Re: Depending on security/ca-certificates?

To: Greg Troxel <gdt%lexort.com@localhost>
Subject: Re: Depending on security/ca-certificates?
From: Jonathan Perkin <jperkin%joyent.com@localhost>
Date: Tue, 20 Jul 2021 18:22:06 +0100

* On 2021-07-20 at 14:25 BST, Greg Troxel wrote:

Another approach would be to add a feature to pkgin where it would have
a record of whether mozilla-rootcerts-openssl has been installed, and
ask the user whether they wanted to install it or not, and thereafter
not ask.  Probably enabled only on systems where the base system is
known not to have preconfigure trust anchors.  That lets pkgsrc do this
for a user easily, while not overriding base policy without consent.

This would probably  require pkgin, mozilla-rootcerts-openssl and
mozilla-rootcerts to be prestaged as part of install, but we already
need pkgin, or else the same download method could be used for
mozilla-rootcerts as pkgin.   Also needs someone to write the code.

Yeh this definitely doesn't belong in pkgin, it should be in sysinst aspart of setting up the package repository.


--
Jonathan Perkin  -  Joyent, Inc.  -  www.joyent.com

References:
- Depending on security/ca-certificates?
  - From: Michael-John Turner
- Re: Depending on security/ca-certificates?
  - From: Greg Troxel
- Re: Depending on security/ca-certificates?
  - From: Michael-John Turner
- Re: Depending on security/ca-certificates?
  - From: Greg Troxel

Prev by Date: Re: Depending on security/ca-certificates?
Next by Date: How do I tell pkgsrc to install from packages/All instead of rebuilding?
Previous by Thread: Re: Depending on security/ca-certificates?
Next by Thread: How do I tell pkgsrc to install from packages/All instead of rebuilding?
Indexes:

Home | Main Index | Thread Index | Old Index