git: build - Update pkg-static to version 03, bootstrap https

Matthew Dillon dillon at crater.dragonflybsd.org
Sat Jul 27 21:47:22 PDT 2019


commit 6ed354895f494f0a28d0634b4c643b35d3b0aa99
Author: Matthew Dillon <dillon at apollo.backplane.com>
Date:   Sat Jul 27 21:42:23 2019 -0700

    build - Update pkg-static to version 03, bootstrap https
    
    * There appears to be a database versioning issue between pkg-static
      and pkg on master, re-synchronize the pkg-static tarball.
    
    * Currently the pkg bootstrap installs a df-latest.conf with
      http:// paths instead of https:// paths, because it doesn't
      have the CA root.
    
      After installing pkg, Makefile.usr now also installs ca_root_nss
      and then copies the df-latest.conf.sample file to df-latest.conf,
      thus installing the official df-latest.conf using https.
    
    * Note that this sequence is not entirely safe because the initial
      bootstrap will be insecure if the CA root certificates are not
      already installed.  They should be installed by our official images,
      but will not be (currently) if one creates an absolutely pristine
      base system with installworld/installkernel/distribution.
    
      The bootstrap should now work in both situations, but we really
      need to include root certs in the base system I think.

Summary of changes:
 etc/Makefile.usr | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/6ed354895f494f0a28d0634b4c643b35d3b0aa99


-- 
DragonFly BSD source repository


More information about the Commits mailing list