Module Name: src
Committed By: riastradh
Date: Sat Aug 26 05:59:00 UTC 2023
Modified Files:
src/usr.sbin/postinstall: postinstall.in
Log Message:
postinstall(8): Add opensslcerts item to regen /etc/openssl/certs.
Works only with destdir /, since it relies on running openssl(1),
which is not available as a tool or required in the cross-build
environment.
To generate a diff of this commit:
cvs rdiff -u -r1.52 -r1.53 src/usr.sbin/postinstall/postinstall.in
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/usr.sbin/postinstall/postinstall.in
diff -u src/usr.sbin/postinstall/postinstall.in:1.52 src/usr.sbin/postinstall/postinstall.in:1.53
--- src/usr.sbin/postinstall/postinstall.in:1.52 Wed Jun 21 18:46:06 2023
+++ src/usr.sbin/postinstall/postinstall.in Sat Aug 26 05:59:00 2023
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# $NetBSD: postinstall.in,v 1.52 2023/06/21 18:46:06 mrg Exp $
+# $NetBSD: postinstall.in,v 1.53 2023/08/26 05:59:00 riastradh Exp $
#
# Copyright (c) 2002-2022 The NetBSD Foundation, Inc.
# All rights reserved.
@@ -1662,6 +1662,37 @@ do_named()
#
+# opensslcerts
+#
+
+additem opensslcerts "build /etc/openssl/certs cache of HTTPS CA certificates"
+do_opensslcerts()
+{
+ [ -n "$1" ] || err 3 "USAGE: do_opensslcerts fix|check"
+
+ case $1 in
+ check) # XXX Anything to check?
+ return 0
+ ;;
+ fix) # This runs openssl(1), which is not available as a
+ # build-time tool. So for now, restrict it to running
+ # on the installed system.
+ case $DEST_DIR in
+ ''|/) ;;
+ *) msg "opensslcerts limited to DEST_DIR=/"
+ return 1
+ ;;
+ esac
+ certctl rehash
+ return 0
+ ;;
+ *) err 3 "USAGE: do_opensslcerts fix|check"
+ ;;
+ esac
+}
+
+
+#
# pam
#
