Open Bug 545037 Opened 10 years ago Updated 6 years ago

Review Gentoo Linux's NSS package files

Categories

(NSS :: Build, defect, minor)

x86
Linux
defect
Not set
minor

Tracking

(Not tracked)

ASSIGNED

People

(Reporter: wtc, Assigned: wtc)

Details

I'd like to review how Gentoo Linux builds and installs its NSS package.
I do this review as a voluntary service.

Gentoo Linux's NSS package files can be found at
http://sources.gentoo.org/viewcvs.py/gentoo-x86/dev-libs/nss/
Wan-Teh, I should have mentioned the only ebuilds that will take changes are the latest. I will not backport the changes to older builds for gentoo due to our stable keywords. Everything has to go threw testing before we move to stable.
Comments on nss-3.12.5.ebuild, rev. 1.9:

1. In src_compile(), it should not be necessary to specify
  export USE_SYSTEM_ZLIB=1
  export ZLIB_LIBS=-lz
because those two variables are already set in
mozilla/security/coreconf/Linux.mk.

2. In src_install(), do NOT install the *.a files.
The only exception might be libcrmf.a, which is needed by
Mozilla.  NSS (and NSPR too) is distributed as shared libraries.

3. In src_install(), do NOT install private/nss/*.h.  Those
are NSS private headers.

4. I recommend that you install NSS shared libraries in /usr/lib
instead of /usr/lib/nss, unless this is a Gentoo Linux policy.

5. In src_install(), do NOT install all the NSS command-line
utilities.  You should only install the following tools:
* The tools that have a manual page at
  http://www.mozilla.org/projects/security/pki/nss/tools/
* The tools that Sun ships in its NSS package:
  http://mxr.mozilla.org/security/source/security/nss/pkg/solaris/SUNWtlsu/prototype_com

6. See the NSPR bug 545036 comment 1 regarding the SONAME issue.
That's a controversial issue, so I'd like to address the other
issues first.
(In reply to comment #2)
> Comments on nss-3.12.5.ebuild, rev. 1.9:
> 
> 1. In src_compile(), it should not be necessary to specify
>   export USE_SYSTEM_ZLIB=1
>   export ZLIB_LIBS=-lz
> because those two variables are already set in
> mozilla/security/coreconf/Linux.mk.
> 
> 2. In src_install(), do NOT install the *.a files.
> The only exception might be libcrmf.a, which is needed by
> Mozilla.  NSS (and NSPR too) is distributed as shared libraries.
> 
> 3. In src_install(), do NOT install private/nss/*.h.  Those
> are NSS private headers.
> 
> 4. I recommend that you install NSS shared libraries in /usr/lib
> instead of /usr/lib/nss, unless this is a Gentoo Linux policy.
> 
> 5. In src_install(), do NOT install all the NSS command-line
> utilities.  You should only install the following tools:
> * The tools that have a manual page at
>   http://www.mozilla.org/projects/security/pki/nss/tools/
> * The tools that Sun ships in its NSS package:
>  
> http://mxr.mozilla.org/security/source/security/nss/pkg/solaris/SUNWtlsu/prototype_com
> 
> 6. See the NSPR bug 545036 comment 1 regarding the SONAME issue.
> That's a controversial issue, so I'd like to address the other
> issues first.

All issues have been address with the exception to the SONAME. I still believe this should be officially fixed upstream so distros do not continue to have to forward port a patch for each release, you can find the updated build for gentoo in about an hour at same link.
You need to log in before you can comment on or make changes to this bug.