Here is how I experienced what I've reported. I have the certificates for sendmail in /etc/mail/tls, a list of *.crt files. To have everything ok for sendmail, I need to have those certificates in /etc/ssl/certs with the special name "hash".0. As the name "hash".0 is not easy to maintain, I just create symlinks in /etc/ssl/certs using :
$ cd /etc/ssl/certs $ ln -s /etc/mail/tls/foo.crt `openssl x509 -noout -hash < /etc/mail/tls/foo.crt`.0 Then, each time I let ubuntu/debian upgrade the ca-certificates package, my symlinks disapear. Proof: [EMAIL PROTECTED]:/etc/ssl # cp -a certs certs-orig [EMAIL PROTECTED]:/etc/ssl # apt-get --reinstall install ca-certificates Reading package lists... Done Building dependency tree Reading state information... Done 0 upgraded, 0 newly installed, 1 reinstalled, 0 to remove and 1 not upgraded. Need to get 97.3kB of archives. After unpacking 0B of additional disk space will be used. Do you want to continue [Y/n]? y Get:1 http://archive.ubuntu.com gutsy/main ca-certificates 20070303 [97.3kB] Fetched 97.3kB in 0s (185kB/s) Preconfiguring packages ... (Reading database ... 145428 files and directories currently installed.) Preparing to replace ca-certificates 20070303 (using .../ca-certificates_20070303_all.deb) ... Unpacking replacement ca-certificates ... Setting up ca-certificates (20070303) ... Updating certificates in /etc/ssl/certs....done. Now I check: [EMAIL PROTECTED]:/etc/ssl # diff -qr certs-orig certs Only in certs-orig: 4f293038.0 Only in certs-orig: 627c1091.0 .....more files only in certs-orig... diff: certs-orig/cacert.org.pem: No such file or directory diff: certs/cacert.org.pem: No such file or directory <===== broken symlink (*) [EMAIL PROTECTED]:/etc/ssl # ls -l certs-orig/4f293038.0 lrwxrwxrwx 1 root root 33 2007-05-14 22:13 certs-orig/4f293038.0 -> /etc/mail/tls/sendmail-server.crt [EMAIL PROTECTED]:/etc/ssl # ls -l certs-orig/627c1091.0 lrwxrwxrwx 1 root root 33 2007-05-14 22:13 certs-orig/627c1091.0 -> /etc/mail/tls/xxxxxxxxx.org.crt bingo, those two certs were for sendmail and they are gone. (*) broken symlink: [EMAIL PROTECTED]:/etc/ssl # ls -l certs/cacert.org.pem lrwxrwxrwx 1 root root 52 2007-03-22 00:51 certs/cacert.org.pem -> /usr/share/ca-certificates/cacert.org/cacert.org.crt [EMAIL PROTECTED]:/etc/ssl # ls -l /usr/share/ca-certificates/cacert.org/cacert.org.crt ls: /usr/share/ca-certificates/cacert.org/cacert.org.crt: No such file or directory -- ca-certificates removes all users certificates in /etc/ssl/certs https://bugs.launchpad.net/bugs/114495 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
