Date: Thu, 5 Dec 2019 15:32:33 +0000 (UTC) From: Kyle Evans <kevans@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r355423 - head Message-ID: <201912051532.xB5FWX2U055706@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: kevans Date: Thu Dec 5 15:32:33 2019 New Revision: 355423 URL: https://svnweb.freebsd.org/changeset/base/355423 Log: UPDATING: Add long-belated note about certs in base While the interaction between this and the ETCSYMLINK option of security/ca_root_nss isn't necessarily fatal, one should be aware and attempt to understand the ramifications of mixing the two. ports-secteam will be contacted to discuss the default option for branches where certs are being included in base. Modified: head/UPDATING Modified: head/UPDATING ============================================================================== --- head/UPDATING Thu Dec 5 15:21:13 2019 (r355422) +++ head/UPDATING Thu Dec 5 15:32:33 2019 (r355423) @@ -26,6 +26,16 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 13.x IS SLOW: disable the most expensive debugging functionality run "ln -s 'abort:false,junk:false' /etc/malloc.conf".) +20191205: + The root certificates of the Mozilla CA Certificate Store have been + imported into the base system and can be managed with the certctl(8) + utility. If you have installed the security/ca_root_nss port or package + with the ETCSYMLINK option (the default), be advised that there may be + differences between those included in the port and those included in + base due to differences in nss branch used as well as general update + frequency. Note also that certctl(8) cannot manage certs in the + format used by the security/ca_root_nss port. + 20191120: The amd(8) automount daemon has been disabled by default, and will be removed in the future. As of FreeBSD 10.1 the autofs(5) is available
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201912051532.xB5FWX2U055706>