[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
04/05: system: Add /etc/ssl symlink; set needed variables in /etc/profil
|
From: |
Mark H. Weaver |
|
Subject: |
04/05: system: Add /etc/ssl symlink; set needed variables in /etc/profile. |
|
Date: |
Tue, 03 Mar 2015 18:49:24 +0000 |
mhw pushed a commit to branch master
in repository guix.
commit 78ab0746a523cc63eca0fd2fe55ac6c5b1ec5d5e
Author: Mark H Weaver <address@hidden>
Date: Tue Mar 3 02:14:14 2015 -0500
system: Add /etc/ssl symlink; set needed variables in /etc/profile.
* gnu/build/activation.scm (activate-etc): Create /etc/ssl symlink.
* gnu/system.scm (etc-directory): Set SSL_CERT_DIR, SSL_CERT_FILE,
and GIT_SSL_CAINFO in /etc/profile.
Co-Authored-By: Ludovic Courtès <address@hidden>
---
gnu/build/activation.scm | 10 ++++++++++
gnu/system.scm | 5 +++++
2 files changed, 15 insertions(+), 0 deletions(-)
diff --git a/gnu/build/activation.scm b/gnu/build/activation.scm
index dfadde3..909e971 100644
--- a/gnu/build/activation.scm
+++ b/gnu/build/activation.scm
@@ -1,5 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2013, 2014 Ludovic Courtès <address@hidden>
+;;; Copyright © 2015 Mark H Weaver <address@hidden>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -200,6 +201,15 @@ numeric gid or #f."
(format #t "populating /etc from ~a...~%" etc)
+ ;; Create the /etc/ssl -> /run/current-system/profile/etc/ssl symlink. This
+ ;; symlink, to a target outside of the store, probably doesn't belong in the
+ ;; static 'etc' store directory. However, if it were to be put there,
+ ;; beware that if /run/current-system/profile/etc/ssl doesn't exist at the
+ ;; time of activation (e.g. when installing a fresh system), the call to
+ ;; 'file-is-directory?' below will fail because it uses 'stat', not 'lstat'.
+ (rm-f "/etc/ssl")
+ (symlink "/run/current-system/profile/etc/ssl" "/etc/ssl")
+
(rm-f "/etc/static")
(symlink etc "/etc/static")
(for-each (lambda (file)
diff --git a/gnu/system.scm b/gnu/system.scm
index 3fe7833..5a3842f 100644
--- a/gnu/system.scm
+++ b/gnu/system.scm
@@ -453,6 +453,11 @@ export EMACSLOADPATH=:/etc/emacs
# when /etc/machine-id is missing. Make sure these warnings are non-fatal.
export DBUS_FATAL_WARNINGS=0
+# These variables are honored by OpenSSL (libssl) and Git.
+export SSL_CERT_DIR=/etc/ssl/certs
+export SSL_CERT_FILE=\"$SSL_CERT_DIR/ca-certificates.crt\"
+export GIT_SSL_CAINFO=\"$SSL_CERT_FILE\"
+
# Allow Aspell to find dictionaries installed in the user profile.
export ASPELL_CONF=\"dict-dir $HOME/.guix-profile/lib/aspell\"
"))
- branch master updated (00e6509 -> 41ce460), Mark H. Weaver, 2015/03/03
- 01/05: Revert "system: Create a single-file certificate bundle in /etc/ssl/certs.", Mark H. Weaver, 2015/03/03
- 04/05: system: Add /etc/ssl symlink; set needed variables in /etc/profile.,
Mark H. Weaver <=
- 05/05: gnu: nss-certs: Install only trusted CA certificates., Mark H. Weaver, 2015/03/03
- 02/05: Revert "system: Add 'x509-certificates' field, and populate /etc/ssl/certs.", Mark H. Weaver, 2015/03/03
- 03/05: profiles: Produce a single-file CA certificate bundle., Mark H. Weaver, 2015/03/03