/usr/share/doc/p11-kit/examples/trust-extract-compat is in p11-kit 0.23.9-2.
This file is owned by root:root, with mode 0o755.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 | #!/bin/sh
# This script is a placeholder designed to be replaced when this software
# has been customized for distribution. It should be symlinked linked to the
# distribution's update-ca-certificates or update-ca-trust command as
# appropriate. In the future this script will be called when the PKCS#11
# trust module is used to modifiy trust anchors and related data.
if [ $# -ne 0 ]; then
echo "usage: trust extract-compat" >&2
exit 2
fi
uid=$(id -u)
if [ "$uid" != 0 ]; then
echo "trust: running as non-root user: skip extracting compat bundles" >&2
exit 0
fi
echo "trust: the placeholder extract-compat command has not been customized by your distribution." >&2
# You can use commands like this to extract data from trust modules
# into appropriate locations for your distribution.
#
# trust extract --format=openssl-bundle --filter=ca-anchors \
# --overwrite /tmp/openssl-bundle.pem
# trust extract --format=pem-bundle --filter=ca-anchors --overwrite \
# --purpose server-auth /tmp/server-auth-bundle.pem
# trust extract --format=java-cacerts --filter=ca-anchors --overwrite \
# --purpose server-auth /tmp/cacerts
exit 1
|