Author: ken
Date: Fri Nov 2 12:23:26 2018
New Revision: 20669
Log:
Trunk: use system certificates with perl modules.
Modified:
trunk/BOOK/general.ent
trunk/BOOK/general/prog/perl-modules.xml
trunk/BOOK/introduction/welcome/changelog.xml
trunk/BOOK/networking/netprogs/ntp.xml
trunk/BOOK/postlfs/security/make-ca.xml
Modified: trunk/BOOK/general.ent
==============================================================================
--- trunk/BOOK/general.ent Fri Nov 2 11:20:42 2018 (r20668)
+++ trunk/BOOK/general.ent Fri Nov 2 12:23:26 2018 (r20669)
@@ -1,12 +1,12 @@
<!-- $LastChangedBy$ $Date$ -->
-<!ENTITY day "01"> <!-- Always 2 digits -->
+<!ENTITY day "02"> <!-- Always 2 digits -->
<!ENTITY month "11"> <!-- Always 2 digits -->
<!ENTITY year "2018">
<!ENTITY copyrightdate "2001-&year;">
<!ENTITY copyholder "The BLFS Development Team">
<!ENTITY version "&year;-&month;-&day;">
-<!ENTITY releasedate "November 1st, &year;">
+<!ENTITY releasedate "November 2nd, &year;">
<!ENTITY pubdate "&year;-&month;-&day;"> <!-- metadata req. by TLDP -->
<!ENTITY blfs-version "svn"> <!-- svn|[release #] -->
<!ENTITY lfs-version "development"> <!-- x.y|development -->
Modified: trunk/BOOK/general/prog/perl-modules.xml
==============================================================================
--- trunk/BOOK/general/prog/perl-modules.xml Fri Nov 2 11:20:42 2018
(r20668)
+++ trunk/BOOK/general/prog/perl-modules.xml Fri Nov 2 12:23:26 2018
(r20669)
@@ -1591,7 +1591,20 @@
<para>LWP::Protocol::https provides https support for
LWP::UserAgent (i.e. for LWP). This module uses the
- standard <xref linkend="perl-standard-install"/>.</para>
+ standard <xref linkend="perl-standard-install"/> but requires
+ a patch to use the system certificates (using the CPAN automated
+ install will instead use <application>Mozilla::CA</application>).
+ </para>
+
+ <bridgehead renderas="sect4">Additional Download</bridgehead>
+ <itemizedlist spacing="compact">
+ <listitem>
+ <para>
+ Required patch:
+ <ulink
url="&patch-root;/LWP-Protocol-https-&LWP-Protocol-https-version;-system_certs-1.patch"/>
+ </para>
+ </listitem>
+ </itemizedlist>
<!-- LWP-Protocol-https -->
&lfs83_checked;
@@ -1609,14 +1622,18 @@
<listitem>
<para><xref linkend="perl-lwp"/></para>
</listitem>
-
<listitem>
<para><xref linkend="perl-io-socket-ssl"/></para>
</listitem>
+ <listitem>
+ <para><xref linkend="make-ca"/> with the
+ <literal>/etc/pki/tls/certs/ca-bundle.crt</literal> symlink
+ </para>
+ </listitem>
- <listitem><literallayout><ulink
url="https://cpan.metacpan.org/authors/id/A/AB/ABH/Mozilla-CA-20180117.tar.gz";>Mozilla::CA</ulink>
+<!-- <listitem><literallayout><ulink
url="https://cpan.metacpan.org/authors/id/A/AB/ABH/Mozilla-CA-20180117.tar.gz";>Mozilla::CA</ulink>
(https://cpan.metacpan.org/authors/id/A/AB/ABH/Mozilla-CA-20180117.tar.gz)</literallayout>
- </listitem>
+ </listitem>-->
</itemizedlist>
</listitem>
@@ -2726,14 +2743,14 @@
<para>Install <application>Perl</application> modules by running the
following commands:</para>
-<!--
- <para>For <xref linkend="perl-data-uniqid"/>, first apply the required
+
+ <para>For <xref linkend="perl-lwp-protocol-https"/>, first apply the
required
patch with:</para>
-<screen><userinput>patch -Np1 -i
../Data-Uniqid-&Data-Uniqid-version;-disable_failing_test-1.patch</userinput></screen>
+<screen><userinput>patch -Np1 -i
../LWP-Protocol-https-&LWP-Protocol-https-version;-system_certs-1.patch</userinput></screen>
<para>Then, or for all other modules using the standard installation,
proceed
- with:</para>-->
+ with:</para>
<screen><userinput>perl Makefile.PL &&
make &&
Modified: trunk/BOOK/introduction/welcome/changelog.xml
==============================================================================
--- trunk/BOOK/introduction/welcome/changelog.xml Fri Nov 2 11:20:42
2018 (r20668)
+++ trunk/BOOK/introduction/welcome/changelog.xml Fri Nov 2 12:23:26
2018 (r20669)
@@ -42,6 +42,17 @@
</listitem>
-->
<listitem>
+ <para>November 2nd, 2018</para>
+ <itemizedlist>
+ <listitem>
+ <para>[ken] - Add a symlink to make-ca so that Perl modules can
+ find the system certificates, and drop module Mozilla::CA. Fixes
+ <ulink url="&blfs-ticket-root;11307">#11307</ulink>.</para>
+ </listitem>
+ </itemizedlist>
+ </listitem>
+
+ <listitem>
<para>November 1st, 2018</para>
<itemizedlist>
<listitem>
Modified: trunk/BOOK/networking/netprogs/ntp.xml
==============================================================================
--- trunk/BOOK/networking/netprogs/ntp.xml Fri Nov 2 11:20:42 2018
(r20668)
+++ trunk/BOOK/networking/netprogs/ntp.xml Fri Nov 2 12:23:26 2018
(r20669)
@@ -62,9 +62,9 @@
<bridgehead renderas="sect4">Required</bridgehead>
<para role="required">
- <xref linkend="perl-lwp-protocol-https"/>
+ <xref linkend="perl-io-socket-ssl"/>
</para>
-
+
<!-- Tested 4.2.8p11 with neither wget nor lynx on system: Not required.
<bridgehead renderas="sect4">Recommended</bridgehead>
<para role="recommended">
Modified: trunk/BOOK/postlfs/security/make-ca.xml
==============================================================================
--- trunk/BOOK/postlfs/security/make-ca.xml Fri Nov 2 11:20:42 2018
(r20668)
+++ trunk/BOOK/postlfs/security/make-ca.xml Fri Nov 2 12:23:26 2018
(r20669)
@@ -143,7 +143,10 @@
<application>make-ca</application> script into the correct location.
As the <systemitem class="username">root</systemitem> user:</para>
-<screen role="root"><userinput>make install</userinput></screen>
+<screen role="root"><userinput>make install
&&
+mkdir -pv /etc/pki/tls/certs &&
+ln -svf /etc/ssl/ca-bundle.crt \
+ /etc/pki/tls/certs/ca-bundle.crt</userinput></screen>
<para>As the <systemitem class="username">root</systemitem> user, after
installing <xref linkend="p11-kit"/>, download the certificate source and
--
http://lists.linuxfromscratch.org/listinfo/blfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
