path: root/release/packages
diff options
authorKyle Evans <kevans@FreeBSD.org>2020-01-29 18:47:08 +0000
committerKyle Evans <kevans@FreeBSD.org>2020-01-29 18:47:08 +0000
commitfbd46fe94ab7de664fd396144d03d6c6b5e22c19 (patch)
tree9919c0e722e21cb778fbb40487ff98fc759da821 /release/packages
parent4be465ab468ad37003826f11ad3465db5168c95d (diff)
pkgbase: fix caroot packaging and add post-install script
The original intention for caroot was to be packaged separately, perhaps so that users can have a more/less conservative upgrade policy for this separated from the rest of base. secure/caroot/Makefile doesn't have anything interesting to package, but its subdirectories might. Move the PACKAGE= to Makefile.inc so both blacklisted and trusted get packaged consistently into the correct one rather than the default -utilities. Also tag the directories for package=caroot, as they could also be empty; blacklisted is empty by default, but trusted is not. Add a post-install script to do certctl rehash, along with a note should we eventually come up with a way to detect that files have been added or removed that requires a rehash. -caroot gets a dependency on -utilities, as that's where we provide certctl at the moment. We can perhaps reconsider this and put certctl into this package in the future, but there are some bits within -utilities that unconditionally invoke certctl so let's hold off for now. Reviewed by: manu (earlier version, before -utilities dep added) Differential Revision: https://reviews.freebsd.org/D23352
Notes: svn path=/head/; revision=357264
Diffstat (limited to 'release/packages')
2 files changed, 34 insertions, 0 deletions
diff --git a/release/packages/caroot.ucl b/release/packages/caroot.ucl
new file mode 100644
index 000000000000..923601ea0f3e
--- /dev/null
+++ b/release/packages/caroot.ucl
@@ -0,0 +1,31 @@
+# $FreeBSD$
+name = "FreeBSD-%PKGNAME%"
+origin = "base"
+version = "%VERSION%"
+comment = "%COMMENT%"
+categories = [ base ]
+maintainer = "re@FreeBSD.org"
+www = "https://www.FreeBSD.org"
+prefix = "/"
+licenselogic = "single"
+licenses = [ BSD2CLAUSE ]
+desc = <<EOD
+deps: {
+ FreeBSD-%PKGDEPS%: {
+ origin: "base",
+ version: "%VERSION%"
+ }
+scripts: {
+ # XXX If pkg picks up a mechanism to detect in the post-install script
+ # files being added or removed, we should use it instead to gate the
+ # rehash.
+ post-install = <<EOD
+ [ -x /usr/sbin/certctl ] && /usr/sbin/certctl rehash
diff --git a/release/packages/generate-ucl.sh b/release/packages/generate-ucl.sh
index bcf71e9919f6..eff7e3ab8504 100755
--- a/release/packages/generate-ucl.sh
+++ b/release/packages/generate-ucl.sh
@@ -34,6 +34,9 @@ main() {
outname="$(echo ${outname} | tr '-' '_')"
case "${outname}" in
+ caroot)
+ pkgdeps="utilities"
+ ;;