a home repo? There are, after all, serious people doing their best to maintain packages of what you might call “niche” applications.

I think I may, in the future, be less lazy and do more installation from source if I can’t find a package from a serious repo.

I do not quite understand what you mean by “reputation”.

There might be situations where the firefox-version described in post #7 is useful although I personally had no need so far for a firefox-version like this (and therefor would never use it for my daily work).

All software (even the one in the openSUSE repositories) serves an individual purpose.

One has to find out what that purpose is (e.g. by reading the documentation, talking to the developer, …) and based on the information gathered one has to decide whether a package fits ones personal demands/preferences/… or not.

Regarding the interoperability of an individual software package with ones openSUSE system
there are two possibilities:

If the packages comes from a repository recommended by openSUSE (repo-oss, repo-non-oss, …) then the interoperability has been tested and chances are good that the package will not interfere with ones openSUSE system.

For all other packages (even the ones individually compiled from source) it is up to the user to ensure that the package will not interfere with ones openSUSE system.

It would be better to use:

zypper packages --orphaned

This is why you don’t use home repositories unless nessecary.

I thought they functioned like ppa’s in Ubuntu / Debian - often recommended by developers because more up to date…

Know better now.

Which is why I use Tumbleweed - I used Leap for a while, but my graphics apps, as supplied by the Leap repos, were hopelessly out of date (years in some cases).

Anyway, thanks all - everything installed is now from a respectable source!