Nuno Teixeira wrote on 2023/01/20 19:14:
> Other trick for those using -devel (-b latest||quarterly) is to start
> building until dependency is done, stop poudriere and restart it. Next
> build will use rust-1.66.1 from cache without rebuild it. :)
I haven't used poudriere-devel for a while becaus
On Fri, 20 Jan 2023 17:54:15 +0100 (CET)
free...@oldach.net (Helge Oldach) wrote:
> Michael Gmelin wrote on Fri, 20 Jan 2023 17:31:43 +0100 (CET):
> > The CA_BUNDLE knob was enabled on ftp/curl by default for many years
> > and was just recently disabled (in c63a8f65af, just in time for
> > 202
On 1/20/23 17:19, Helge Oldach wrote:
Andrea Venturoli wrote on Fri, 20 Jan 2023 15:40:45 +0100 (CET):
I mean ports-mgmt/pkg, security/pulledpork, www/p5-libwww, to name a few.
Each one of these uses different methods (so different certificate stores).
*If* the policy is that certificates are ha
On Fri, 20 Jan 2023 17:15:07 +0100 (CET)
free...@oldach.net (Helge Oldach) wrote:
> Michael Gmelin wrote on Fri, 20 Jan 2023 17:07:41 +0100 (CET):
> > Well, whatever is done, such a change needs to be managed properly,
> > which includes adding an entry to UPDATING in ports (e.g., the
> > remov
Dear port maintainers,
The portscout new distfile checker has detected that one or more
unmaintained ports appears to be out of date. Please take the opportunity
to check each of the ports listed below, and if possible and appropriate,
submit/commit an update. Please consider also adopting this po
On Fri, 20 Jan 2023 09:15:32 +0100 (CET)
free...@oldach.net (Helge Oldach) wrote:
> Michael Gmelin wrote on Fri, 20 Jan 2023 08:51:31 +0100 (CET):
> > > On 20. Jan 2023, at 07:45, free...@oldach.net wrote:
> > > Definitely however ca_root_nss should go away in favor of the
> > > built-in cert i
On 1/20/23 13:01, Hajimu UMEMOTO wrote:
Briefly... (but I can elaborate if someone is interested)...
If you mean curl, built without CA_BUNDLE should take care of it.
No, I don't mean curl (which I build without CA_BUNDLE).
I mean ports-mgmt/pkg, security/pulledpork, www/p5-libwww, to nam
Hi,
On Fri, 20 Jan 2023 20:41:53 +0900, Andrea Venturoli wrote:
> In the end, however, the result is the same: I have my certs hashed in
> /etc/ssl/certs, but some software will use them, some other software
> uses/prefers some different store (I counted at least 5).
If you mean curl, built with
On 1/20/23 12:17, Hajimu UMEMOTO wrote:
You can put your private CAs into /usr/local/etc/ssl/certs.
Well, I never thought of this.
I always put them in /etc/ssl/certs.
Running "certctl rehash" makes symlinks of the certs in
/usr/local/etc/ssl/certs into /etc/ssl/certs.
In the end, howeve
On Fri, 20 Jan 2023 12:04:43 +0100
Fernando Apesteguía wrote:
> On Fri, Jan 20, 2023 at 11:59 AM LuMiWa wrote:
>
> > Hi!
> >
> > I cannot run Qcad on my Freebsd 13.1-RELEASE-p5.
> > I am using packages.
> >
> > Thank you.
> >
> > qcad
> > QCAD version 3.27.7
> > 05:55:51: Debug:loading plu
Hi,
On Fri, 20 Jan 2023 17:16:11 +0900, Andrea Venturoli wrote:
> Base has single certs in /etc/ssl/certs, where I can add my own
> private CAs' ones.
>
> Port provides a single bundled file in
> /usr/local/etc/ssl/cert.pem.
> This (at least in some cases) overrides completely the ones in
> /etc/
On 1/20/23 10:35, Tomoaki AOKI wrote:
Doesn't ETCSYMLINK option work?
No, as I reported a couple of times in the past on the mailing lists (*)
As it's the default option, you need to install security/ca_root_nss
from ports with the option disabled, not pkg.
I build my packages with Poudri
On Fri, Jan 20, 2023 at 11:59 AM LuMiWa wrote:
> Hi!
>
> I cannot run Qcad on my Freebsd 13.1-RELEASE-p5.
> I am using packages.
>
> Thank you.
>
> qcad
> QCAD version 3.27.7
> 05:55:51: Debug:loading plugins...
> 05:55:51: Debug:loading static plugins...
> Fatal:Cannot mix incompati
Hi!
I cannot run Qcad on my Freebsd 13.1-RELEASE-p5.
I am using packages.
Thank you.
qcad
QCAD version 3.27.7
05:55:51: Debug:loading plugins...
05:55:51: Debug:loading static plugins...
Fatal:Cannot mix incompatible Qt library (5.15.7) with this library
(5.15.8) Abort
--
“Time
Other trick for those using -devel (-b latest||quarterly) is to start
building until dependency is done, stop poudriere and restart it. Next
build will use rust-1.66.1 from cache without rebuild it. :)
Cheers
Tatsuki Makino escreveu no dia sexta,
20/01/2023 à(s) 08:40:
> Hello.
> This is an uni
On Fri, 20 Jan 2023 10:16:41 +0100
Andrea Venturoli wrote:
> On 1/20/23 09:16, Andrea Venturoli wrote:
>
> > Base has single certs in /etc/ssl/certs, where I can add my own private
> > CAs' ones.
> >
> > Port provides a single bundled file in
> > /usr/local/etc/ssl/cert.pem.
>
> And also /us
On Fri, 20 Jan 2023 09:16:11 +0100
Andrea Venturoli wrote:
> On 1/19/23 18:04, Eugene Grosbein wrote:
>
> >> Given /usr/share/certs exists for all supported releases, is there any
> >> reason to keep the ca_root_nss port?
>
> Just my 2c...
>
>
>
> > Single port may be updates more frequentl
On 1/20/23 09:16, Andrea Venturoli wrote:
Base has single certs in /etc/ssl/certs, where I can add my own private
CAs' ones.
Port provides a single bundled file in
/usr/local/etc/ssl/cert.pem.
And also /usr/local/share/certs/ca-root-nss.crt, which is used in other
cases, overriding the oth
> On 20. Jan 2023, at 09:15, free...@oldach.net wrote:
>
> Michael Gmelin wrote on Fri, 20 Jan 2023 08:51:31 +0100 (CET):
On 20. Jan 2023, at 07:45, free...@oldach.net wrote:
>>> Definitely however ca_root_nss should go away in favor of the built-in
>>> cert infrastructure and the ports s
Hello.
This is an unimportant topic that may or may not be useful and can be skipped :)
Today, our poudriere would have output the following
[00:01:24] [Dry Run] Deleting rust-1.66.1.pkg: missing dependency: curl-7.87.0
This causes my poudriere to spend 4 hours rebuilding rust.
Not long ago, my
> /usr/share/certs
Was never necessary.
Should not have been added.
>> trust store
> list of trusted CAs
People are fools if they think they can "trust" any of those.
Including a live cert store in base does little but endorse exposure
of users to such external risks. Users before at least had t
On 1/19/23 18:04, Eugene Grosbein wrote:
Given /usr/share/certs exists for all supported releases, is there any reason
to keep the ca_root_nss port?
Just my 2c...
Single port may be updates more frequently and easily than base system.
I agree on this, but there's another problem.
Base
22 matches
Mail list logo
