nss :improve reproducibility

- Explicitly requests the newer database `sql:' rather than
  retrieved from NSS_DEFAULT_DB_TYPE

- Removes build path prefix from pkcs11.txt

Refers certutil manual:
[certutil manual]
-d [prefix]directory
 Specify the database directory containing the certificate and key database files.
 certutil supports two types of databases: the legacy security databases (cert8.db,
  key3.db, and secmod.db) and new SQLite databases (cert9.db, key4.db, and pkcs11.txt).

 NSS recognizes the following prefixes:
  sql: requests the newer database
  dbm: requests the legacy database
 If no prefix is specified the default type is retrieved from NSS_DEFAULT_DB_TYPE.
 If NSS_DEFAULT_DB_TYPE is not set then dbm: is the default.
[certutil manual]

(From OE-Core rev: e9b99efe4b5cf7e810156f7bb55736e01be36a45)

Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

meta/recipes-support/nss/nss_3.38.bb

@@ -215,9 +215,11 @@ do_install_append_class-target() {
     # Create a blank certificate
     mkdir -p ${D}${sysconfdir}/pki/nssdb/
     touch ./empty_password
-    certutil -N -d ${D}${sysconfdir}/pki/nssdb/ -f ./empty_password
+    certutil -N -d sql:${D}${sysconfdir}/pki/nssdb/ -f ./empty_password
     chmod 644 ${D}${sysconfdir}/pki/nssdb/*.db
     rm ./empty_password
+    # Remove build path prefix
+    sed -i "s:${D}::g"  ${D}${sysconfdir}/pki/nssdb/pkcs11.txt
 }
 
 PACKAGE_WRITE_DEPS += "nss-native"