[packages/ca-certificates] symlink just /etc/ssl/certs/ca-certificates.crt

Sun Jan 13 13:33:51 CET 2019

commit 0923a3c6dd5e5a134b8029afec56e939adc51c06
Author: Jacek Konieczny <jajcus at jajcus.net>
Date:   Sun Jan 13 13:32:34 2019 +0100

    symlink just /etc/ssl/certs/ca-certificates.crt
    
    Restrictive permissions to PLD /etc/certs break gajim when symlinked to
    /etc/ssl/certs:
    
    > 2019-01-13 13:27:08 (E) nbxmpp.tls_nb PlugIn: while trying _startSSL():
    > Traceback (most recent call last):
    >   File "/usr/share/python3.7/site-packages/nbxmpp/tls_nb.py", line 288, in plugin
    >     res = self._startSSL()
    >   File "/usr/share/python3.7/site-packages/nbxmpp/tls_nb.py", line 327, in _startSSL
    >     result = self._startSSL_pyOpenSSL()
    >   File "/usr/share/python3.7/site-packages/nbxmpp/tls_nb.py", line 451, in _startSSL_pyOpenSSL
    >     for f in os.listdir('/etc/ssl/certs'):
    > PermissionError: [Errno 13] Permission denied: '/etc/ssl/certs'
    
    Release: 4

 ca-certificates.spec | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)
---

diff --git a/ca-certificates.spec b/ca-certificates.spec
index 939e642..67c873d 100644
--- a/ca-certificates.spec
+++ b/ca-certificates.spec
@@ -14,7 +14,7 @@ Summary(pl.UTF-8):	Pliki PEM popularnych certyfikatów CA
 Name:		ca-certificates
 %define	ver_date	20180409
 Version:	%{ver_date}
-Release:	3
+Release:	4
 License:	GPL v2 (scripts), MPL v2 (mozilla certs), distributable (other certs)
 Group:		Base
 Source0:	http://ftp.debian.org/debian/pool/main/c/ca-certificates/%{name}_%{version}.tar.xz
@@ -245,8 +245,8 @@ cd ..
 
 # The Debian path might be hard-coded in some binaries we cannot fix
 # like the Steam client
-install -d $RPM_BUILD_ROOT/etc/ssl
-ln -s %{certsdir} $RPM_BUILD_ROOT/etc/ssl/certs
+install -d $RPM_BUILD_ROOT/etc/ssl/certs
+ln -s %{certsdir}/ca-certificates.crt $RPM_BUILD_ROOT/etc/ssl/certs
 
 %clean
 rm -rf $RPM_BUILD_ROOT
@@ -260,7 +260,8 @@ rm -rf $RPM_BUILD_ROOT
 %dir /etc/pki/tls
 %dir /etc/pki/tls/certs
 %dir /etc/ssl
-/etc/ssl/certs
+%dir /etc/ssl/certs
+/etc/ssl/certs/ca-certificates.crt
 %config(noreplace) %verify(not md5 mtime size) /etc/pki/tls/certs/ca-bundle.crt
 %config(noreplace) %verify(not md5 mtime size) %{certsdir}/ca-certificates.crt
 
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/ca-certificates.git/commitdiff/0923a3c6dd5e5a134b8029afec56e939adc51c06

