[packages/ca-certificates] symlink just /etc/ssl/certs/ca-certificates.crt
jajcus
jajcus at pld-linux.org
Sun Jan 13 13:33:51 CET 2019
commit 0923a3c6dd5e5a134b8029afec56e939adc51c06
Author: Jacek Konieczny <jajcus at jajcus.net>
Date: Sun Jan 13 13:32:34 2019 +0100
symlink just /etc/ssl/certs/ca-certificates.crt
Restrictive permissions to PLD /etc/certs break gajim when symlinked to
/etc/ssl/certs:
> 2019-01-13 13:27:08 (E) nbxmpp.tls_nb PlugIn: while trying _startSSL():
> Traceback (most recent call last):
> File "/usr/share/python3.7/site-packages/nbxmpp/tls_nb.py", line 288, in plugin
> res = self._startSSL()
> File "/usr/share/python3.7/site-packages/nbxmpp/tls_nb.py", line 327, in _startSSL
> result = self._startSSL_pyOpenSSL()
> File "/usr/share/python3.7/site-packages/nbxmpp/tls_nb.py", line 451, in _startSSL_pyOpenSSL
> for f in os.listdir('/etc/ssl/certs'):
> PermissionError: [Errno 13] Permission denied: '/etc/ssl/certs'
Release: 4
ca-certificates.spec | 9 +++++----
1 file changed, 5 insertions(+), 4 deletions(-)
---
diff --git a/ca-certificates.spec b/ca-certificates.spec
index 939e642..67c873d 100644
--- a/ca-certificates.spec
+++ b/ca-certificates.spec
@@ -14,7 +14,7 @@ Summary(pl.UTF-8): Pliki PEM popularnych certyfikatów CA
Name: ca-certificates
%define ver_date 20180409
Version: %{ver_date}
-Release: 3
+Release: 4
License: GPL v2 (scripts), MPL v2 (mozilla certs), distributable (other certs)
Group: Base
Source0: http://ftp.debian.org/debian/pool/main/c/ca-certificates/%{name}_%{version}.tar.xz
@@ -245,8 +245,8 @@ cd ..
# The Debian path might be hard-coded in some binaries we cannot fix
# like the Steam client
-install -d $RPM_BUILD_ROOT/etc/ssl
-ln -s %{certsdir} $RPM_BUILD_ROOT/etc/ssl/certs
+install -d $RPM_BUILD_ROOT/etc/ssl/certs
+ln -s %{certsdir}/ca-certificates.crt $RPM_BUILD_ROOT/etc/ssl/certs
%clean
rm -rf $RPM_BUILD_ROOT
@@ -260,7 +260,8 @@ rm -rf $RPM_BUILD_ROOT
%dir /etc/pki/tls
%dir /etc/pki/tls/certs
%dir /etc/ssl
-/etc/ssl/certs
+%dir /etc/ssl/certs
+/etc/ssl/certs/ca-certificates.crt
%config(noreplace) %verify(not md5 mtime size) /etc/pki/tls/certs/ca-bundle.crt
%config(noreplace) %verify(not md5 mtime size) %{certsdir}/ca-certificates.crt
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/ca-certificates.git/commitdiff/0923a3c6dd5e5a134b8029afec56e939adc51c06
More information about the pld-cvs-commit
mailing list