12:55:16 <jperkin> papertigers: I've imported the latest 4.18.x release https://github.com/TritonDataCenter/pkgsrc-extra/commit/d9903921268e31c432ec9ab9fd1756faff169269
12:55:24 <jperkin> I'll get that in the next build, it works fine in my testing
12:58:55 <jperkin> if you want it sooner 'pkg_add -U https://us-central.manta.mnx.io/pkgsrc/public/test-packages/samba-4.18.11.tgz', though you'll need to pkg_delete ldb first as it now conflicts
18:10:32 <xmerlin> jperkin, The compilation of some packages produces errors such as 'is not a runtime dependency', for example, postfix. 
18:10:50 <xmerlin> on 2023Q4
19:06:24 <jperkin> yeh that's a side-effect of improved consistency checks I made, the problem is they don't yet account for the situation where a package is already installed, as that never happens for pristine builds
19:06:28 <jperkin> I need to add that case
19:28:33 <jfqd1> jperkin: I do have one smartos zone with a pkgin ug issue. All other zones are fine, only this one fails to update.
19:28:33 <jfqd1> The zone has the latest updates. But when I run pkgin up I get the following error:
19:28:33 <jfqd1> processing remote summary (https://pkgsrc.qutic.com/packages/SmartOS/trunk/x86_64/All)...
19:28:33 <jfqd1> 01000000:error:0A000086:SSL routines:tls_post_process_server_certificate:certificate verify failed:ssl/statem/statem_clnt.c:1889:
19:28:34 <jfqd1> 01000000:error:0A000086:SSL routines:tls_post_process_server_certificate:certificate verify failed:ssl/statem/statem_clnt.c:1889:
19:28:34 <jfqd1> 01000000:error:0A000086:SSL routines:tls_post_process_server_certificate:certificate verify failed:ssl/statem/statem_clnt.c:1889:
19:28:35 <jfqd1> pkgin: Could not fetch https://pkgsrc.qutic.com/packages/SmartOS/trunk/x86_64/All/pkg_summary.gz: Not owner
19:28:36 <jfqd1> That is so strange. mozilla-rootcerts-1.0 is from 20240214. Any idea what can cause this cert validation issue?
19:37:32 <jperkin> newer pkgin has stricter certificate checks, is your cert correctly chained back to a root?
19:41:15 <jfqd1> jperkin: the zone is an old one, always updated. on the nower zone I do not get this errors. The cert is validating elswere, has cert + intermediate.
19:41:52 <jfqd1> s/nower/newer/
19:42:23 <jperkin> one thing to note with mozilla-rootcerts is that updating the package doesn't actually update the installed certs, which is why I recently switched to mozilla-rootcerts-openssl, so if the zone was originally installed a long time ago the installed certs might be outdated
19:45:59 <jfqd1> jperkin: Ah, that could be the thing!
19:46:31 <jfqd1> Any idea how I can update the certs in this zone? Or should I recreate it?
19:46:41 <xmerlin> jperkin, same problem on some packages even if they are not installed
19:50:04 <xmerlin> Some packages work perfectly on the 2022Q4, for example, Percona 5.7.44.49 / Percona 8.0.34, but are not stable on the 2023Q4. For instance, the MySQL client crashes when connecting to the server. MySQL 5.7.44 works as expected.
19:51:00 <jperkin> jfqd1: installing mozilla-rootcerts-openssl over the top should fix it, if you don't have any of your own certs installed then before the install you could rm /opt/local/etc/openssl/certs/* to ensure there are no leftovers first
19:51:51 <jperkin> xmerlin: there are still some packages that have legit dependency issues, if it's a package that builds fine for me then it'd be interesting to see what's happening
19:52:00 <jperkin> xmerlin: and please raise issues for any crashes so we can look
19:52:51 <jfqd1> jperkin: yes, that did it! Thx a lot!
19:53:13 <xmerlin> jperkin, ok