Re: dropping NSS DBM format support in F33+
On 6/11/20 8:37 AM, Robert Relyea wrote:
On 4/23/20 11:16 AM, Brian C. Lane wrote:
On Wed, Apr 22, 2020 at 10:11:25AM +0200, Daiki Ueno wrote:
Hello,
I am not sure if this deserves a Fedora Change proposal, so I'd like to
hear any opinions first before proceeding with the process.
NSS (the crypto library used by Firefox) historically supports 2
database formats: SQLite and DBM. The latter is considered legacy and
we switched the default database format to SQLite in F28[1]. Since then
I presume most of the applications have switched to the new format.
Therefore we are planning to phase out the support of DBM, targetting
F33+.
How will that effect people who have been upgrading since before F28?
Will the DBM database be transitioned to SQLite (or has it already)?
It depends on how the database was used. NSS automatically updates to
the new format if:
1) the database is opened R/W, and
2) the user has authenticated to the database (logged into to it). If
the database has no password, then only (1) is required.
Most use cases will, most likely, have caused the above changes.
Firefox would have triggered a login anytime the user first needs to
access tha master password list. Thunderbird and servers would have
triggered those conditions when the certificate was renewed.
If you aren't sure, you can manually force an update on any fedora
version before F33 with the following command:
certutil -K -X -d {directory_of_nss_database}
If you are running on a system pre-F28, you need to add sql: before the
{directory_of_nss_database}. This should work on any system built since
2005.
and supply the password when prompted.
bob
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Re: dropping NSS DBM format support in F33+
On 4/23/20 11:16 AM, Brian C. Lane wrote:
On Wed, Apr 22, 2020 at 10:11:25AM +0200, Daiki Ueno wrote:
Hello,
I am not sure if this deserves a Fedora Change proposal, so I'd like to
hear any opinions first before proceeding with the process.
NSS (the crypto library used by Firefox) historically supports 2
database formats: SQLite and DBM. The latter is considered legacy and
we switched the default database format to SQLite in F28[1]. Since then
I presume most of the applications have switched to the new format.
Therefore we are planning to phase out the support of DBM, targetting
F33+.
How will that effect people who have been upgrading since before F28?
Will the DBM database be transitioned to SQLite (or has it already)?
It depends on how the database was used. NSS automatically updates to
the new format if:
1) the database is opened R/W, and
2) the user has authenticated to the database (logged into to it). If
the database has no password, then only (1) is required.
Most use cases will, most likely, have caused the above changes. Firefox
would have triggered a login anytime the user first needs to access tha
master password list. Thunderbird and servers would have triggered
those conditions when the certificate was renewed.
If you aren't sure, you can manually force an update on any fedora
version before F33 with the following command:
certutil -K -X -d {directory_of_nss_database}
and supply the password when prompted.
