I'm open to putting a fix in Debian. I haven't come up with a solution that I'm happy with and don't currently have a lot of time to work on this.
I think Paride Legovini's "wall-of-text" post is on the right track, but I would really prefer to avoid asking a question about this. Anything in configure-instance.sh needs to be init system agnostic. I don't mind a systemd specific solution since that's our default init, but not in configure-instance.sh (no idea if there is one, but that's a boundary condition to a proper fix in my view). If someone comes up with a patch, I can test it and will be glad to land it in Debian if suitable and functional. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ca-certificates in Ubuntu. https://bugs.launchpad.net/bugs/1915238 Title: warning: /var/spool/postfix/etc/ssl/certs/ca-certificates.crt and /etc/ssl/certs/ca-certificates.crt differ Status in ca-certificates package in Ubuntu: New Status in postfix package in Ubuntu: Triaged Status in postfix package in Debian: New Bug description: Postfix package doesn't utilize update-ca-certificate's hooks mechanism. By simply copying certs from /etc/ssl/certs/ca- certificates.crt to /var/spool/postfix/etc/ssl/certs/ca- certificates.crt, this warning and potential security issues could be avoided. Something like this would be a start: $ cat /etc/ca-certificates/update.d/postfix #!/bin/bash if [ -e /var/spool/postfix/etc/ssl/certs/ca-certificates.crt ]; then echo "Updating postfix chrooted certs" cp /etc/ssl/certs/ca-certificates.crt /var/spool/postfix/etc/ssl/certs/ca-certificates.crt systemctl reload postfix fi To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/1915238/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
