While I don't think this blocks on the "how to do" but more than that on the decision to actually do so, I still wanted to list two ways to solve this which we discussed over the last few days.
#1 Interim solution just making selected libs also available at generally consumable places (via symlinks): https://code.launchpad.net/~paelzer/ubuntu/+source/nss/+git/nss/+ref/merge-bionic-freebl3bug-try1 #2 Would keep the file locations, but make all of the libs usable via ld.conf and pkg-config https://code.launchpad.net/~paelzer/ubuntu/+source/nss/+git/nss/+ref/merge-bionic-freebl3bug-try2 BTW - thanks Vincent to dup mine onto this older bug, I missed it when opening mine. And finally - our motivation is also to move away from libtomcrypt (as Vincent). Essentially for the same reasons being mostly lack of updates and a better security maintenance. -- Christian Ehrhardt Software Engineer, Ubuntu Server Canonical Ltd