bob
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Re: dropping NSS DBM format support in F33+
Ankur Sinha writes: >> NSS (the crypto library used by Firefox) historically supports 2 >> database formats: SQLite and DBM. The latter is considered legacy and >> we switched the default database format to SQLite in F28[1]. Since then >> I presume most of the applications have switched to the new format. >> Therefore we are planning to phase out the support of DBM, targetting >> F33+. >> >> Please let me know if there is any concern. > > I personally don't have any concerns, but perhaps a "self contained > change" would be good simply to ensure that everyone clearly aware of > this change? Thanks Ankur, that makes sense. I have proposed a change now: https://fedoraproject.org/wiki/Changes/NSSDBMRemoval Now that pesign package has been updated to use the new SQLite format, I'm going to re-disable dbm in the F-33 build soon. Regards, -- Daiki Ueno ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Re: dropping NSS DBM format support in F33+
On Mon, Apr 27, 2020 at 5:54 PM Paul Moore wrote: > On Sat, Apr 25, 2020 at 1:21 PM Justin Forbes wrote: > > On Sat, Apr 25, 2020 at 10:21 AM Daiki Ueno wrote: > > > > > > Hello Ondrej, > > > > > > Ondrej Mosnacek writes: > > > > > > > On Fri, Apr 24, 2020 at 11:12 PM Ondrej Mosnacek > > > > wrote: > > > >> On Fri, Apr 24, 2020 at 8:50 PM Ondrej Mosnacek > > > >> wrote: > > > >> > On Wed, Apr 22, 2020 at 10:12 AM Daiki Ueno > > > >> > wrote: > > > >> > > Hello, > > > >> > > > > > >> > > I am not sure if this deserves a Fedora Change proposal, so I'd > > > >> > > like to > > > >> > > hear any opinions first before proceeding with the process. > > > >> > > > > > >> > > NSS (the crypto library used by Firefox) historically supports 2 > > > >> > > database formats: SQLite and DBM. The latter is considered legacy > > > >> > > and > > > >> > > we switched the default database format to SQLite in F28[1]. > > > >> > > Since then > > > >> > > I presume most of the applications have switched to the new format. > > > >> > > Therefore we are planning to phase out the support of DBM, > > > >> > > targetting > > > >> > > F33+. > > > >> > > > > > >> > > Please let me know if there is any concern. > > > >> > > > > >> > It seems this broke the kernel build. I did some scratch build today > > > >> > to test some patches, but it failed with this: > > > >> > > > > >> > + /usr/bin/pesign -c 'Red Hat Test Certificate' --certdir > > > >> > /etc/pki/pesign-rh-test -i arch/x86/boot/bzImage -o vmlinuz.signed -s > > > >> > pesign: Could not initialize nss. > > > >> > NSS says "The certificate/key database is in an old, unsupported > > > >> > format." errno says "No such file or directory" > > > >> > error: Bad exit status from /var/tmp/rpm-tmp.YKqoK0 (%build) > > > >> > RPM build errors: > > > >> > Bad exit status from /var/tmp/rpm-tmp.YKqoK0 (%build) > > > >> > Child return code was: 1 > > > >> > > > >> Probably related: https://github.com/rhboot/pesign/issues/34 > > > > > > > > I filed a bug against pesign here: > > > > https://bugzilla.redhat.com/show_bug.cgi?id=1827902 > > > > > > Good catch, and thank you for filing the bug. For the meantime I > > > reverted the DBM disablement to unblock the kernel package build: > > > https://src.fedoraproject.org/rpms/nss/c/fc0174ead16bac476cce55fb2918fbfd9b448023?branch=master > > > > > > > Thanks for that, I know they were working on a fix for pesign on > > Friday, but I am not sure what their timeframe is. > > I hit this over the weekend, does anyone have a workaround? The NSS change has been reverted, so kernel builds should work now (worked for me this morning [CEST]). -- Ondrej Mosnacek Software Engineer, Security Technologies Red Hat, Inc. ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Re: dropping NSS DBM format support in F33+
