On 01/19/2012 07:26 AM, Mike Hommey wrote:
He is talking about runtime detection. Not build time detection. And we
already have --with-system-nss. My point is that it's probably not worth
trying to do runtime detection because few systems will have the right
system nss anyways.
I've been lurking on this thread. There seems to be an assumption that
on Linux system NSS won't be current, won't be available and you might
deploy something which has a dependency that can't be detected and
satisfied during installation.
At least on RPM based systems (Fedora and RHEL in particular) none of
this is true. When packages are built you have to opportunity to express
the dependency, the installer won't install the package unless the
dependencies can be satisfied and the installer knows how to locate and
download the dependencies. Also, when there is a dependency affecting
other packages there is a coordinated effort update things in unison.
Can't speak for Debian based systems, but my understanding is they have
similar facilities.
So what's the problem with using system NSS?
BTW, the practice of not using system NSS with firefox massively broke
things for us recently, one of the clear downsides of using private
versions of NSS independent of the global system environment. Would
truly like to avoid that experience again.
--
John Dennis <jden...@redhat.com>
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
