On Jul 13 11:29, Kevin Oberman wrote:>On Mon, Jul 13, 2015 at 7:03 AM, Matt Smith <fbsd at xtaz.co.uk>
wrote:
>
>> Hi, I use the ports version of OpenSSL for everything and don't
require
>> the base version. As a result I thought I would remove it by adding
>> WITHOUT_OPENSSL into /etc/src.conf and running make delete-old in
/usr/src.
>> However this seems to only want to delete things related to kerberos
and
>> gssapi, which is understandable as they depend on OpenSSL. However it
>> doesn't seem to touch any OpenSSL files at all. Is this a bug or
have I
>> missed something?
>
>Yes. Several critical base system components require the base OpenSL. So, I
>seem to recall that while WITHOUT_OPENSSL will skip the optional SSL stuff,
>I am pretty sure that some of the OpenSSL always are built and are
>considered too critical to rely on a port being installed... like logging
>in, adding users, etc.
See now I assumed that the only things in the base that used it were
Kerberos, GSSAPI, and OpenSSH. If you read the man page for src.conf it
says that setting WITHOUT_OPENSSL also sets WITHOUT_KERBEROS,
WITHOUT_GSSAPI, and WITHOUT_OPENSSH. This makes me think these are the
only things in the base that do actually use OpenSSL?
Maybe there is actually a lot more that does then. Unfortunately being
the base means I can't just use pkg to look at what's registered against
the shared libs.
--
Matt