From 03f785e953ae1e7d6025244ef0ebb28958c1817f Mon Sep 17 00:00:00 2001 From: Li Zhu Date: Mon, 11 Jul 2022 13:04:13 -0400 Subject: [PATCH] Debian - Fix update ca certs command Correct update ca certs command for Debian. Test Plan: Verify: Bootstrap and adding a Subcloud on Debian Verify: Bootstrap and adding a Subcloud on Centos Story: 2010119 Task: 45763 Signed-off-by: Li Zhu Change-Id: I4a9d2758ce012557fad4a19b49aa9b5bfe4f1680 --- .../controllerconfig/scripts/controller_config | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/controllerconfig/controllerconfig/scripts/controller_config b/controllerconfig/controllerconfig/scripts/controller_config index b3f7b74170..1a572cc0db 100755 --- a/controllerconfig/controllerconfig/scripts/controller_config +++ b/controllerconfig/controllerconfig/scripts/controller_config @@ -34,6 +34,15 @@ IMA_POLICY=/etc/ima.policy PUPPET_CACHE=/etc/puppet/cache PUPPET_CACHE_TMP=/etc/puppet/cache.tmp ACTIVE_CONTROLLER_NOT_FOUND_FLAG="/var/run/.active_controller_not_found" +CERT_DIR=/etc/pki/ca-trust/source/anchors + +OS_ID=$(grep '^ID=' /etc/os-release | cut -f2- -d= | sed -e 's/\"//g') +if [ "$OS_ID" == "debian" ] +then + UPDATE_CA_CMD="update-ca-certificates --localcertsdir ${CERT_DIR}" +else + UPDATE_CA_CMD="update-ca-trust extract" +fi fatal_error() { @@ -404,13 +413,13 @@ start() if [ -e $CONFIG_DIR/dc-adminep-root-ca.crt ] then - cp $CONFIG_DIR/dc-adminep-root-ca.crt /etc/pki/ca-trust/source/anchors/ + cp $CONFIG_DIR/dc-adminep-root-ca.crt $CERT_DIR if [ $? -ne 0 ] then fatal_error "Unable to copy $CONFIG_DIR/dc-adminep-root-ca.crt to certificates dir" fi # Update system trusted CA cert list with the new CA cert. - update-ca-trust extract + $UPDATE_CA_CMD if [ $? -ne 0 ] then fatal_error "Unable to update system trusted CA certificate list"