freebsd-update complains about changed files: /etc/ssl/certs/0179095f.0
Date: Thu, 07 Dec 2023 10:35:52 UTC
Hi, I have the problem from the forwarded mail below at several installs when I use freebsd-update. The interesting part is that /etc/ssl/certs/ contains files. Plain certctl rehash does not solve it. But "rm /etc/ssl/certs/*; certctl rehash" ends up with all files in /etc/ssl/certs becoming symlinks and the problem is gone. /etc/ssl/certs/002c0b4f.0 -> ../../../usr/share/certs/trusted/GlobalSign_Root_R46.pem Maybe I installed my jails in a wrong way so I got files instead of symlinks in /etc/ssl/certs. Anyway. What is supposed to be in /etc/ssl/certs? Files or symlinks? If somebody has a thought about this I'm interested. Otherwise it is just a data point in the mailinglist for somebody else with this problem to find a solution. NB: I also found older mention of this on the FreeBSD forums. https://forums.freebsd.org/threads/getting-the-latest-files-that-were-not-downloaded-during-upgrade.78973/ Regards, Ronald. Van: zzzzz@xxxxx.yy Datum: donderdag, 7 december 2023 00:23 Aan: root Onderwerp: rpi4 security updates > > Looking up update.FreeBSD.org mirrors... 3 mirrors found. > Fetching metadata signature for 13.2-RELEASE from update2.freebsd.org... done. > Fetching metadata index... done. > Inspecting system... done. > Preparing to download files... done. > The following files are affected by updates. No changes have > been downloaded, however, because the files have been modified > locally: > /etc/ssl/certs/0179095f.0 > /etc/ssl/certs/08063a00.0 > /etc/ssl/certs/0b9bc432.0 > /etc/ssl/certs/3e359ba6.0 > /etc/ssl/certs/5860aaa6.0 > /etc/ssl/certs/5931b5bc.0 > /etc/ssl/certs/5a7722fb.0 > /etc/ssl/certs/66445960.0 > /etc/ssl/certs/7a3adc42.0 > /etc/ssl/certs/7a780d93.0 > /etc/ssl/certs/8508e720.0 > /etc/ssl/certs/8f103249.0 > /etc/ssl/certs/90c5a3c8.0 > /etc/ssl/certs/9846683b.0 > /etc/ssl/certs/9ef4a08a.0 > /etc/ssl/certs/9f727ac7.0 > /etc/ssl/certs/d52c538d.0 > /etc/ssl/certs/ecccd8db.0 > /etc/ssl/certs/ed858448.0 > /etc/ssl/certs/fd64f3fc.0 > The following files will be updated as part of updating to > 13.2-RELEASE-p7: > /usr/share/certs/trusted/BJCA_Global_Root_CA1.pem > /usr/share/certs/trusted/BJCA_Global_Root_CA2.pem > /usr/share/certs/trusted/Certainly_Root_E1.pem > /usr/share/certs/trusted/Certainly_Root_R1.pem > /usr/share/certs/trusted/D-TRUST_BR_Root_CA_1_2020.pem > /usr/share/certs/trusted/D-TRUST_EV_Root_CA_1_2020.pem > /usr/share/certs/trusted/DigiCert_TLS_ECC_P384_Root_G5.pem > /usr/share/certs/trusted/DigiCert_TLS_RSA4096_Root_G5.pem > /usr/share/certs/trusted/E-Tugra_Global_Root_CA_ECC_v3.pem > /usr/share/certs/trusted/E-Tugra_Global_Root_CA_RSA_v3.pem > /usr/share/certs/trusted/HARICA_TLS_ECC_Root_CA_2021.pem > /usr/share/certs/trusted/HARICA_TLS_RSA_Root_CA_2021.pem > /usr/share/certs/trusted/HiPKI_Root_CA_-_G1.pem > /usr/share/certs/trusted/ISRG_Root_X2.pem > /usr/share/certs/trusted/Security_Communication_ECC_RootCA1.pem > /usr/share/certs/trusted/Security_Communication_RootCA3.pem > /usr/share/certs/trusted/Telia_Root_CA_v2.pem > /usr/share/certs/trusted/TunTrust_Root_CA.pem > /usr/share/certs/trusted/vTrus_ECC_Root_CA.pem > /usr/share/certs/trusted/vTrus_Root_CA.pem > > >