Description of problem: NSS installs several files classified as system configuration files. These are the nss certificate and key databases, both legacy format and shareddb format, secmod.db and the pkcs11.txt. The last one is obviously a configuration file and the other ones one could argue either way. It will be a requirement for the next major update of Red Hat Enterprise Linux that all configuration files be documented. Version-Release number of selected component (if applicable): nss-3.15.1-1. How reproducible: always Steps to Reproduce: Examine nss.spec which enumerates the followeing files to install: %files .... %config(noreplace) %verify(not md5 size mtime) %{_sysconfdir}/pki/nssdb/cert8.db %config(noreplace) %verify(not md5 size mtime) %{_sysconfdir}/pki/nssdb/key3.db %config(noreplace) %verify(not md5 size mtime) %{_sysconfdir}/pki/nssdb/secmod.db %files sysinit ... %config(noreplace) %verify(not md5 size mtime) %{_sysconfdir}/pki/nssdb/cert9.db %config(noreplace) %verify(not md5 size mtime) %{_sysconfdir}/pki/nssdb/key4.db %config(noreplace) %verify(not md5 size mtime) %{_sysconfdir}/pki/nssdb/pkcs11.txt Actual results: There are no pages for this files. Expected results: The above files have man pages installed as man(5) Additional info: The databases just need very simple documentation. On the other hand, writing a full-fleged man page for pkcs11.txt would be a difficult task. It is based on the PKCS #11 module spec documented at https://developer.mozilla.org/en-US/docs/PKCS11_Module_Specs It has has a lot of nested structure. Rather than replicate that document in docbook format thatuse us for generating man pages, I propose that, at least intially, we create a rather simple man page to that just points the reader to the upstream document. It is very unlikely that a system admistrator will be troubleshooting a broken system on some deserted island without inernet access and have the need to look up the archana that such man page would document :-)
Created attachment 774539 [details] man pages for cert{8|9}.db, key{3|4}.db, secmod.db and pkcs11.txt This is a first cut. it includes the changes to the spec file a-d also for two other man related bugs. I'll split it into speparate parts if it turns out be hard to read. Let's see.
Created attachment 774548 [details] man pages for cert{8|9}.db, key{3|4}.db, secmod.db and pkcs11.txt This bug file also has the fixes for certutil, cmsutil, crlutil that are for bug 984106 and the upstream bug. I can split it into parts for easier review.
Comment on attachment 774539 [details] man pages for cert{8|9}.db, key{3|4}.db, secmod.db and pkcs11.txt Duplicate attachment.
Created attachment 774550 [details] changes to nss.spc in patch format
Created attachment 775000 [details] Ugly docbook for pkcs11.txt - for discussion This is what a real manpage for pkcs11.txt would look like and I this one if far from complete. You can see the remaining descriptins as a big block of comments. It has a lot of nesting of refsections inside valistenries within variable lists. Perhaps I could have chosen simpler entities for the enumartions and the list. My XML and Docbbok knowledege is merely fair, certainly not good enough. That's why, for reasons of expediency, I have opted for a simple one that just contains the url to the gory details upstream at least for now. Deon, do you know of a better way to tackle this? -Elio
Comment on attachment 774550 [details] changes to nss.spc in patch format Cancelling the review request on the nss.spec changes because it's best to deal with this bug after we have taken care of the other two: 1) rhbz#982856 - nss-sysinit man page has wrong path for script ... This is a trivial fix. 2) rhbz#984106 - Fixes for the {cert|cms|crl}util man pages ... This one Kai reviewed it upstream and I'll apply that revised patch.
nss-3.15.1-3.fc19 has been submitted as an update for Fedora 19. https://admin.fedoraproject.org/updates/nss-3.15.1-3.fc19
Package nss-3.15.1-3.fc19: * should fix your issue, * was pushed to the Fedora 19 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing nss-3.15.1-3.fc19' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2013-14189/nss-3.15.1-3.fc19 then log in and leave karma (feedback).
nss-3.15.1-3.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.