From f7616c4f5e2c869192f353843a31eff7dab68d7f Mon Sep 17 00:00:00 2001 From: "Ricardo M. Correia" Date: Thu, 16 Feb 2017 22:06:57 +0100 Subject: [PATCH] openntpd: fix constraints feature on NixOS The OpenNTPD constraints feature requires a valid chain of SSL certificates, but the default path in openntpd didn't match the one in NixOS. Unfortunately the configured certificate path becomes hardcoded into the binary, so this feature will likely still fail on other distributions/operating systems, unless the path coincides with the NixOS path or the user sets up a symlink. --- pkgs/tools/networking/openntpd/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/pkgs/tools/networking/openntpd/default.nix b/pkgs/tools/networking/openntpd/default.nix index 2b2b441f2f98..7e1c257ec4b6 100644 --- a/pkgs/tools/networking/openntpd/default.nix +++ b/pkgs/tools/networking/openntpd/default.nix @@ -17,6 +17,7 @@ stdenv.mkDerivation rec { "--with-privsep-user=${privsepUser}" "--sysconfdir=/etc" "--localstatedir=/var" + "--with-cacert=/etc/ssl/certs/ca-certificates.crt" ]; buildInputs = [ libressl ];