Re: security/ca_root_nss: Remove duplicate PLIST entry

From: Bernhard Froehlich <>
Date: Wed, 20 Sep 2023 11:17:31 UTC
 ---- On Wed, 20 Sep 2023 10:18:32 +0200  Franco Fichtner  wrote --- 
 > > On 19. Sep 2023, at 1:42 PM, Renato Botelho> wrote:
 > > 
 > > On 19/09/23 05:58, Franco Fichtner wrote:
 > >> Hi,
 > >> Looking at this "blanket" change I'm not sure this is a good way to bring in without discussion
 > >> and especially without a revision change:
 > >>
 > >> The relevant bug was reported here:
 > >>
 > >> And I'd suggest rolling back that recent change or making a better effort at explaining the
 > >> problem it solves.
 > > 
 > > According to the commit log, those files are already handled by @sample entries on pkg-plist so nothing is gonna change on final package.
 > > -- 
 > > Renato Botelho
 > > 
 > So what's the process here?
 > Contacted committer: no response
 > Contacted ports mailing list: no technical discussion
 > Should I raise a bug ticket for the bug ticket with the patch
 > that I wrote?  Should the ca_root_nss maintainer take a look
 > who wasn't involved in the change that I raised concerns about?
 > Do we not want to avoid further bug reports by doing review
 > which wasn't possible for this blanket change in pahbricator?
 > I'm highly confused about the "open source" participation
 > that is required of non-committers.  ;)

Before anyone is going to revert this I'd like to add that it seems to fix a
bug with Custom Root CA for me.

Up to now whenever I have a box with an additional Private Root CA in
/usr/local/share/certs/ and run "certctl rehash" some tools like fetch
work properly up to the point when ca_root_nss is installed.

Removing ca_root_nss also made it work properly:
pkg remove -f ca_root_nss

After the change to ca_root_nss system tools like fetch work fine now
even when ca_root_nss is installed. Did not have any time yet to fully
understand why it behaves like that.

Bernhard Froehlich