List ecs-isp@2rosenthals.com Arkiverade meddelande #1122 föregående meddelande nästa meddelande Tillbaks till lista

Från: "Steven Levine" <ecs-isp@2rosenthals.com> Meddelandehuvud
Oavkodat meddelande
Ämne: Re: [eCS-ISP] (clamav) freshclam and cron/2
Datum: Thu, 26 Dec 2024 08:39:46 -0800
Till: "eCS ISP Mailing List" <ecs-isp@2rosenthals.com>

In <list-11580795@2rosenthals.com>, on 12/26/24
   at 04:59 PM, "Massimo S." <ecs-isp@2rosenthals.com> said:

Hi Massimo,

>i only use yum..

If you are going to use yum rather than anpm, I recommend you spend a bit
more time learning how to use it to do the things that anpm typically does
automatically for end-users.

FWIW, I don't believe you only use yum.  Unzip is not yum.

>anyway the package do not work

The package works fine.  It appears you failed to install the package
properly.  Typically you neglected to tell us the commands that did not do
what you expected them to, so we can only guess how you led yourself
astray.  That said, I am pretty good at guessing.

>it do not contains any certificate file
>only links to cert files that do not exist :(

If you used yum correctly, it should have installed the package correctly,
but to repeat myself, unless you report the failing command(s) exactly as
you typed them, there's no way anyone can tell you whether or not this is
the case.

>the links point here
>\etc\pki\ca-trust\extracted\pem

Actually, no they don't.  The links point to files in this directory.
This matters because yum does not understand directory dependencies, only
file dependencies.

You cannot type

  yum provides /@unixroot/etc/pki/ca-trust/extracted/pem

and expect any useful output.

>and in this dir there is only a readme file
>even with the 2020 one
>https://rpm.netlabs.org/release/00/zip/ca-certificates-2020_2_41-1_oc00.zip

That's comparatively antique.

You really should learn to use yum provides.  The command exists for a
reason.

Since the symlink points to

  /@unixroot/etc/pki/ca-trust/extracted/openssl/ca-bundle.trust.crt

yum --disablerepo=*exp provides
/@unixroot/etc/pki/ca-trust/extracted/openssl/ca-bundle.trust.crt

reports the most recent version of the package is

  ca-certificates-2021.2.50-1.oc00.noarch : The Mozilla CA root
certificate bundle
  Repo        : @netlabs-exp
  Matched from:
  Filename    :
/@unixroot/etc/pki/ca-trust/extracted/openssl/ca-bundle.trust.crt

So

  yum update ca-certificates

should have gotten you a properly installed set of certs.

Paul pointed you at the zip file which, unfortunately in this case, will
not work for you unless you know what you are doing.  Rpm files are not
zip files and this is one of the times when you cannot unzip the contents
and expect it work the same as yum update.

The spec file defines a post install scriptlet:

ca-certificates.spec:362
%post
#if [ $1 -gt 1 ] ; then
#  # when upgrading or downgrading
#fi
# if ln is available, go ahead and run the ca-legacy and update # scripts.
If not, wait until %posttrans.
if [ -x %{_bindir}/ln ]; then
%{_bindir}/ca-legacy install
%{_bindir}/update-ca-trust
fi

As the ca-legacy and update-ca-trust scriptlet names imply, these scripts
create the files you are missing.

Those reading along might note that my yum command are often decorated
with some variation of

  yum --noplugins --disablerepo=*exp -C

This is my 4OS2 Alt-Y alias which saves lots of typing.  The switch
options turn off defaults that I typically don't need

Steven

--
----------------------------------------------------------------------
"Steven Levine" <steve53@earthlink.net>  Warp/DIY/BlueLion etc.
www.scoug.com www.arcanoae.com www.warpcave.com
----------------------------------------------------------------------
Prenumerera: Sändning, Uppsamling, Index.
Stoppa prenumeration
Meddelande till ListMaster