From d78ec54de6b5ba915445d668ebf292bc9ff38a9a Mon Sep 17 00:00:00 2001 From: Pino Toscano Date: Mon, 4 May 2020 12:15:43 +0200 Subject: [PATCH] sysprep: ca-certificates: request system CA store update In case any certificate is removed from the guest, regenerate the system CA store. (cherry picked from commit b9065fa7adc93123c53f4827e11dad6b210b7d4b) --- sysprep/sysprep_operation_ca_certificates.ml | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/sysprep/sysprep_operation_ca_certificates.ml b/sysprep/sysprep_operation_ca_certificates.ml index e481cebf8..a2b7986c1 100644 --- a/sysprep/sysprep_operation_ca_certificates.ml +++ b/sysprep/sysprep_operation_ca_certificates.ml @@ -39,7 +39,11 @@ let ca_certificates_perform (g : Guestfs.guestfs) root side_effects = let set = StringSet.diff set excepts in StringSet.iter ( fun filename -> - try g#rm filename with G.Error _ -> () + try + g#rm filename; + side_effects#update_system_ca_store () + with + G.Error _ -> () ) set ) @@ -48,6 +52,8 @@ let op = { name = "ca-certificates"; enabled_by_default = false; heading = s_"Remove CA certificates in the guest"; + pod_description = Some (s_"\ +In case any certificate is removed, the system CA store is updated."); perform_on_filesystems = Some ca_certificates_perform; } -- 2.25.4