Message ID | 20180820130914.22377-8-mirza.krak@northern.tech |
---|---|
State | Changes Requested |
Headers | show |
Series | various improvements to package/mender | expand |
Hello, On Mon, 20 Aug 2018 15:09:07 +0200, Mirza Krak wrote: > Mender uses TLS to community with the management server, > and if CA signed certificates are used we must have > the ca-certificates package installed to be able to > verify these. > > Signed-off-by: Mirza Krak <mirza.krak@northern.tech> I am not sure we want to make this a mandatory dependency. If people are using a management server that provides a CA signed certificate, then they should add the ca-certificates package to their build. Perhaps this belongs more to a note in the Config.in help text. Or maybe even Mender deserves a package/mender/readme.txt, which a bit like boot/grub2/readme.txt, would give more details about Mender's integration in Buildroot. Thomas
On Mon, Aug 20, 2018 at 4:54 PM, Thomas Petazzoni <thomas.petazzoni@bootlin.com> wrote: > Hello, > > On Mon, 20 Aug 2018 15:09:07 +0200, Mirza Krak wrote: >> Mender uses TLS to community with the management server, >> and if CA signed certificates are used we must have >> the ca-certificates package installed to be able to >> verify these. >> >> Signed-off-by: Mirza Krak <mirza.krak@northern.tech> > > I am not sure we want to make this a mandatory dependency. If people > are using a management server that provides a CA signed certificate, > then they should add the ca-certificates package to their build. > > Perhaps this belongs more to a note in the Config.in help text. Or > maybe even Mender deserves a package/mender/readme.txt, which a bit like > boot/grub2/readme.txt, would give more details about Mender's > integration in Buildroot. Makes sense. Thanks for the hint on creating a readme.txt. Will make so sure to do that.
On 20/08/2018 19:33, Mirza Krak wrote: > On Mon, Aug 20, 2018 at 4:54 PM, Thomas Petazzoni > <thomas.petazzoni@bootlin.com> wrote: >> Hello, >> >> On Mon, 20 Aug 2018 15:09:07 +0200, Mirza Krak wrote: >>> Mender uses TLS to community with the management server, >>> and if CA signed certificates are used we must have >>> the ca-certificates package installed to be able to >>> verify these. >>> >>> Signed-off-by: Mirza Krak <mirza.krak@northern.tech> >> >> I am not sure we want to make this a mandatory dependency. If people >> are using a management server that provides a CA signed certificate, >> then they should add the ca-certificates package to their build. >> >> Perhaps this belongs more to a note in the Config.in help text. Or >> maybe even Mender deserves a package/mender/readme.txt, which a bit like >> boot/grub2/readme.txt, would give more details about Mender's >> integration in Buildroot. > > Makes sense. > > Thanks for the hint on creating a readme.txt. Will make so sure to do that. > Assuming you're going to create this readme.txt, I've marked this patch as Changes Requested. Regards, Arnout
diff --git a/package/mender/Config.in b/package/mender/Config.in index aeb0b2694f..853a472ea1 100644 --- a/package/mender/Config.in +++ b/package/mender/Config.in @@ -5,6 +5,7 @@ config BR2_PACKAGE_MENDER depends on BR2_TOOLCHAIN_HAS_THREADS select BR2_PACKAGE_UBOOT_TOOLS # runtime select BR2_PACKAGE_UBOOT_TOOLS_FWPRINTENV # runtime + select BR2_PACKAGE_CA_CERTIFICATES # runtime help Mender is an open source over-the-air (OTA) software updater for embedded Linux devices. Mender comprises a client
Mender uses TLS to community with the management server, and if CA signed certificates are used we must have the ca-certificates package installed to be able to verify these. Signed-off-by: Mirza Krak <mirza.krak@northern.tech> --- Changes in V2: - Added #runtime to hint that this not a build dependency package/mender/Config.in | 1 + 1 file changed, 1 insertion(+) -- 2.11.0