Provide a hook for TLS cert delivery by updates.img.

Note this is of little use in a PXE environment today, as MITM to the initrd or ipxe subverts all of this. This however is interesting for secure boot environments and remote media boot strap to provide an unbroken trust chain git-svn-id: https://svn.code.sf.net/p/xcat/code/xcat-core/branches/2.7@14442 8638fb3e-16cb-4fca-ae20-7b5d299a9bcd
2012-11-27 19:24:48 +00:00 · 2012-11-27 19:24:48 +00:00 · 4633498a4b
commit 4633498a4b
parent 0a521cb31a
1 changed files with 4 additions and 0 deletions
--- a/xCAT-server/share/xcat/install/scripts/pre.rh
+++ b/xCAT-server/share/xcat/install/scripts/pre.rh
@ -9,6 +9,10 @@ do
 done
 chmod 644 /dev/vcs*
 chown root /dev/vcs*
+if [ -r /tmp/updates/etc/pki/tls/certs/ca-bundle.crt ]; then
+        cp -f /tmp/updates/etc/pki/tls/certs/ca-bundle.crt /etc/pki/tls/certs/
+fi
+

 cat >/tmp/foo.py <<EOF
 #!/usr/bin/python