Hi Thilo, Thilo Six wrote: > > -- <snip> -- > >>>>> $ l / | grep '.so' > >>>>> lrwxrwxrwx 1 root root 36 19:22 15.04.2012 libnss3.so -> > >>>>> /usr/lib/x86_64-linux-gnu/libnss3.so > >>>>> lrwxrwxrwx 1 root root 44 19:22 15.04.2012 libsoftokn3.so -> > >>>>> /usr/lib/x86_64-linux-gnu/nss/libsoftokn3.so > -- <snip> -- > > > PS. if it helps. I have '/var/lib/dpkg' version controlled. I allready did > > search the commit history. > -- <snip> -- > > # hg grep --ignore-case libnss3.so [...] > info/ca-certificates-java.postinst:215:-: ln -sf $nsspkg/libnss3.so > $nssjdk/libnss3.so > info/ca-certificates-java.postinst:215:-: rm -f $nssjdk/libnss3.so > info/ca-certificates-java.postinst:215:+: ln -sf $nsspkg/libnss3.so > $nssjdk/libnss3.so > info/ca-certificates-java.postinst:215:+: rm -f $nssjdk/libnss3.so
Bingo. From the changelog of ca-certificates-java: ca-certificates-java (20120524) unstable; urgency=low [ Marc Deslauriers ] [...] * debian/postinst: don't put a symlink in / if jvm doesn't contain nss configuration. (Closes: #665754, #665749). So you actually ran into this stuff. I leave open to the ca-certificates-java maintainers if this not being cleaned up automatically is considered a bug or not (and it hence would just be a duplicate of #665754 and #665749) and which severity it would have. Regards, Axel -- ,''`. | Axel Beckert <a...@debian.org>, http://people.debian.org/~abe/ : :' : | Debian Developer, ftp.ch.debian.org Admin `. `' | 1024D: F067 EA27 26B9 C3FC 1486 202E C09E 1D89 9593 0EDE `- | 4096R: 2517 B724 C5F6 CA99 5329 6E61 2FF9 CD59 6126 16B5 __ This is the maintainer address of Debian's Java team <http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers>. Please use debian-j...@lists.debian.org for discussions and questions.