Re: Does mozilla-rootcerts-openssl need to be unconditionally NOT_FOR_UNPRIVILEGED?

[Jonathan Perkin <jperkin%joyent.com@localhost>]

* On 2020-03-10 at 19:24 GMT, Jason Bacon wrote:

> On 2020-03-10 08:38, Denys Nykula wrote:
> > 10 March 2020, 08:05:12 "Jason Bacon" <outpaddling%yahoo.com@localhost>:
> > 
> > > security/mozilla-rootcerts-openssl
> > > 
> > > I found that on Darwin, it installs and functions fine in an
> > > unprivileged tree if I comment out NOT_FOR_UNPRIVILEGED.
> > > 
> > > It seems to me that the unprivileged install is only needed to install
> > > in /etc, which only happens if using builtin openssl.
> > > 
> > > I think the patch below should allow installing in unprivileged mode:
> > Can confirm, I have an unprivileged Linux pkgsrc prefix where with such
> > patch the certs install fine and make curl work without -k.
> I believe the need for this in R is also due to R's use of curl.
> 
> Perhaps security/mozilla-rootcerts-openssl should be a run dependency for
> www/curl?  As ubiquitous as https is now, anyone using curl will probably
> have to install mozilla-rootcerts-openssl anyway.

I forget what exactly the point of mozilla-rootcerts-openssl is, but
please don't add it as a dependency - for those of us happy to use the
mozilla-rootcerts by default, only the mozilla-rootcerts package
itself is required, along with a run of the install script.

-- 
Jonathan Perkin  -  Joyent, Inc.  -  www.joyent.com