Bug#704180: p11-kit: provide package that diverts libnssckbi.so and replaces it with p11-kit-trust.so
Sam Morris
sam at robots.org.uk
Wed Jun 28 14:30:34 BST 2023
On Tue, Jun 27, 2023 at 04:33:06PM +0100, Sam Morris wrote:
> On Fri, Mar 03, 2023 at 02:43:48PM +0000, Sam Morris wrote:
> > Commands to divert the original file and replace it with a symlink:
> >
> > # dpkg-divert --add --rename /usr/lib/x86_64-linux-gnu/libnssckbi.so
> > # ln -sr /usr/lib/x86_64-linux-gnu/pkcs11/p11-kit-trust.so /usr/lib/x86_64-linux-gnu/libnssckbi.so
>
> Unfortunately this no longer works reliably. Since libnssckbi.so is now
> found in /usr/lib/x86_64-linux-gnu, as soon any library package is
> installer or upgraded, ldconfig will be run, which will replace
> the symlink.
Workaround: divert libnssckbi.so to a location outside of
/usr/lib/x86_64-linux-gnu, like so:
# dpkg-divert --local --rename --divert /usr/lib.x86_64-linux-gnu.libnssckbi.so.diverted --add /usr/lib/x86_64-linux-gnu/libnssckbi.so
Adding 'local diversion of /usr/lib/x86_64-linux-gnu/libnssckbi.so to /usr/lib.x86_64-linux-gnu.libnssckbi.so.diverted'
Ugly, but now ldconfig will not find the original file and create a
symlink to it based on its SONAME.
--
Sam Morris <https://robots.org.uk/>
PGP: rsa4096/CAAA AA1A CA69 A83A 892B 1855 D20B 4202 5CDA 27B9
More information about the Pkg-gnutls-maint
mailing list