Author: kevans Date: Sat May 9 02:01:29 2020 New Revision: 360833 URL: https://svnweb.freebsd.org/changeset/base/360833
Log: installworld: attempt a certctl rehash at the tail end This can be run as root or normal user with no problem; if they hadn't twisted the WITHOUT_CAROOT knob, we'll attempt to use the host certctl to rehash the DESTDIR. This would allow one to build systems WITHOUT_OPENSSL + WITH_CAROOT with a populated /etc/ssl that they can then use with an appropriate *ssl from somewhere else. Cross-builds are fine because this will always use the host certctl, or just nag if it's missing and it wasn't a WITHOUT_CAROOT build. MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D24641 Modified: head/Makefile.inc1 Modified: head/Makefile.inc1 ============================================================================== --- head/Makefile.inc1 Sat May 9 01:48:08 2020 (r360832) +++ head/Makefile.inc1 Sat May 9 02:01:29 2020 (r360833) @@ -1403,6 +1403,16 @@ distributeworld installworld stageworld: _installcheck ${DESTDIR}/${DISTDIR}/${dist}.debug.meta .endfor .endif +.elif make(installworld) && ${MK_CAROOT} != "no" + # We could make certctl a bootstrap tool, but it requires OpenSSL and + # friends, which we likely don't want. We'll rehash on a best-effort + # basis, otherwise we'll just mention that we're not doing it to raise + # awareness. + @if which certctl>/dev/null; then \ + certctl rehash \ + else \ + echo "No certctl on the host, not rehashing target -- /etc/ssl may not be populated."; \ + fi .endif packageworld: .PHONY _______________________________________________ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