"James Cassell" writes: > On Sat, Apr 25, 2020, at 6:21 AM, Ondrej Mosnacek wrote: >> On Fri, Apr 24, 2020 at 11:12 PM Ondrej Mosnacek wrote: >> > On Fri, Apr 24, 2020 at 8:50 PM Ondrej Mosnacek >> > wrote: >> > > On Wed, Apr 22, 2020 at 10:12 AM Daiki Ueno >> > > wrote: >> > > > Hello, >> > > > >> > > > I am not sure if this deserves a Fedora Change proposal, so I'd like to >> > > > hear any opinions first before proceeding with the process. >> > > > >> > > > NSS (the crypto library used by Firefox) historically supports 2 >> > > > database formats: SQLite and DBM. The latter is considered legacy and >> > > > we switched the default database format to SQLite in F28[1]. Since >> > > > then >> > > > I presume most of the applications have switched to the new format. >> > > > Therefore we are planning to phase out the support of DBM, targetting >> > > > F33+. >> > > > >> > > > Please let me know if there is any concern. >> > > >> > > It seems this broke the kernel build. I did some scratch build today >> > > to test some patches, but it failed with this: >> > > >> > > + /usr/bin/pesign -c 'Red Hat Test Certificate' --certdir >> > > /etc/pki/pesign-rh-test -i arch/x86/boot/bzImage -o vmlinuz.signed -s >> > > pesign: Could not initialize nss. >> > > NSS says "The certificate/key database is in an old, unsupported >> > > format." errno says "No such file or directory" >> > > error: Bad exit status from /var/tmp/rpm-tmp.YKqoK0 (%build) >> > > RPM build errors: >> > > Bad exit status from /var/tmp/rpm-tmp.YKqoK0 (%build) >> > > Child return code was: 1 >> > >> > Probably related: https://github.com/rhboot/pesign/issues/34 >> >> I filed a bug against pesign here: >> https://bugzilla.redhat.com/show_bug.cgi?id=1827902 >> > > Shouldn't > https://fedoraproject.org/wiki/Changes/NSSDefaultFileFormatSql have > prevented such bugs? I.e., why didn't the default change get picked up > automatically here? Usually, if the NSS database is created on-the-fly on the system, it should be automatically migrated. However, it doesn't help in this case because the pesign package embeds NSS database only in the old format (as you see with rpm -ql pesign). Regards, -- Daiki Ueno ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Re: dropping NSS DBM format support in F33+
On Sat, Apr 25, 2020 at 10:21 AM Daiki Ueno wrote: > > Hello Ondrej, > > Ondrej Mosnacek writes: > > > On Fri, Apr 24, 2020 at 11:12 PM Ondrej Mosnacek > > wrote: > >> On Fri, Apr 24, 2020 at 8:50 PM Ondrej Mosnacek > >> wrote: > >> > On Wed, Apr 22, 2020 at 10:12 AM Daiki Ueno > >> > wrote: > >> > > Hello, > >> > > > >> > > I am not sure if this deserves a Fedora Change proposal, so I'd like to > >> > > hear any opinions first before proceeding with the process. > >> > > > >> > > NSS (the crypto library used by Firefox) historically supports 2 > >> > > database formats: SQLite and DBM. The latter is considered legacy and > >> > > we switched the default database format to SQLite in F28[1]. Since > >> > > then > >> > > I presume most of the applications have switched to the new format. > >> > > Therefore we are planning to phase out the support of DBM, targetting > >> > > F33+. > >> > > > >> > > Please let me know if there is any concern. > >> > > >> > It seems this broke the kernel build. I did some scratch build today > >> > to test some patches, but it failed with this: > >> > > >> > + /usr/bin/pesign -c 'Red Hat Test Certificate' --certdir > >> > /etc/pki/pesign-rh-test -i arch/x86/boot/bzImage -o vmlinuz.signed -s > >> > pesign: Could not initialize nss. > >> > NSS says "The certificate/key database is in an old, unsupported > >> > format." errno says "No such file or directory" > >> > error: Bad exit status from /var/tmp/rpm-tmp.YKqoK0 (%build) > >> > RPM build errors: > >> > Bad exit status from /var/tmp/rpm-tmp.YKqoK0 (%build) > >> > Child return code was: 1 > >> > >> Probably related: https://github.com/rhboot/pesign/issues/34 > > > > I filed a bug against pesign here: > > https://bugzilla.redhat.com/show_bug.cgi?id=1827902 > > Good catch, and thank you for filing the bug. For the meantime I > reverted the DBM disablement to unblock the kernel package build: > https://src.fedoraproject.org/rpms/nss/c/fc0174ead16bac476cce55fb2918fbfd9b448023?branch=master > Thanks for that, I know they were working on a fix for pesign on Friday, but I am not sure what their timeframe is. Justin ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Re: dropping NSS DBM format support in F33+
