WITHOUT_OPENSSL and make delete-old
fbsd at xtaz.co.uk
Mon Jul 13 19:14:17 UTC 2015
On Jul 13 11:29, Kevin Oberman wrote:
>On Mon, Jul 13, 2015 at 7:03 AM, Matt Smith <fbsd at xtaz.co.uk> wrote:
>> Hi, I use the ports version of OpenSSL for everything and don't require
>> the base version. As a result I thought I would remove it by adding
>> WITHOUT_OPENSSL into /etc/src.conf and running make delete-old in /usr/src.
>> However this seems to only want to delete things related to kerberos and
>> gssapi, which is understandable as they depend on OpenSSL. However it
>> doesn't seem to touch any OpenSSL files at all. Is this a bug or have I
>> missed something?
>Yes. Several critical base system components require the base OpenSL. So, I
>seem to recall that while WITHOUT_OPENSSL will skip the optional SSL stuff,
>I am pretty sure that some of the OpenSSL always are built and are
>considered too critical to rely on a port being installed... like logging
>in, adding users, etc.
See now I assumed that the only things in the base that used it were
Kerberos, GSSAPI, and OpenSSH. If you read the man page for src.conf it
says that setting WITHOUT_OPENSSL also sets WITHOUT_KERBEROS,
WITHOUT_GSSAPI, and WITHOUT_OPENSSH. This makes me think these are the
only things in the base that do actually use OpenSSL?
Maybe there is actually a lot more that does then. Unfortunately being
the base means I can't just use pkg to look at what's registered against
the shared libs.
More information about the freebsd-stable