[arch-commits] Commit in ca-certificates/trunk (2 files)
Jan Steffens
heftig at archlinux.org
Thu Jun 3 19:41:29 UTC 2021
Date: Thursday, June 3, 2021 @ 19:41:29
Author: heftig
Revision: 417066
20210603-1
Added:
ca-certificates/trunk/ca-certificates-utils.install
Modified:
ca-certificates/trunk/PKGBUILD
-------------------------------+
PKGBUILD | 7 ++++---
ca-certificates-utils.install | 23 +++++++++++++++++++++++
2 files changed, 27 insertions(+), 3 deletions(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2021-06-03 19:35:43 UTC (rev 417065)
+++ PKGBUILD 2021-06-03 19:41:29 UTC (rev 417066)
@@ -3,7 +3,7 @@
pkgbase=ca-certificates
pkgname=(ca-certificates-utils ca-certificates)
-pkgver=20210529
+pkgver=20210603
pkgrel=1
pkgdesc="Common CA certificates"
url="https://src.fedoraproject.org/rpms/ca-certificates"
@@ -22,10 +22,11 @@
package_ca-certificates-utils() {
pkgdesc+=" (utilities)"
- depends=(bash coreutils findutils 'p11-kit>=0.23.19')
+ depends=(bash coreutils findutils 'p11-kit>=0.24.0')
provides=(ca-certificates ca-certificates-java)
conflicts=(ca-certificates-java)
replaces=(ca-certificates-java)
+ install=ca-certificates-utils.install
install -Dt "$pkgdir/usr/bin" update-ca-trust
install -Dt "$pkgdir/usr/share/man/man8" -m644 update-ca-trust.8
@@ -33,7 +34,7 @@
# Trust source directories
# Upstream also adds "blocklist" but that's useless without support in p11-kit
- install -d "$pkgdir"/{etc,usr/share}/$pkgbase/trust-source/{anchors,blacklist}
+ install -d "$pkgdir"/{etc,usr/share}/$pkgbase/trust-source/{anchors,blocklist}
# Directories used by update-ca-trust (aka "trust extract-compat")
install -d "$pkgdir"/etc/{ssl/certs/{edk2,java},$pkgbase/extracted}
Added: ca-certificates-utils.install
===================================================================
--- ca-certificates-utils.install (rev 0)
+++ ca-certificates-utils.install 2021-06-03 19:41:29 UTC (rev 417066)
@@ -0,0 +1,23 @@
+pre_upgrade() {
+ if (( $(vercmp $2 20210603) < 0 )); then
+ local olddir=/etc/ca-certificates/trust-source/blacklist
+ local newdir=/etc/ca-certificates/trust-source/blocklist
+ cat <<MSG
+ > $olddir has been renamed to
+ $newdir
+MSG
+
+ if [[ ! -e $olddir ]]; then
+ : # Do nothing
+ elif [[ -e $newdir ]]; then
+ cat <<MSG
+ > WARNING: $newdir already exists.
+ You must migrate your blocked certificates manually.
+MSG
+ else
+ mv -Tn $olddir $newdir
+ fi
+ fi
+}
+
+# vim:set ts=2 sw=2 et:
More information about the arch-commits
mailing list