On Sat, Apr 25, 2020, at 6:21 AM, Ondrej Mosnacek wrote: > On Fri, Apr 24, 2020 at 11:12 PM Ondrej Mosnacek wrote: > > On Fri, Apr 24, 2020 at 8:50 PM Ondrej Mosnacek wrote: > > > On Wed, Apr 22, 2020 at 10:12 AM Daiki Ueno > > > wrote: > > > > Hello, > > > > > > > > I am not sure if this deserves a Fedora Change proposal, so I'd like to > > > > hear any opinions first before proceeding with the process. > > > > > > > > NSS (the crypto library used by Firefox) historically supports 2 > > > > database formats: SQLite and DBM. The latter is considered legacy and > > > > we switched the default database format to SQLite in F28[1]. Since then > > > > I presume most of the applications have switched to the new format. > > > > Therefore we are planning to phase out the support of DBM, targetting > > > > F33+. > > > > > > > > Please let me know if there is any concern. > > > > > > It seems this broke the kernel build. I did some scratch build today > > > to test some patches, but it failed with this: > > > > > > + /usr/bin/pesign -c 'Red Hat Test Certificate' --certdir > > > /etc/pki/pesign-rh-test -i arch/x86/boot/bzImage -o vmlinuz.signed -s > > > pesign: Could not initialize nss. > > > NSS says "The certificate/key database is in an old, unsupported > > > format." errno says "No such file or directory" > > > error: Bad exit status from /var/tmp/rpm-tmp.YKqoK0 (%build) > > > RPM build errors: > > > Bad exit status from /var/tmp/rpm-tmp.YKqoK0 (%build) > > > Child return code was: 1 > > > > Probably related: https://github.com/rhboot/pesign/issues/34 > > I filed a bug against pesign here: > https://bugzilla.redhat.com/show_bug.cgi?id=1827902 > Shouldn't https://fedoraproject.org/wiki/Changes/NSSDefaultFileFormatSql have prevented such bugs? I.e., why didn't the default change get picked up automatically here? V/r, James Cassell ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Re: dropping NSS DBM format support in F33+
Hello Ondrej, Ondrej Mosnacek writes: > On Fri, Apr 24, 2020 at 11:12 PM Ondrej Mosnacek wrote: >> On Fri, Apr 24, 2020 at 8:50 PM Ondrej Mosnacek wrote: >> > On Wed, Apr 22, 2020 at 10:12 AM Daiki Ueno wrote: >> > > Hello, >> > > >> > > I am not sure if this deserves a Fedora Change proposal, so I'd like to >> > > hear any opinions first before proceeding with the process. >> > > >> > > NSS (the crypto library used by Firefox) historically supports 2 >> > > database formats: SQLite and DBM. The latter is considered legacy and >> > > we switched the default database format to SQLite in F28[1]. Since then >> > > I presume most of the applications have switched to the new format. >> > > Therefore we are planning to phase out the support of DBM, targetting >> > > F33+. >> > > >> > > Please let me know if there is any concern. >> > >> > It seems this broke the kernel build. I did some scratch build today >> > to test some patches, but it failed with this: >> > >> > + /usr/bin/pesign -c 'Red Hat Test Certificate' --certdir >> > /etc/pki/pesign-rh-test -i arch/x86/boot/bzImage -o vmlinuz.signed -s >> > pesign: Could not initialize nss. >> > NSS says "The certificate/key database is in an old, unsupported >> > format." errno says "No such file or directory" >> > error: Bad exit status from /var/tmp/rpm-tmp.YKqoK0 (%build) >> > RPM build errors: >> > Bad exit status from /var/tmp/rpm-tmp.YKqoK0 (%build) >> > Child return code was: 1 >> >> Probably related: https://github.com/rhboot/pesign/issues/34 > > I filed a bug against pesign here: > https://bugzilla.redhat.com/show_bug.cgi?id=1827902 Good catch, and thank you for filing the bug. For the meantime I reverted the DBM disablement to unblock the kernel package build: https://src.fedoraproject.org/rpms/nss/c/fc0174ead16bac476cce55fb2918fbfd9b448023?branch=master Regards, -- Daiki Ueno ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Re: dropping NSS DBM format support in F33+
