Summary: | net-vpn/libreswan - pkg_postinst() goes interactive | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Sławomir Nizio <slawomir.nizio> |
Component: | Current packages | Assignee: | Hans de Graaff <graaff> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | kuraga333 |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Sławomir Nizio
2018-02-28 20:03:41 UTC
Update: changing the if to cert9.db does not help when cert8.db is present because it still asks for the password. Confirm it. Maybe, certutil -N -d "${IPSEC_CONFDIR}" --empty-password instead of certutil -N -d "${IPSEC_CONFDIR}" -f <(echo) ? I've never seen this when updating. Looking at https://libreswan.org/wiki/HOWTO:_Using_NSS_with_libreswan#Creating_the_NSS_db_for_use_with_libreswan this code is outdated anyway as evidenced by the mention of cert9.db. I've gone with Alexander's suggestion of using --empty-password, and I've added an einfo on how to set one in accordance with the libreswan documentation. The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3f8ab4c6aa28f7ec1e54c2a112d3c400119499af commit 3f8ab4c6aa28f7ec1e54c2a112d3c400119499af Author: Hans de Graaff <graaff@gentoo.org> AuthorDate: 2018-11-12 20:03:11 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2018-11-12 20:03:27 +0000 net-vpn/libreswan: avoid interaction in pkg_postinst Generate the NSS database with an emtpy password like other distributions do and indicate how to change that. Also check for the non-deprecated cert9.db file. Fixes: https://bugs.gentoo.org/649068 Signed-off-by: Hans de Graaff <graaff@gentoo.org> Package-Manager: Portage-2.3.51, Repoman-2.3.11 net-vpn/libreswan/libreswan-3.27-r1.ebuild | 113 +++++++++++++++++++++++++++++ 1 file changed, 113 insertions(+) |