Package mod_nss requires: /usr/lib64/libnssckbi.so Why this is a problem: 1. DNF5 stops to download filelists as a default therefore `mod_nss` will be not installable 2. It is against Fedora packaging guidelines to require files outside of `/etc`, `/usr/(s)bin`. Possible solution: 1. use only file provides from `/etc`, `/usr/(s)bin` (follow packaging guidelines please) or other provides from package providing required functionality 2. Request explicit provide of `/usr/lib64/libnssckbi.so` in package providers of the file like `Provides: /usr/lib64/libnssckbi.so`. This is a workaround that resolves the issue, but it is not according to the guidelines. This issue will appear after DNF5 adoption, because DNF5 does not download filelists by default. The problem will not be in DNF5 because it is caused by not following packaging guidelines. DNF downloaded always filelists to prevent the issue. There are only few remaining packages that has the issue therefore it is time to improve an efficiency of Fedora distribution. Reproducible: Always
Specifically the guideline is documented at https://docs.fedoraproject.org/en-US/packaging-guidelines/#_file_and_directory_dependencies We can change the Requires to p11-kit-trust which provides this library but the mechanism to load the library, which contains the root certs, will need to be revisited. If it is not present in the directory that contains the NSS database then the public roots are not available. This has been a problem over the years and has spawned a few bugs.