pkgsrc-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Depending on security/ca-certificates?

* On 2021-07-20 at 14:25 BST, Greg Troxel wrote:

Another approach would be to add a feature to pkgin where it would have
a record of whether mozilla-rootcerts-openssl has been installed, and
ask the user whether they wanted to install it or not, and thereafter
not ask.  Probably enabled only on systems where the base system is
known not to have preconfigure trust anchors.  That lets pkgsrc do this
for a user easily, while not overriding base policy without consent.

This would probably  require pkgin, mozilla-rootcerts-openssl and
mozilla-rootcerts to be prestaged as part of install, but we already
need pkgin, or else the same download method could be used for
mozilla-rootcerts as pkgin.   Also needs someone to write the code.

Yeh this definitely doesn't belong in pkgin, it should be in sysinst as part of setting up the package repository.

Jonathan Perkin  -  Joyent, Inc.  -

Home | Main Index | Thread Index | Old Index