On Fri, Apr 24, 2020 at 11:12 PM Ondrej Mosnacek wrote: > On Fri, Apr 24, 2020 at 8:50 PM Ondrej Mosnacek wrote: > > On Wed, Apr 22, 2020 at 10:12 AM Daiki Ueno wrote: > > > Hello, > > > > > > I am not sure if this deserves a Fedora Change proposal, so I'd like to > > > hear any opinions first before proceeding with the process. > > > > > > NSS (the crypto library used by Firefox) historically supports 2 > > > database formats: SQLite and DBM. The latter is considered legacy and > > > we switched the default database format to SQLite in F28[1]. Since then > > > I presume most of the applications have switched to the new format. > > > Therefore we are planning to phase out the support of DBM, targetting > > > F33+. > > > > > > Please let me know if there is any concern. > > > > It seems this broke the kernel build. I did some scratch build today > > to test some patches, but it failed with this: > > > > + /usr/bin/pesign -c 'Red Hat Test Certificate' --certdir > > /etc/pki/pesign-rh-test -i arch/x86/boot/bzImage -o vmlinuz.signed -s > > pesign: Could not initialize nss. > > NSS says "The certificate/key database is in an old, unsupported > > format." errno says "No such file or directory" > > error: Bad exit status from /var/tmp/rpm-tmp.YKqoK0 (%build) > > RPM build errors: > > Bad exit status from /var/tmp/rpm-tmp.YKqoK0 (%build) > > Child return code was: 1 > > Probably related: https://github.com/rhboot/pesign/issues/34 I filed a bug against pesign here: https://bugzilla.redhat.com/show_bug.cgi?id=1827902 -- Ondrej Mosnacek Software Engineer, Security Technologies Red Hat, Inc. ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Re: dropping NSS DBM format support in F33+
On Fri, Apr 24, 2020 at 8:50 PM Ondrej Mosnacek wrote: > On Wed, Apr 22, 2020 at 10:12 AM Daiki Ueno wrote: > > Hello, > > > > I am not sure if this deserves a Fedora Change proposal, so I'd like to > > hear any opinions first before proceeding with the process. > > > > NSS (the crypto library used by Firefox) historically supports 2 > > database formats: SQLite and DBM. The latter is considered legacy and > > we switched the default database format to SQLite in F28[1]. Since then > > I presume most of the applications have switched to the new format. > > Therefore we are planning to phase out the support of DBM, targetting > > F33+. > > > > Please let me know if there is any concern. > > It seems this broke the kernel build. I did some scratch build today > to test some patches, but it failed with this: > > + /usr/bin/pesign -c 'Red Hat Test Certificate' --certdir > /etc/pki/pesign-rh-test -i arch/x86/boot/bzImage -o vmlinuz.signed -s > pesign: Could not initialize nss. > NSS says "The certificate/key database is in an old, unsupported > format." errno says "No such file or directory" > error: Bad exit status from /var/tmp/rpm-tmp.YKqoK0 (%build) > RPM build errors: > Bad exit status from /var/tmp/rpm-tmp.YKqoK0 (%build) > Child return code was: 1 Probably related: https://github.com/rhboot/pesign/issues/34 -- Ondrej Mosnacek Software Engineer, Security Technologies Red Hat, Inc. ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Re: dropping NSS DBM format support in F33+
