For the two other people in the world who might run into this problem:
I’m trying to install NextCloud on a fresh Ubuntu 18.04 system, and I want to use the user_saml app and Shibboleth for user authentication. This means I need to use php7.1, first off, because 7.2 doesn’t have mcrypt support and user_saml requires it. I’d also like not to have to build everything from source. The problem I’ve run into is that php7.1-curl depends on libcurl4 and libapache2-mod-shib2 depends (through libxmltooling) on libcurl3, and you can only have one of those installed at a time.
I have found a workaround, and I’m documenting it here mainly so I don’t forget how it works, not because I expect anyone else will find it useful or interesting.
First, install libcurl3, with “apt-get install libcurl3”.
Once that’s installed, go to /usr/lib/x86_64-linux-gnu/ and make a copy of libcurl.so.4.5.0, using “libcurl3” as the name instead of “libcurl”. You should end up with something like this:
-rw-r--r-- 1 root root 518600 Mar 5 04:41 libcurl3.so.4.5.0 lrwxrwxrwx 1 root root 19 May 8 10:47 libcurl-gnutls.so.3 -> libcurl-gnutls.so.4 lrwxrwxrwx 1 root root 23 Jun 1 18:04 libcurl-gnutls.so.4 -> libcurl-gnutls.so.4.5.0 -rw-r--r-- 1 root root 510408 May 8 10:47 libcurl-gnutls.so.4.5.0 lrwxrwxrwx 1 root root 16 Jun 1 18:04 libcurl.so.4 -> libcurl.so.4.5.0 -rw-r--r-- 1 root root 518600 May 8 10:47 libcurl.so.4.5.0
Install libcurl4, which should remove libcurl3, but leave the version 3 file you just copied there: “apt-get install libcurl4”
Double check that the libcurl* files in /usr/lib/x86_64-linux-gnu are still pointing to the right palces — none of the symlinks should be pointing to the libcurl3 file!
Next, download the package for libxmltooling7, which is the one which depends on libcurl. We’re going to repackage it without that dependency, so apt won’t complain later: “apt-get download libxmltooling7”
Unpack the .deb: “ar x libxmltooling7_1.6.4-1ubuntu2_amd64.deb”
Unpack the control tarball: “tar xf control.tar.xz”
Edit the file “control” and change “libcurl3 (>= 7.16.2)” to “libcurl4”. Remove the version requirement. You could probably also just remove the libcurl3 bit entirely, but might as well let any libcurl4 satisfy the dependency.
Repackage the control tarball: “tar -cJvf control.tar.xz control md5sums shlibs triggers”
Repackage it all into a new .deb: “ar rcs libxmltooling-local.deb debian-binary control.tar.xz data.tar.xz”
And install the fixed libxmltooling: “dpkg -i libxmltooling-local.deb”
Now you should be able to install shibboleth, but first let’s have systemd load the libcurl3 library when it tries to launch shibd during installation. (This is the bit which took me the longest to figure out, because while I knew LD_PRELOAD ought to work, I didn’t realize systemd was sanitizing the environment and preventing it.) Run this command: “systemctl edit shibd”
If that doesn’t work because there isn’t a shibd service yet, just make a new file named “/etc/systemd/system/shibd.service.d/override.conf” and edit that. Into that file, paste this:
Save the file, and now try installing shibboleth: “apt-get install libapache2-mod-shib2”
With any luck, you’ve now got a system with libcurl4 and a working shibd linked against libcurl3.
Now you can (re)load all the php modules, and they shouldn’t complain about dependencies or try to remove any of the shibboleth packages.