[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#70926: Having default nss-certs plus nss-certs in operating-system p
|
From: |
Liliana Marie Prikler |
|
Subject: |
bug#70926: Having default nss-certs plus nss-certs in operating-system packages causes problems |
|
Date: |
Tue, 14 May 2024 07:44:30 +0200 |
|
User-agent: |
Evolution 3.48.4 |
Am Montag, dem 13.05.2024 um 22:38 +0100 schrieb Christopher Baines:
> I've seen this when updating systems, but it seems like something is
> wrong with the handling of nss-certs.
>
> I'm on a guix revision with nss-certs by default, and when I add
> nss-certs to my system packages (to simulate not removing it when
> upgrading), it breaks certificates (e.g. wget https://guix.gnu.org/
> doesn't work).
I can confirm this on three machines (two of my own, one from a
relative): Having nss-certs in the packages field unexpectedly breaks
all known certificates.
> My reading of the operating-system-packages code suggests that adding
> nss-certs shouldn't have any effect, but this doesn't seem to be
> working.
It would be really nice to detect the mismatching versions if it's
based on that. IIUC we graft nss-certs now, so that we can hot-swap
stuff like pythons certifi package. Is this use case broken by any
chance?
Cheers