I've known about this pkg-plist omission for a long time and it keeps biting me in synth test mode, so I'm opening a PR on it: ========================< phase : deinstall >======================== => Checking shared library dependencies ===> Deinstalling for ca_root_nss ===> Deinstalling ca_root_nss-3.27 Updating database digests format: ..... done Checking integrity... done (0 conflicting) Deinstallation has been requested for the following 1 packages (of 0 packages in the universe): Installed packages to be REMOVED: ca_root_nss-3.27 Number of packages to be removed: 1 [1/1] Deinstalling ca_root_nss-3.27... [1/1] Deleting files for ca_root_nss-3.27: ....... done => Checking for system changes between staging and package deinstallation Left over files/directories: etc/ssl =========================================================================== presumably it just needs a "@dir" in the pkg-plist. I'll try to come up with a patch soon
hmm, this might be caused by another port, e.g. security/libressl
Created attachment 175308 [details] fix stage-QA check by fixing pkg-plist It *is* this port. I was looking at /usr/local/etc/ssl, but the issue was /etc/ssl, caused by this port. I've submitted a patch for approval.
security team, can somebody approve this patch? This appears to be a no-brainer to me.
Approved
A commit references this bug: Author: marino Date: Sun Oct 9 01:09:57 UTC 2016 New revision: 423559 URL: https://svnweb.freebsd.org/changeset/ports/423559 Log: security/ca_root_nss: adjust pkg-plist to address leftover directory The port creates /etc/ssl directory with the default option, but until now, did not remove it upon deinstallation. While technically this requires a revbump, rebuilding this port to fix a cleanup step would cause a tremendous amount of fallout and it's not worth the pain IMO. PR: 213121 Approved by: feld (ports-secteam) Changes: head/security/ca_root_nss/pkg-plist
Thanks feld!