[Bug 262755] security/ca_root_nss: can no longer modify ${PREFIX}/etc/ssl/cert.pem

Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Thu, 24 Mar 2022 08:50:51 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=262755

            Bug ID: 262755
           Summary: security/ca_root_nss: can no longer modify
                    ${PREFIX}/etc/ssl/cert.pem
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: Individual Port(s)
          Assignee: ports-secteam@FreeBSD.org
          Reporter: franco@opnsense.org
          Assignee: ports-secteam@FreeBSD.org
             Flags: maintainer-feedback?(ports-secteam@FreeBSD.org)

Since this cert.pem like /etc/ssl/cert.pem is used by services it must be
adjustable like it previously was for @sample use.  Now the file is registered
by the package and ends up being rewritten on upgrades.  ETCSYMLINK helps to
edit contents of /etc/ssl/cert.pem still, but for ${PREFIX}/etc/ssl/cert.pem
this is no longer possible.

From the change in https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=228550 I
can't really agree on the whole assumption made for ETCSYMLINK option turned
off in this regard.

-- 
You are receiving this mail because:
You are the assignee for the bug.