Date: Thu, 5 Dec 2019 15:32:33 +0000 (UTC) From: Kyle Evans <kevans@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r355423 - head Message-ID: <201912051532.xB5FWX2U055706@repo.freebsd.org>
index | next in thread | raw e-mail
Author: kevans Date: Thu Dec 5 15:32:33 2019 New Revision: 355423 URL: https://svnweb.freebsd.org/changeset/base/355423 Log: UPDATING: Add long-belated note about certs in base While the interaction between this and the ETCSYMLINK option of security/ca_root_nss isn't necessarily fatal, one should be aware and attempt to understand the ramifications of mixing the two. ports-secteam will be contacted to discuss the default option for branches where certs are being included in base. Modified: head/UPDATING Modified: head/UPDATING ============================================================================== --- head/UPDATING Thu Dec 5 15:21:13 2019 (r355422) +++ head/UPDATING Thu Dec 5 15:32:33 2019 (r355423) @@ -26,6 +26,16 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 13.x IS SLOW: disable the most expensive debugging functionality run "ln -s 'abort:false,junk:false' /etc/malloc.conf".) +20191205: + The root certificates of the Mozilla CA Certificate Store have been + imported into the base system and can be managed with the certctl(8) + utility. If you have installed the security/ca_root_nss port or package + with the ETCSYMLINK option (the default), be advised that there may be + differences between those included in the port and those included in + base due to differences in nss branch used as well as general update + frequency. Note also that certctl(8) cannot manage certs in the + format used by the security/ca_root_nss port. + 20191120: The amd(8) automount daemon has been disabled by default, and will be removed in the future. As of FreeBSD 10.1 the autofs(5) is availablehome | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201912051532.xB5FWX2U055706>