Date: Wed, 12 Nov 2025 02:50:20 GMT From: Xavier Beaudouin <kiwi@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: git: decf02f29df2 - main - security/ca_root_nss: Make the certctl command overridable Message-ID: <202511120250.5AC2oKTT097447@gitrepo.freebsd.org>
index | next in thread | raw e-mail
The branch main has been updated by kiwi: URL: https://cgit.FreeBSD.org/ports/commit/?id=decf02f29df258d94fce0f57351fbe0ec9c645f5 commit decf02f29df258d94fce0f57351fbe0ec9c645f5 Author: Mark Johnston <markj@FreeBSD.org> AuthorDate: 2025-11-12 02:45:45 +0000 Commit: Xavier Beaudouin <kiwi@FreeBSD.org> CommitDate: 2025-11-12 02:49:37 +0000 security/ca_root_nss: Make the certctl command overridable For some purposes it's useful to be able to build the ca_root_nss with a custom certctl command. It may be desireable for instance to run certctl rehash at the end of a package upgrade rather than in the middle, in which case it's sufficient to substitute CERTCTL_CMD=:. Make the certctl command name a variable so that one can override it at port build time. No functional change intended. PR: 290115 Approved by: maintainer (timeout, 1 month) Sponsored by: OPNsense Sponsored by: Klara, Inc. --- security/ca_root_nss/Makefile | 6 ++++-- security/ca_root_nss/files/pkg-deinstall.in | 2 +- security/ca_root_nss/files/pkg-install.in | 2 +- 3 files changed, 6 insertions(+), 4 deletions(-) diff --git a/security/ca_root_nss/Makefile b/security/ca_root_nss/Makefile index 3ab0c1a1745e..67da24fce950 100644 --- a/security/ca_root_nss/Makefile +++ b/security/ca_root_nss/Makefile @@ -1,6 +1,6 @@ PORTNAME= ca_root_nss PORTVERSION= ${VERSION_NSS} -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= security MASTER_SITES= MOZILLA/security/nss/releases/${DISTNAME:tu:C/[-.]/_/g}_RTM/src DISTNAME= nss-${VERSION_NSS}${NSS_SUFFIX} @@ -34,8 +34,10 @@ VERSION_NSS= 3.117 CERTDATA_TXT_PATH= lib/ckfw/builtins/certdata.txt BUNDLE_PROCESSOR= MAca-bundle.pl +CERTCTL_CMD?= /usr/sbin/certctl + SUB_FILES= MAca-bundle.pl pkg-deinstall pkg-install pkg-message -SUB_LIST= VERSION_NSS=${VERSION_NSS} +SUB_LIST= CERTCTL_CMD=${CERTCTL_CMD} VERSION_NSS=${VERSION_NSS} do-build: @${SETENV} PATH=${LOCALBASE}/bin:$${PATH} \ diff --git a/security/ca_root_nss/files/pkg-deinstall.in b/security/ca_root_nss/files/pkg-deinstall.in index 8e5138c10c22..612219c9e447 100644 --- a/security/ca_root_nss/files/pkg-deinstall.in +++ b/security/ca_root_nss/files/pkg-deinstall.in @@ -2,5 +2,5 @@ if [ "$2" = POST-DEINSTALL ]; then CERTCTL_ARGS="-D ${PKG_ROOTDIR}" - certctl ${CERTCTL_ARGS} rehash + %%CERTCTL_CMD%% ${CERTCTL_ARGS} rehash fi diff --git a/security/ca_root_nss/files/pkg-install.in b/security/ca_root_nss/files/pkg-install.in index 6f05ab7e72ed..e338a2a6dc08 100644 --- a/security/ca_root_nss/files/pkg-install.in +++ b/security/ca_root_nss/files/pkg-install.in @@ -5,7 +5,7 @@ if [ "$2" = POST-INSTALL ]; then if [ -n "${PKG_METALOG}" ]; then CERTCTL_ARGS="${CERTCTL_ARGS} -U -M ${PKG_METALOG}" fi - certctl ${CERTCTL_ARGS} rehash + %%CERTCTL_CMD%% ${CERTCTL_ARGS} rehash [ ! -e %%LOCALBASE%%/bin/cert-sync ] || \ %%LOCALBASE%%/bin/cert-sync --quiet %%PREFIX%%/share/certs/ca-root-nss.crthome | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202511120250.5AC2oKTT097447>