summary refs log tree commit diff
diff options
context:
space:
mode:
authorMark H Weaver <mhw@netris.org>2015-03-03 02:06:27 -0500
committerMark H Weaver <mhw@netris.org>2015-03-03 13:49:12 -0500
commite33eea8ffd5d7e678107103b14989a41f27a1c34 (patch)
tree10c10fc032c2a7634bcf39e26a66613a2fcdd8b4
parentbd4c47a47e3d2245970fb7895f50167426b73dbc (diff)
downloadguix-e33eea8ffd5d7e678107103b14989a41f27a1c34.tar.gz
Revert "system: Add 'x509-certificates' field, and populate /etc/ssl/certs."
This reverts commit e979e6dd523acaa2a089f1b8f44e34c1e5b7d32d.
-rw-r--r--doc/guix.texi13
-rw-r--r--gnu/system.scm8
2 files changed, 0 insertions, 21 deletions
diff --git a/doc/guix.texi b/doc/guix.texi
index 4be545ea79..bd8091ae51 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -3882,19 +3882,6 @@ Configuration of libc's name service switch (NSS)---a
 @code{<name-service-switch>} object.  @xref{Name Service Switch}, for
 details.
 
-@item @code{x509-certificates} (default: @var{nss-certs})
-This field's value must be a package containing X.509 certificates for
-so-called ``Certification Authorities'' (CAs) that is made available in
-the @file{/etc/ssl/certs} directory.  Currently this directory is
-accessed by applications using either the GnuTLS library or the OpenSSL
-library.
-
-By default, certificates from
-@uref{https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS,
-Mozilla's Network Security Services} are used.  These are the
-certificates shipped by Mozilla browsers and derivatives such as
-GNU@tie{}IceCat.
-
 @item @code{services} (default: @var{%base-services})
 A list of monadic values denoting system services.  @xref{Services}.
 
diff --git a/gnu/system.scm b/gnu/system.scm
index 1c2c986436..3fe78339b7 100644
--- a/gnu/system.scm
+++ b/gnu/system.scm
@@ -42,7 +42,6 @@
   #:use-module (gnu packages compression)
   #:use-module (gnu packages firmware)
   #:autoload   (gnu packages cryptsetup) (cryptsetup)
-  #:use-module (gnu packages certs)
   #:use-module (gnu services)
   #:use-module (gnu services dmd)
   #:use-module (gnu services base)
@@ -78,7 +77,6 @@
             operating-system-locale-definitions
             operating-system-mapped-devices
             operating-system-file-systems
-            operating-system-x509-certificates
             operating-system-activation-script
 
             operating-system-derivation
@@ -142,8 +140,6 @@
                       (default %default-locale-definitions))
   (name-service-switch operating-system-name-service-switch ; <name-service-switch>
                        (default %default-nss))
-  (x509-certificates operating-system-x509-certificates     ; package
-                     (default nss-certs))
 
   (services operating-system-user-services        ; list of monadic services
             (default %base-services))
@@ -416,7 +412,6 @@ settings for 'guix.el' to work out-of-the-box."
                         (pam-services '())
                         (profile "/run/current-system/profile")
                         hosts-file nss
-                        x509-certificates
                         (sudoers ""))
   "Return a derivation that builds the static part of the /etc directory."
   (mlet* %store-monad
@@ -466,8 +461,6 @@ export ASPELL_CONF=\"dict-dir $HOME/.guix-profile/lib/aspell\"
                 `(("services" ,#~(string-append #$net-base "/etc/services"))
                   ("protocols" ,#~(string-append #$net-base "/etc/protocols"))
                   ("rpc" ,#~(string-append #$net-base "/etc/rpc"))
-                  ("ssl" ,#~(string-append #$x509-certificates
-                                           "/etc/ssl")) ;for OpenSSL & co.
                   ("emacs" ,#~#$emacs)
                   ("pam.d" ,#~#$pam.d)
                   ("login.defs" ,#~#$login.defs)
@@ -530,7 +523,6 @@ export ASPELL_CONF=\"dict-dir $HOME/.guix-profile/lib/aspell\"
                   #:timezone (operating-system-timezone os)
                   #:hosts-file /etc/hosts
                   #:sudoers (operating-system-sudoers os)
-                  #:x509-certificates (operating-system-x509-certificates os)
                   #:profile profile-drv)))
 
 (define %setuid-programs