From aa7c7f21b39a63e1e9d25bf5ea7f94aa919bd872 Mon Sep 17 00:00:00 2001 From: Mark H Weaver Date: Tue, 18 Feb 2014 21:30:53 -0500 Subject: gnu: gnutls: Configure location of system-wide trust store. * gnu/packages/gnutls.scm (gnutls): Configure the location of the system-wide trust store. --- gnu/packages/gnutls.scm | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/gnu/packages/gnutls.scm b/gnu/packages/gnutls.scm index ee75e84957..d3097a6751 100644 --- a/gnu/packages/gnutls.scm +++ b/gnu/packages/gnutls.scm @@ -81,7 +81,17 @@ specifications.") '(#:configure-flags (list (string-append "--with-guile-site-dir=" (assoc-ref %outputs "out") - "/share/guile/site/2.0")))) + "/share/guile/site/2.0") + ;; GnuTLS doesn't consult any environment variables to specify + ;; the location of the system-wide trust store. Instead it has a + ;; configure-time option. Unless specified, its configure script + ;; attempts to auto-detect the location by looking for common + ;; places in the filesystem, none of which are present in our + ;; chroot build environment. If not found, then no default trust + ;; store is used, so each program has to provide its own + ;; fallback, and users have to configure each program + ;; independently. This seems suboptimal. + "--with-default-trust-store-dir=/etc/ssl/certs"))) (native-inputs `(("pkg-config" ,pkg-config))) (inputs -- cgit 1.4.1