Date: Tue, 11 Nov 2025 18:11:56 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 290957] certctl.sh creates stale symlinks to /tmp Message-ID: <bug-290957-227@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=290957 Bug ID: 290957 Summary: certctl.sh creates stale symlinks to /tmp Product: Base System Version: 14.3-STABLE Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: bin Assignee: bugs@FreeBSD.org Reporter: wosch@FreeBSD.org `make installworld'` calls usr.sbin/certctl/certctl.sh at the end. On my stable/14 machine it creates stale symlinks to /tmp sudo usr.sbin/certctl/certctl.sh rehash; ./tools/build/stale-symlink-buildworld.sh certctl.sh: Skipping untrusted certificate 5e98733a (/etc/ssl/untrusted/5e98733a.0) certctl.sh: Skipping untrusted certificate 57bcb2da (/etc/ssl/untrusted/57bcb2da.0) certctl.sh: Skipping untrusted certificate f3377b1b (/etc/ssl/untrusted/f3377b1b.0) certctl.sh: Skipping untrusted certificate 08063a00 (/etc/ssl/untrusted/08063a00.0) certctl.sh: Skipping untrusted certificate 18856ac4 (/etc/ssl/untrusted/18856ac4.0) stale symlink detected: lrwxr-xr-x 1 root wheel 31 Nov 11 17:48 /etc/ssl/certs/2ccbdda3.0 -> ../../../tmp/tmp.GHPUFdE4Sq/xer stale symlink detected: lrwxr-xr-x 1 root wheel 31 Nov 11 17:48 /etc/ssl/certs/9e654b62.0 -> ../../../tmp/tmp.GHPUFdE4Sq/xeh stale symlink detected: lrwxr-xr-x 1 root wheel 31 Nov 11 17:48 /etc/ssl/certs/b0d5255e.0 -> ../../../tmp/tmp.GHPUFdE4Sq/xes looking at the source code usr.sbin/certctl/certctl.sh ---------------------------------------------------------------------------------- verbose "Multiple certificates found, splitting..." SPLITDIR=$(mktemp -d) eolcvt "$CFILE" | egrep '^(---|[0-9A-Za-z/+=]+$)' | \ split -p '^-+BEGIN CERTIFICATE-+$' - "$SPLITDIR/x" for CERT in $(find "$SPLITDIR" -type f) ; do "$CFUNC" "$CERT" done rm -rf "$SPLITDIR" ---------------------------------------------------------------------------------- It creates a temp directory, put files inside, link from /etc/ssl/certs/ to the temp files, deletes the temp directory - *boom* In my case CFILE is /usr/local/share/certs/ca-root-nss.crt from the package ca_root_nss -- You are receiving this mail because: You are the assignee for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-290957-227>