|
 |
da373f |
From 315bf96d182d5626e5935aaf57b0787fedffc62b Mon Sep 17 00:00:00 2001
|
|
|
3efd08 |
From: Pino Toscano <ptoscano@redhat.com>
|
|
|
3efd08 |
Date: Mon, 4 May 2020 12:15:43 +0200
|
|
|
3efd08 |
Subject: [PATCH] sysprep: ca-certificates: request system CA store update
|
|
|
3efd08 |
|
|
|
3efd08 |
In case any certificate is removed from the guest, regenerate the system
|
|
|
3efd08 |
CA store.
|
|
|
3efd08 |
|
|
|
3efd08 |
(cherry picked from commit b9065fa7adc93123c53f4827e11dad6b210b7d4b)
|
|
|
3efd08 |
---
|
|
|
3efd08 |
sysprep/sysprep_operation_ca_certificates.ml | 8 +++++++-
|
|
|
3efd08 |
1 file changed, 7 insertions(+), 1 deletion(-)
|
|
|
3efd08 |
|
|
|
3efd08 |
diff --git a/sysprep/sysprep_operation_ca_certificates.ml b/sysprep/sysprep_operation_ca_certificates.ml
|
|
|
3efd08 |
index e481cebf8..a2b7986c1 100644
|
|
|
3efd08 |
--- a/sysprep/sysprep_operation_ca_certificates.ml
|
|
|
3efd08 |
+++ b/sysprep/sysprep_operation_ca_certificates.ml
|
|
|
3efd08 |
@@ -39,7 +39,11 @@ let ca_certificates_perform (g : Guestfs.guestfs) root side_effects =
|
|
|
3efd08 |
let set = StringSet.diff set excepts in
|
|
|
3efd08 |
StringSet.iter (
|
|
|
3efd08 |
fun filename ->
|
|
|
3efd08 |
- try g#rm filename with G.Error _ -> ()
|
|
|
3efd08 |
+ try
|
|
|
3efd08 |
+ g#rm filename;
|
|
|
3efd08 |
+ side_effects#update_system_ca_store ()
|
|
|
3efd08 |
+ with
|
|
|
3efd08 |
+ G.Error _ -> ()
|
|
|
3efd08 |
) set
|
|
|
3efd08 |
)
|
|
|
3efd08 |
|
|
|
3efd08 |
@@ -48,6 +52,8 @@ let op = {
|
|
|
3efd08 |
name = "ca-certificates";
|
|
|
3efd08 |
enabled_by_default = false;
|
|
|
3efd08 |
heading = s_"Remove CA certificates in the guest";
|
|
|
3efd08 |
+ pod_description = Some (s_"\
|
|
|
3efd08 |
+In case any certificate is removed, the system CA store is updated.");
|
|
|
3efd08 |
perform_on_filesystems = Some ca_certificates_perform;
|
|
|
3efd08 |
}
|
|
|
3efd08 |
|
|
|
3efd08 |
--
|
|
|
da373f |
2.18.4
|
|
|
3efd08 |
|