[Bug 448497] Review Request: ca-certificates - Mozilla CA root bundle package
bugzilla at redhat.com
bugzilla at redhat.com
Tue May 27 15:16:23 UTC 2008
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
Summary: Review Request: ca-certificates - Mozilla CA root bundle package
https://bugzilla.redhat.com/show_bug.cgi?id=448497
------- Additional Comments From fitzsim at redhat.com 2008-05-27 11:16 EST -------
(In reply to comment #1)
> 3) does the java/cacerts file have to be a different directory? I'd vaguely
> prefer it to be at something like /etc/pki/tls/certs/ca-bundle.javadb
My only concern is that some crazy Java apps may completely follow the symlink
then check the file name. Other than that (probably unlikely) problem, I'd
prefer to keep the cacerts name for familiarity to Java administrators. I'm
fine with changing the location though.
This is slightly unrelated but I thought I should note my concern here. Eclipse
sometimes completely follows symlinks to look up locations of files within the
JRE directory layout. For example, it might follow the /usr/bin/java symlink
directly to find the directory where the real binary is located, then look for
another file relative to that directory. This is the only potential
compatibility problem I can foresee by symlinking to an external cacerts file.
But I can't see a good way to address this, and the benefits of an external
cacerts file seem to outweigh this unlikely-to-be-hit incompatibility.
> > Isn't the build requirement on java-1.6.0-openjdk too specific? Could just
> > Buildrequires: java-openjdk or Buildrequires: /usr/bin/keytool be used
> > instead?
>
> Tom F? Using /usr/bin/keytool worked for me.
Yes, requiring java-openjdk is better. I specified the openjdk-specific path in
case /usr/bin/keytool, an alternatives-managed symlink, points to
java-gcj-compat's gkeytool which won't work. That said, this wouldn't be a
concern in koji builds since java-1.5.0-gcj won't be installed there. It's
probably fine (and definitely simpler) to just run /usr/bin/keytool.
--
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
More information about the package-review
mailing list