|
|
d60042 |
From d78ec54de6b5ba915445d668ebf292bc9ff38a9a Mon Sep 17 00:00:00 2001
|
|
|
d60042 |
From: Pino Toscano <ptoscano@redhat.com>
|
|
|
d60042 |
Date: Mon, 4 May 2020 12:15:43 +0200
|
|
|
d60042 |
Subject: [PATCH] sysprep: ca-certificates: request system CA store update
|
|
|
d60042 |
|
|
|
d60042 |
In case any certificate is removed from the guest, regenerate the system
|
|
|
d60042 |
CA store.
|
|
|
d60042 |
|
|
|
d60042 |
(cherry picked from commit b9065fa7adc93123c53f4827e11dad6b210b7d4b)
|
|
|
d60042 |
---
|
|
|
d60042 |
sysprep/sysprep_operation_ca_certificates.ml | 8 +++++++-
|
|
|
d60042 |
1 file changed, 7 insertions(+), 1 deletion(-)
|
|
|
d60042 |
|
|
|
d60042 |
diff --git a/sysprep/sysprep_operation_ca_certificates.ml b/sysprep/sysprep_operation_ca_certificates.ml
|
|
|
d60042 |
index e481cebf8..a2b7986c1 100644
|
|
|
d60042 |
--- a/sysprep/sysprep_operation_ca_certificates.ml
|
|
|
d60042 |
+++ b/sysprep/sysprep_operation_ca_certificates.ml
|
|
|
d60042 |
@@ -39,7 +39,11 @@ let ca_certificates_perform (g : Guestfs.guestfs) root side_effects =
|
|
|
d60042 |
let set = StringSet.diff set excepts in
|
|
|
d60042 |
StringSet.iter (
|
|
|
d60042 |
fun filename ->
|
|
|
d60042 |
- try g#rm filename with G.Error _ -> ()
|
|
|
d60042 |
+ try
|
|
|
d60042 |
+ g#rm filename;
|
|
|
d60042 |
+ side_effects#update_system_ca_store ()
|
|
|
d60042 |
+ with
|
|
|
d60042 |
+ G.Error _ -> ()
|
|
|
d60042 |
) set
|
|
|
d60042 |
)
|
|
|
d60042 |
|
|
|
d60042 |
@@ -48,6 +52,8 @@ let op = {
|
|
|
d60042 |
name = "ca-certificates";
|
|
|
d60042 |
enabled_by_default = false;
|
|
|
d60042 |
heading = s_"Remove CA certificates in the guest";
|
|
|
d60042 |
+ pod_description = Some (s_"\
|
|
|
d60042 |
+In case any certificate is removed, the system CA store is updated.");
|
|
|
d60042 |
perform_on_filesystems = Some ca_certificates_perform;
|
|
|
d60042 |
}
|
|
|
d60042 |
|
|
|
d60042 |
--
|
|
|
b155d0 |
2.26.2
|
|
|
d60042 |
|