On Wed, Apr 22, 2020 at 10:12 AM Daiki Ueno wrote: > Hello, > > I am not sure if this deserves a Fedora Change proposal, so I'd like to > hear any opinions first before proceeding with the process. > > NSS (the crypto library used by Firefox) historically supports 2 > database formats: SQLite and DBM. The latter is considered legacy and > we switched the default database format to SQLite in F28[1]. Since then > I presume most of the applications have switched to the new format. > Therefore we are planning to phase out the support of DBM, targetting > F33+. > > Please let me know if there is any concern. It seems this broke the kernel build. I did some scratch build today to test some patches, but it failed with this: + /usr/bin/pesign -c 'Red Hat Test Certificate' --certdir /etc/pki/pesign-rh-test -i arch/x86/boot/bzImage -o vmlinuz.signed -s pesign: Could not initialize nss. NSS says "The certificate/key database is in an old, unsupported format." errno says "No such file or directory" error: Bad exit status from /var/tmp/rpm-tmp.YKqoK0 (%build) RPM build errors: Bad exit status from /var/tmp/rpm-tmp.YKqoK0 (%build) Child return code was: 1 Here is a clean scratch build from current dist-git master: https://koji.fedoraproject.org/koji/taskinfo?taskID=43737486 At the time of writing it failed on x86_64 with this error and passed on s390x (it seems pesign is not run there). > > Footnotes: > [1] https://fedoraproject.org/wiki/Changes/NSSDefaultFileFormatSql > > Regards, > -- > Daiki Ueno > > ___ > devel mailing list -- devel@lists.fedoraproject.org > To unsubscribe send an email to devel-le...@lists.fedoraproject.org > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org -- Ondrej Mosnacek Software Engineer, Security Technologies Red Hat, Inc. ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Re: dropping NSS DBM format support in F33+
On Wed, Apr 22, 2020 at 10:11:25AM +0200, Daiki Ueno wrote: > Hello, > > I am not sure if this deserves a Fedora Change proposal, so I'd like to > hear any opinions first before proceeding with the process. > > NSS (the crypto library used by Firefox) historically supports 2 > database formats: SQLite and DBM. The latter is considered legacy and > we switched the default database format to SQLite in F28[1]. Since then > I presume most of the applications have switched to the new format. > Therefore we are planning to phase out the support of DBM, targetting > F33+. How will that effect people who have been upgrading since before F28? Will the DBM database be transitioned to SQLite (or has it already)? Brian -- Brian C. Lane (PST8PDT) - weldr.io - lorax - parted - pykickstart ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Re: dropping NSS DBM format support in F33+
On Wed, Apr 22, 2020 10:11:25 +0200, Daiki Ueno wrote: > Hello, Hi Daiki, > > I am not sure if this deserves a Fedora Change proposal, so I'd like to > hear any opinions first before proceeding with the process. > > NSS (the crypto library used by Firefox) historically supports 2 > database formats: SQLite and DBM. The latter is considered legacy and > we switched the default database format to SQLite in F28[1]. Since then > I presume most of the applications have switched to the new format. > Therefore we are planning to phase out the support of DBM, targetting > F33+. > > Please let me know if there is any concern. I personally don't have any concerns, but perhaps a "self contained change" would be good simply to ensure that everyone clearly aware of this change? -- Thanks, Regards, Ankur Sinha "FranciscoD" (He / Him / His) | https://fedoraproject.org/wiki/User:Ankursinha Time zone: Europe/London signature.asc Description: PGP signature ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
dropping NSS DBM format support in F33+
Hello, I am not sure if this deserves a Fedora Change proposal, so I'd like to hear any opinions first before proceeding with the process. NSS (the crypto library used by Firefox) historically supports 2 database formats: SQLite and DBM. The latter is considered legacy and we switched the default database format to SQLite in F28[1]. Since then I presume most of the applications have switched to the new format. Therefore we are planning to phase out the support of DBM, targetting F33+. Please let me know if there is any concern. Footnotes: [1] https://fedoraproject.org/wiki/Changes/NSSDefaultFileFormatSql Regards, -- Daiki Ueno ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
